Which of the following is not a major reason for maintaining an audit trail for a computer system?

Inhaltsverzeichnis Show

1. An advantage of using systems flowcharts to documentinformation about internal control instead of using internalcontrolquestionnaires is that systems flowchartsa. Identify internal control weaknesses moreprominently.b. Provide a visual depiction of clients’ activities.c. Indicate whether control procedures are operatingeffectively.d. Reduce the need to observe clients’ employees performingroutine tasks.
1. (b) The requirement is to identify an advantage of usingsystems flowcharts to document information about internalcontrolinstead of using internal control questionnaires.Answer (b) is correct because flowcharts provide a visualdepiction of clients’ activities which make it possible forauditors to quickly understandthe design of the system.Answer (a) is incorrect because while the flow of operationsis visually depicted, internal control weaknesses are not asobvious. Answer (c) is incorrect because while a flowchartdescribes a system, the flowchart alone does not indicatewhether that system is operating effectively. Answer (d) isincorrect because auditors still need to determine whether thesystem has been placed in operation and therefore the need toobserve employees performing routine tasks remains.
2. A flowchart is most frequently used by an auditor inconnectionwith thea. Preparation of generalized computer audit plans.b. Review of the client’s internal control.c. Use of statistical sampling in performing an audit.d. Performance of analytical procedures of accountbalances.
2. (b) The requirement is to determine when a flowchartis most frequently used by an auditor. Answer (b) is correctbecauseflowcharts are suggested as being appropriate fordocumentingthe auditor’s consideration of internal control.Answer(a) is incorrect because auditors do not frequentlywrite their own generalized computer audit programs, the mostlikely time a flowchart would be used with respect to suchsoftware. Answers (c) and (d) are incorrect because statisticalsampling and analytical procedures do not in general requirethe use of flowcharts.
3. Matthews Corp. has changed from a system of recordingtime worked on clock cards to a computerized payroll systemin which employees record time in and out with magneticcards. The computer system automatically updates all payrollrecords. Because of this changea. A generalized computer audit program must be used.b. Part of the audit trail is altered.c. The potential for payroll-related fraud is diminished.d. Transactions must be processed in batches.
3. (b) The requirement is to identify the correct statementwith respect to a computerized, automatically updating payrollsystem in which magnetic cards are used instead of a manualpayroll system with clock cards. Answer (b) is correct becausethe automatic updating of payroll records alters the audittrail which, in the past, included steps pertaining to manualupdating. Answer (a) is incorrect because although an auditormay choose to use a generalized computer audit program, it isnot required. Answer (c) is incorrect because no informationis presented that would necessarily indicate a change in thelikelihood of fraud. Answer (d) is incorrect because givenautomatic updating, a large portion of the transactions are notprocessed in batches.
4. Which of the following is correct concerning batch processingof transactions?a. Transactions are processed in the order they occur, regardlessof type.b. It has largely been replaced by online real-time processingin all but legacy systems.c. It is more likely to result in an easy-to-follow audittrail than is online transaction processing.d. It is used only in non-database applications.
4. (c) The requirement is to identify the correct statementconcerning the batch processing of transactions. Batch processinginvolves processing transactions through the systemin groups of like transactions (batches). Answer (c) is correctbecausethe similar nature of transactions involved with batchprocessingordinarily makes it relatively easy to follow thetransactionsthroughout the system. Answer (a) is incorrect because transactions are processed by type, not in the orderthey occur regardless of type. Answer (b) is incorrect becausemany batch applications still exist and might be expected toexist well into the future. Answer (d) is incorrect becausebatch processing may be used for database applications
5. An auditor would be most likely to assess control riskat the maximum level in an electronic environment withautomated system-generated information whena. Sales orders are initiated using predetermined, automateddecision rules.b. Payables are based on many transactions and large indollar amount.c. Fixed asset transactions are few in number, but largein dollar amount.d. Accounts receivable records are based on manytransactionsand are large in dollar amount.
5. (c) The requirement is to determine when an auditorwould be most likely to assess control risk at the maximumlevel in an electronic environment with automated systemgeneratedinformation. Answer (c) is correct because the fewtransactions involved in fixed assets make it most likely to beone in which a substantive approach of restricting detectionrisk is most likely to be effective and efficient. Answer (a)is incorrect because an auditor might be expected to performtests of controls to assess control risk below the maximumwhen automated decision rules are involved for an account(sales) which ordinarily has many transactions. Answers (b)and (d) are incorrect because the numerous transactions inpayables and receivables make it likely that control risk will beassessed below the maximum.
6. In a highly automated information processing system testsof controla. Must be performed in all circumstances.b. May be required in some circumstances.c. Are never required.d. Are required in first year audits.
6. (b) The requirement is to identify the most accuratestatement with respect to tests of controls of a highlyautomated information processing system. Answer (b) iscorrect because in some such circumstances substantivetests alone will not be sufficientto restrict detection risk toan acceptable level. Answer (a) is incorrect because tests ofcontrols need not be performed in all such circumstances.Answer (c) is incorrect because such tests are sometimesrequired. Answer (d) is incorrect because tests of controls arenot in such circumstances in all first year audits.
7. Which of the following is least likely to be consideredby an auditor considering engagement of an informationtechnology (IT) specialist on an audit?a. Complexity of client’s systems and IT controls.b. Requirements to assess going concern status.c. Client’s use of emerging technologies.d. Extent of entity’s participation in electroniccommerce.
7. (b) The requirement is to identify the least likelycircumstance in which an auditor would consider engagementsof an IT specialist on an audit. Answer (b) is correct becausethe requirement to assess going concern status remains thesame on all audits, and thus does not directly affect engagementof an IT specialist. Answers (a), (c), and (d) are all incorrectbecause complexity, the use of emerging technologies, andparticipation in electronic commerce are all factors which makeit more likely that an IT specialist will be engaged.
8. Which of the following strategies would a CPA mostlikely consider in auditing an entity that processes most ofits financial data only in electronic form, such as a paperlesssystem?a. Continuous monitoring and analysis oftransaction processing with an embedded auditmodule.b. Increased reliance on internal control activities thatemphasize the segregation of duties.c. Verification of encrypted digital certificates used tomonitor the authorization of transactions.d. Extensive testing of firewall boundaries that restrictthe recording of outside network traffic.
8. (a) The requirement is to identify a strategy that a CPAmost likely would consider in auditing an entity that processesmost of its financial data only in electronic form. Answer(a) is correct because continuous monitoring and analysisof transactionprocessing with an embedded audit module might provide an effective way of auditing these processes—although some question exists as to how many embedded auditmodules CPAs have actually used in practice. Answer (b) isincorrect because there may well be a decrease in reliance oninternal control activitiesthat emphasize this segregation ofduties since so many controlsare in the hardware and softwareof the application. Answer (c) is incorrect because digitalcertificates deal with electronic commerce between companies,a topic not directly addressed by this question, and becausesuch certificates provide limited evidenceon authorization.Answer (d) is incorrect because while firewalls do controlnetwork traffic, this is not the most significant factor in theaudit of electronic form financial data.
9. Which of the following is not a major reason for maintainingan audit trail for a computer system?a. Deterrent to fraud.b. Monitoring purposes.c. Analytical procedures.d. Query answering.
9. (c) The requirement is to identify the reply that is nota major reason for maintaining an audit trail for a computersystem.Answer (c) is correct because analytical proceduresuse the outputs of the system, and therefore the audit trail is oflimited importance. Answer (a) is incorrect because an audittrail may deter fraud since the perpetrator may realize that hisor her act may be detected. Answer (b) is incorrect becausean audit trail will help management to monitor the computersystem. Answer(d) is incorrect because an audit trail willmake it much easier to answer queries.
10. Computer systems are typically supported by a varietyof utility software packages that are important to an auditorbecause theya. May enable unauthorized changes to data files if notproperly controlled.b. Are very versatile programs that can be used on hardwareof many manufacturers.c. May be significant components of a client’sapplication programs.d. Are written specifically to enable auditors to extractand sort data.
10. (a) The requirement is to identify a reason that utilitysoftware packages are important to an auditor. Answer (a)is correct because client use of such packages requires thatthe auditorinclude tests to determine that no unplannedinterventions using utility routines have taken place duringprocessing (Audit and Accounting Guide, Computer AssistedAudit Techniques). Answer (b) is incorrect because a client’suse of such programs implies that they are useful on his/hercomputer hardware, and therefore any flexibility is not ofimmediate relevance to the auditor.Answer (c) is incorrectbecause the primary purpose of utilityprograms is to supportthe computer user’s applications (Computer Assisted AuditTechniques). Answer (d) is incorrect because utility softwareprograms have a variety of uses in additionto enablingauditors to extract and sort data (Computer AssistedAuditTechniques).
What are the main reasons we have audit trails in the information system?
What is the purpose of audit trail review?
Which of the following is the objective of audit trail?
What is the purpose of audit trail and log in?

1. An advantage of using systems flowcharts to documentinformation about internal control instead of using internalcontrolquestionnaires is that systems flowchartsa. Identify internal control weaknesses moreprominently.b. Provide a visual depiction of clients’ activities.c. Indicate whether control procedures are operatingeffectively.d. Reduce the need to observe clients’ employees performingroutine tasks.

1. (b) The requirement is to identify an advantage of usingsystems flowcharts to document information about internalcontrolinstead of using internal control questionnaires.Answer (b) is correct because flowcharts provide a visualdepiction of clients’ activities which make it possible forauditors to quickly understandthe design of the system.Answer (a) is incorrect because while the flow of operationsis visually depicted, internal control weaknesses are not asobvious. Answer (c) is incorrect because while a flowchartdescribes a system, the flowchart alone does not indicatewhether that system is operating effectively. Answer (d) isincorrect because auditors still need to determine whether thesystem has been placed in operation and therefore the need toobserve employees performing routine tasks remains.

2. A flowchart is most frequently used by an auditor inconnectionwith thea. Preparation of generalized computer audit plans.b. Review of the client’s internal control.c. Use of statistical sampling in performing an audit.d. Performance of analytical procedures of accountbalances.

2. (b) The requirement is to determine when a flowchartis most frequently used by an auditor. Answer (b) is correctbecauseflowcharts are suggested as being appropriate fordocumentingthe auditor’s consideration of internal control.Answer(a) is incorrect because auditors do not frequentlywrite their own generalized computer audit programs, the mostlikely time a flowchart would be used with respect to suchsoftware. Answers (c) and (d) are incorrect because statisticalsampling and analytical procedures do not in general requirethe use of flowcharts.

3. (b) The requirement is to identify the correct statementwith respect to a computerized, automatically updating payrollsystem in which magnetic cards are used instead of a manualpayroll system with clock cards. Answer (b) is correct becausethe automatic updating of payroll records alters the audittrail which, in the past, included steps pertaining to manualupdating. Answer (a) is incorrect because although an auditormay choose to use a generalized computer audit program, it isnot required. Answer (c) is incorrect because no informationis presented that would necessarily indicate a change in thelikelihood of fraud. Answer (d) is incorrect because givenautomatic updating, a large portion of the transactions are notprocessed in batches.

4. Which of the following is correct concerning batch processingof transactions?a. Transactions are processed in the order they occur, regardlessof type.b. It has largely been replaced by online real-time processingin all but legacy systems.c. It is more likely to result in an easy-to-follow audittrail than is online transaction processing.d. It is used only in non-database applications.

4. (c) The requirement is to identify the correct statementconcerning the batch processing of transactions. Batch processinginvolves processing transactions through the systemin groups of like transactions (batches). Answer (c) is correctbecausethe similar nature of transactions involved with batchprocessingordinarily makes it relatively easy to follow thetransactionsthroughout the system. Answer (a) is incorrect because transactions are processed by type, not in the orderthey occur regardless of type. Answer (b) is incorrect becausemany batch applications still exist and might be expected toexist well into the future. Answer (d) is incorrect becausebatch processing may be used for database applications

5. An auditor would be most likely to assess control riskat the maximum level in an electronic environment withautomated system-generated information whena. Sales orders are initiated using predetermined, automateddecision rules.b. Payables are based on many transactions and large indollar amount.c. Fixed asset transactions are few in number, but largein dollar amount.d. Accounts receivable records are based on manytransactionsand are large in dollar amount.

5. (c) The requirement is to determine when an auditorwould be most likely to assess control risk at the maximumlevel in an electronic environment with automated systemgeneratedinformation. Answer (c) is correct because the fewtransactions involved in fixed assets make it most likely to beone in which a substantive approach of restricting detectionrisk is most likely to be effective and efficient. Answer (a)is incorrect because an auditor might be expected to performtests of controls to assess control risk below the maximumwhen automated decision rules are involved for an account(sales) which ordinarily has many transactions. Answers (b)and (d) are incorrect because the numerous transactions inpayables and receivables make it likely that control risk will beassessed below the maximum.

6. In a highly automated information processing system testsof controla. Must be performed in all circumstances.b. May be required in some circumstances.c. Are never required.d. Are required in first year audits.

6. (b) The requirement is to identify the most accuratestatement with respect to tests of controls of a highlyautomated information processing system. Answer (b) iscorrect because in some such circumstances substantivetests alone will not be sufficientto restrict detection risk toan acceptable level. Answer (a) is incorrect because tests ofcontrols need not be performed in all such circumstances.Answer (c) is incorrect because such tests are sometimesrequired. Answer (d) is incorrect because tests of controls arenot in such circumstances in all first year audits.

7. Which of the following is least likely to be consideredby an auditor considering engagement of an informationtechnology (IT) specialist on an audit?a. Complexity of client’s systems and IT controls.b. Requirements to assess going concern status.c. Client’s use of emerging technologies.d. Extent of entity’s participation in electroniccommerce.

7. (b) The requirement is to identify the least likelycircumstance in which an auditor would consider engagementsof an IT specialist on an audit. Answer (b) is correct becausethe requirement to assess going concern status remains thesame on all audits, and thus does not directly affect engagementof an IT specialist. Answers (a), (c), and (d) are all incorrectbecause complexity, the use of emerging technologies, andparticipation in electronic commerce are all factors which makeit more likely that an IT specialist will be engaged.

8. Which of the following strategies would a CPA mostlikely consider in auditing an entity that processes most ofits financial data only in electronic form, such as a paperlesssystem?a. Continuous monitoring and analysis oftransaction processing with an embedded auditmodule.b. Increased reliance on internal control activities thatemphasize the segregation of duties.c. Verification of encrypted digital certificates used tomonitor the authorization of transactions.d. Extensive testing of firewall boundaries that restrictthe recording of outside network traffic.

8. (a) The requirement is to identify a strategy that a CPAmost likely would consider in auditing an entity that processesmost of its financial data only in electronic form. Answer(a) is correct because continuous monitoring and analysisof transactionprocessing with an embedded audit module might provide an effective way of auditing these processes—although some question exists as to how many embedded auditmodules CPAs have actually used in practice. Answer (b) isincorrect because there may well be a decrease in reliance oninternal control activitiesthat emphasize this segregation ofduties since so many controlsare in the hardware and softwareof the application. Answer (c) is incorrect because digitalcertificates deal with electronic commerce between companies,a topic not directly addressed by this question, and becausesuch certificates provide limited evidenceon authorization.Answer (d) is incorrect because while firewalls do controlnetwork traffic, this is not the most significant factor in theaudit of electronic form financial data.

9. Which of the following is not a major reason for maintainingan audit trail for a computer system?a. Deterrent to fraud.b. Monitoring purposes.c. Analytical procedures.d. Query answering.

9. (c) The requirement is to identify the reply that is nota major reason for maintaining an audit trail for a computersystem.Answer (c) is correct because analytical proceduresuse the outputs of the system, and therefore the audit trail is oflimited importance. Answer (a) is incorrect because an audittrail may deter fraud since the perpetrator may realize that hisor her act may be detected. Answer (b) is incorrect becausean audit trail will help management to monitor the computersystem. Answer(d) is incorrect because an audit trail willmake it much easier to answer queries.

10. Computer systems are typically supported by a varietyof utility software packages that are important to an auditorbecause theya. May enable unauthorized changes to data files if notproperly controlled.b. Are very versatile programs that can be used on hardwareof many manufacturers.c. May be significant components of a client’sapplication programs.d. Are written specifically to enable auditors to extractand sort data.

10. (a) The requirement is to identify a reason that utilitysoftware packages are important to an auditor. Answer (a)is correct because client use of such packages requires thatthe auditorinclude tests to determine that no unplannedinterventions using utility routines have taken place duringprocessing (Audit and Accounting Guide, Computer AssistedAudit Techniques). Answer (b) is incorrect because a client’suse of such programs implies that they are useful on his/hercomputer hardware, and therefore any flexibility is not ofimmediate relevance to the auditor.Answer (c) is incorrectbecause the primary purpose of utilityprograms is to supportthe computer user’s applications (Computer Assisted AuditTechniques). Answer (d) is incorrect because utility softwareprograms have a variety of uses in additionto enablingauditors to extract and sort data (Computer AssistedAuditTechniques).

What are the main reasons we have audit trails in the information system?

Audit trails are used to verify and track many types of transactions, including accounting transactions and trades in brokerage accounts. An audit trail is most often utilized when the accuracy of an item needs to be verified, as it might be in the case of an audit.

What is the purpose of audit trail review?

An audit trail facilitates the reconstruction of the history of such events relating to the record regardless of its medium, including the “who, what, when and why” of the action.” determined by a risk assessment.”

Which of the following is the objective of audit trail?

BENEFITS AND OBJECTIVES Audit trails can provide a means to help accomplish several security-related objectives, including individual accountability, reconstruction of events (actions that happen on a computer system), intrusion detection, and problem analysis.

What is the purpose of audit trail and log in?

A series of audit logs is called an audit trail because it shows a sequential record of all the activity on a specific system. By reviewing audit logs, systems administrators can track user activity, and security teams can investigate breaches and ensure compliance with regulatory requirements.

Which of the following is not a major reason for maintaining an audit trail for a computer system?

2. A flowchart is most frequently used by an auditor inconnectionwith thea. Preparation of generalized computer audit plans.b. Review of the client’s internal control.c. Use of statistical sampling in performing an audit.d. Performance of analytical procedures of accountbalances.

6. In a highly automated information processing system testsof controla. Must be performed in all circumstances.b. May be required in some circumstances.c. Are never required.d. Are required in first year audits.

9. Which of the following is not a major reason for maintainingan audit trail for a computer system?a. Deterrent to fraud.b. Monitoring purposes.c. Analytical procedures.d. Query answering.

What are the main reasons we have audit trails in the information system?

What is the purpose of audit trail review?

Which of the following is the objective of audit trail?

What is the purpose of audit trail and log in?

zusammenhängende Posts

What is the main reason for an audit is considered necessary and why do auditors need to be independent?

Which of the following are the major categories of security event indicators described by NIST 800 61?

What doctrine is provided in the Copyright Act as a major defense to a claim of copyright infringement?

Werbung

NEUESTEN NACHRICHTEN

Which incentive plans are specifically designed to promote group performance

According to the flsa, which individual is most likely a nonexempt employee?

Reactive and protective behaviors designed to avoid action, blame, or change are termed ________.

The machiavellian personality is characterized by the will to manipulate and the desire for power.

Ist ein mann in brunn gefallen noten

Which of the following biometric authentication systems is the most accepted by users?

Was ist der Unterschied zwischen Hanf und CBD?

Wie viele noten braucht man für eine zeugnisnote sachsen-anhalt

Wie fühlt man sich wenn man schwanger ist am anfang

Kann man Basaltemperatur auch tagsüber Messen?

Werbung

Populer

Werbung

Um

Legal

Hilfe

Sozial