FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 12: The Impact of Information Technology on the Audit Process

Show Answer

Share

---

All types

Filters

Study Flashcards

Question 1

Multiple Choice

Review LaterAdd Note

Review Later

General controls include all of the following except:

A) systems development.
B) online security.
C) processing controls.
D) hardware controls.

E) All of the above
F) B) and C)

Correct Answer

verified

C

Question 2

True/False

Review LaterAdd Note

Review Later

General controls in smaller companies are usually less effective than in more complex IT environments.

A) True
B) False

Correct Answer

verified

Show Answer

Question 3

True/False

Review LaterAdd Note

Parallel simulation is used primarily to test internal controls over the client's IT systems, whereas the test data approach is used primarily for substantive testing.

Which of the following statements related to application controls is correct?

The auditor's objective in determining whether the client's automated controls can correctly handle valid and invalid transactions as they arise is accomplished through the:

The effectiveness of automated controls depends solely on the competence of the personnel performing the controls.

What are three specific risks to IT systems?

Tests of controls are normally performed only if the auditor believes the client's internal control may be effective.

When the auditor is obtaining an understanding of a service center's internal controls the auditor should:

Auditors often use Generalized Audit Software during their testing of a client's internal controls. For the following uses of the software provide a description and an example. Verify extensions and footings Print confirmation requests Compare data on separate files

Which of the following is not an example of an applications control?

An auditor's flowchart of the client's IT system is a graphical representation that depicts the auditor's:

Which of the following is not an enhancement to internal control that will occur as a consequence of increased reliance on IT?

Auditors should evaluate which of the following before evaluating application controls because of the potential for pervasive effects.

Old and new systems operating simultaneously in all locations is a test approach known as:

What are the two software testing strategies that companies typically use? Which strategy is more expensive?

Output controls focus on preventing errors during processing.

IT has several significant effects on an organization. Which of the following would not be important from an auditing perspective?

Match eight of the terms (a-n) with the definitions provided below (1-8): a. Application controls b. Auditing around the computer c. Auditing through the computer d. Error listing e. General controls f. Generalized audit software g. Hardware controls h. Input controls i. Output controls j. Parallel simulation k. Parallel testing l. Pilot testing m. Processing controls n. Test data approach ________ 1. The new and old systems operate simultaneously in all locations. ________ 2. Controls that relate to all parts of the IT system. ________ 3. Involves the use of a computer program written by the auditor that replicates some part of a client's application system. ________ 4. A method of auditing IT systems which uses data created by the auditor to determine whether the client's computer program can correctly process valid and invalid transactions. ________ 5. Controls such as review of data for reasonableness, designed to assure that data generated by the computer is valid, accurate, complete, and distributed only to authorized people. ________ 6. Controls that apply to processing of transactions. ________ 7. A new system is implemented in one part of the organization while other locations continue to rely on the old system. ________ 8. Controls such as proper authorization of documents, check digits, and adequate documentation, designed to assure that the information to be processed by the computer is authorized, complete, and accurate.

What do auditing standards require when a company outsources some of their IT requirements to an Application Service Provider?