1. An auditor is preparing test data for use in the audit of
a computer based accounts receivable application. Which of the following items would be appropriate to include as an item in the test data? a. A transaction record which contains an incorrect master file control total. b. A master file record which contains an invalid customer identification number. c. A master file record which contains an incorrect master file control total. d. A transaction record which contains an invalid customer identification number.
2. Unauthorized alteration of on-line records can be prevented
by employing: a. Key verification. b. Computer sequence checks. c. Computer matching. d. Data base access controls.
3. In auditing through a computer, the test data method is
used by auditors to test the a. Accuracy of input data. b. Validity of the output. c. Procedures contained within the program. d. Normalcy of distribution of test data.
4. The primary reason for internal auditing's involvement in
the development of new computer-based sysstems is to: a. Plan post-implementation reviews. b. Promote adequate controls. c. Train auditors in CBIS techniques. d. Reduce overall audit effort.
5. Processing simulated file data provides the auditor with
information about the reliability of controls from evidence that exists in simulated files. One of the techniques involved in this approach makes use of a. Controlled reprocessing. b. Program code checking. c. Printout reviews. d. Integrated test facility.
120 121
6. The possibility of losing a large amount of information
stored in computer files most likely would be reduced by the use of a. Back-up files b. Check digits c. Completeness tests d. Conversion verification.
7. An integrated test facility (ITF) would be appropriate when
the auditor needs to a. Trace a complex logic path through an application system. b. Verify processing accuracy concurrently with processing. c. Monitor transactions in an application system continuously. d. Verify load module integrity for production programs.
8. Where computer processing is used in significant accounting
applications, internal accounting control procedures may be defined by classifying control procedures into two types: general and a. Administrative. b. Specific. c. Application. d. Authorization.
9. The increased presence of the microcomputer in the
workplace has resulted in an increasing number of persons having access to the computer. A control that is often used to prevent unauthorized access to sensitive programs is: a. Backup copies of the diskettes. b. Passwords for each of the users. c. Disaster-recovery procedures. d. Record counts of the number of input transactions in a batch being processed.
10. Checklists, systems development methodology, and staff
hiring are examples of what type of controls? a. Detective. b. Preventive. c. Subjective. d. Corrective. 122
11. When an on-line, real-time (OLRT) computer-based
processing system is in use, internal control can be strengthened by a. Providing for the separation of duties between keypunching and error listing operations. b. Attaching plastic file protection rings to reels of magnetic tape before new data can be entered on the file. c. Making a validity check of an identification number before a user can obtain access to the computer files. d. Preparing batch totals to provide assurance that file updates are made for the entire input.
12. When auditing "around" the computer, the independent
auditor focuses solely upon the source documents and a. Test data. b. CBIS processing. c. Control techniques. d. CBIS output.
13. One of the features that distinguishes computer
processing from manual processing is a. Computer processing virtually eliminates the occurrence of computational error normally associated with manual processing. b. Errors or fraud in computer processing will be detected soon after their occurrences. c. The potential for systematic error is ordinarily greater in manual processing than in computerized processing. d. Most computer systems are designed so that transaction trails useful for audit purposes do not exist.
14. Company A has recently converted its manual payroll to
a computer-based system. Under the old system, employees who had resigned or been terminated were occasionally kept on the payroll and their checks were claimed and cashed by other employees, in collusion with shop foremen. The controller is concerned that this practice not be allowed to continue under the new system. The best control for preventing this form of "payroll padding" would be to a. Conduct exit interviews with all employees leaving the company, regardless of reason. b. Require foremen to obtain a signed receipt from each employee claiming a payroll check. c. Require the human resources department to authorize all hires and terminations, and to forward a current 123
computerized list of active employee numbers to
payroll prior to processing. Program the computer to reject inactive employee numbers. d. Install time clocks for use by all hourly employees.
15. Compared to a manual system, a CBIS generally
1. Reduces segregation of duties. 2. Increases segregation of duties. 3. Decreases manual inspection of processing results. 4. Increases manual inspection of processing results. a. 1 and 3. b. 1 and 4 c. 2 and 3 d. 2 and 4.
16. One of the major problems in a CBIS is that
incompatible functions may be performed by the same individual. One compensating control for this is the use of a. Echo checks. b. A self-checking digit system. c. Computer generated hash totals. d. A computer log.
17. Which of the following methods of testing application
controls utilizes a generalized audit software package prepared by the auditors? a. Parallel simulation. b. Integrated testing facility approach. c. Test data approach. d. Exception report tests.
18. An unauthorized employee took computer printouts from
output bins accessible to all employees. A control which would have prevented this occurrence is a. A storage/retention control. b. A spooler file control. c. An output review control. d. A report distribution control.
19. Which of the following is a disadvantage of the
integrated test facility approach?
a. In establishing fictitious entities, the auditor may
be compromising audit independence. 124
b. Removing the fictitious transactions from the system
is somewhat difficult and, if not done carefully, may contaminate the client's files. c. ITF is simply an automated version of auditing "around" the computer. d. The auditor may not always have a current copy of the authorized version of the client's program.
20. Totals of amounts in computer-record data fields which
are not usually added for other purposes but are used only for data processing control purposes are called a. Record totals. b. Hash totals. c. Processing data totals. d. Field totals.
21. A hash total of employee numbers is part of the input
to a payroll master file update program. The program compares the hash total to the total computed for transactions applied to the master file. The purpose of this procedure is to: a. Verify that employee numbers are valid. b. Verify that only authorized employees are paid. c. Detect errors in payroll calculations. d. Detect the omission of transaction processing.
22. Generalized audit software is of primary interest to
the auditor in terms of its capability to a. Access information stored on computer files. b. Select a sample of items for testing. c. Evaluate sample test results. d. Test the accuracy of the client's calculations.
ANSWER: A
23. In a computerized sales processing system, which of
the following controls is most effective in preventing sales invoice pricing errors? a. Sales invoices are reviewed by the product managers before being mailed to customers. b. Current sales prices are stored in the computer, and, as stock numbers are entered from sales orders, the computer automatically prices the orders. c. Sales prices, as well as product numbers, are entered as sales orders are entered at remote terminal locations. 125
d. Sales prices are reviewed and updated on a quarterly
basis.
24. Which of the following is likely to be of least
importance to an auditor in reviewing the internal control in a company with a CBIS? a. The segregation of duties within the data processing center. b. The control over source documents. c. The documentation maintained for accounting applications. d. The cost/benefit ratio of data processing operations.
25. For the accounting system of Acme Company, the amounts
of cash disbursements entered into an CBIS terminal are transmitted to the computer that immediately transmits the amounts back to the terminal for display on the terminal screen. This display enables the operator to a. Establish the validity of the account number. b. Verify the amount was entered accurately. c. Verify the authorization of the disbursement. d. Prevent the overpayment of the account.
26. Which of the following audit techniques most likely
would provide an auditor with the most assurance about the effectiveness of the operation of an internal control procedure? a. Inquiry of client personnel. b. Recomputation of account balance amounts. c. Observation of client personnel. d. Confirmation with outside parties.
27. Adequate technical training and proficiency as an
auditor encompasses an ability to understand a CBIS sufficiently to identify and evaluate a. The processing and imparting of information. b. Essential accounting control features. c. All accounting control features. d. The degree to which programming conforms with application of generally accepted accounting principles. 126
28. Adequate control over access to data processing is
required to a. Prevent improper use or manipulation of data files and programs. b. Ensure that only console operators have access to program documentation. c. Minimize the need for backup data files. d. Ensure that hardware controls are operating effectively and as designed by the computer manufacturer.
ANSWER: A
29. When testing a computerized accounting system, which
of the following is not true of the test data approach? a. The test data need consist of only those valid and invalid conditions in which the auditor is interested. b. Only one transaction of each type need be tested. c. Test data are processed by the client's computer programs under the auditor's control. d. The test data must consist of all possible valid and invalid conditions.
30. Which of the following procedures is an example of
auditing "around" the computer? a. The auditor traces adding machine tapes of sales order batch totals to a computer printout of the sales journal. b. The auditor develops a set of hypothetical sales transactions and, using the client's computer program, enters the transactions into the system and observes the processing flow. c. The auditor enters hypothetical transactions into the client's processing system during client processing of live" data. d. The auditor observes client personnel as they process the biweekly payroll. The auditor is primarily concerned with computer rejection of data that fails to meet reasonableness limits.
31. Auditing by testing the input and output of a
computer-based system instead of the computer program itself will 127
a. Not detect program errors which do not show up in the
output sampled. b. Detect all program errors, regardless of the nature of the output. c. Provide the auditor with the same type of evidence. d. Not provide the auditor with confidence in the results of the auditing procedures.
32. Which of the following is an acknowledged risk of
using test data when auditing CBIS records? a. The test data may not include all possible types of transactions. b. The computer may not process a simulated transaction in the same way it would an identical actual transaction. c. The method cannot be used with simulated master records. d. Test data may be useful in verifying the correctness of account balances, but not in determining the presence of processing controls.
33. When the auditor encounters sophisticated computer-
based systems, he or she may need to modify the audit approach. Of the following conditions, which one is not a valid reason for modifying the audit approach? a. More advanced computer systems produce less documentation, thus reducing the visibility of the audit trail. b. In complex comuter-based systems, computer verification of data at the point of input replaces the manual verification found in less sophisticated data processing systems. c. Integrated data processing has replaced the more traditional separation of duties that existed in manual and batch processing systems. d. Real-time processing of transactions has enabled the auditor to concentrate less on the completeness assertion.
34. The program flowcharting symbol representing a
decision is a a. Triangle. b. Circle. c. Rectangle. d. Diamond. 128
35. CBIS controls are frequently classified as to general
controls and application controls. Which of the following is an example of an application control? a. Programmers may access the computer only for testing and "debugging" programs. b. All program changes must be fully documented and approved by the information systems manager and the user department authorizing the change. c. A separate data control group is responsible for distributing output, and also compares input and output on a test basis. d. In processing sales orders, the computer compares customer and product numbers with internally stored lists.
36. After a preliminary phase of the review of a client's
CBIS controls, an auditor may decide not to perform further tests related to the control procedures within the CBIS portion of the client's internal control system. Which of the following would not be a valid reason for choosing to omit further testing? a. The auditor wishes to further reduce assessed risk. b. The controls duplicate operative controls existing elsewhere in the system. c. There appear to be major weaknesses that would preclude reliance on the stated procedures. d. The time and dollar costs of testing exceed the time and dollar savings in substantive testing if the controls are tested for compliance.
37. Which of the following would lessen internal control
in a CBIS? a. The computer librarian maintains custody of computer program instructions and detailed listings. b. Computer operators have access to operator instructions and detailed program listings. c. The control group is solely responsible for the distribution of all computer output. d. Computer programmers write and debug programs which perform routines designed by the systems analyst.
38. While entering data into a cash receipts transaction
file, an employee transposed two numbers in a 129
customer code. Which of the following controls
could prevent input of this type of error? a. Sequence check. b. Record check. c. Self-checking digit. d. Field-size check.
39. Creating simulated transactions that are processed
through a system to generate results that are compared with predetermined results, is an auditing procedure referred to as a. Desk checking. b. Use of test data. c. Completing outstanding jobs. d. Parallel simulation.
40. Which of the following is a computer test made to
ascertain whether a given characteristic belongs to the group? a. Parity check. b. Validity check. c. Echo check. d. Limit check.
Excel 2023 for Beginners: A Complete Quick Reference Guide from Beginner to Advanced with Simple Tips and Tricks to Master All Essential Fundamentals, Formulas, Functions, Charts, Tools, & Shortcuts
ChatGPT Side Hustles 2024 - Unlock the Digital Goldmine and Get AI Working for You Fast with More Than 85 Side Hustle Ideas to Boost Passive Income, Create New Cash Flow, and Get Ahead of the Curve
ChatGPT Millionaire 2024 - Bot-Driven Side Hustles, Prompt Engineering Shortcut Secrets, and Automated Income Streams that Print Money While You Sleep. The Ultimate Beginner’s Guide for AI Business
Microsoft PowerPoint Guide for Success: Learn in a Guided Way to Create, Edit & Format Your Presentations Documents to Visual Explain Your Projects & Surprise Your Bosses And Colleagues | Big Four Consulting Firms Method
Microsoft Excel Guide for Success: Transform Your Work with Microsoft Excel, Unleash Formulas, Functions, and Charts to Optimize Tasks and Surpass Expectations [II EDITION]