[go: up one dir, main page]
Scribd
Upload
78 views1 page

Page 11 of 15

The document discusses issues related to auditing computerized systems and electronic data. It contains multiple choice questions about topics such as: assessing control risk in a computerized environment, reasons for omitting tests of EDP controls, types of client EDP systems that can be audited without examining computer programs, the purpose of utility software packages, and obtaining evidence that online access controls are functioning properly. It focuses on understanding computerized aspects of auditing procedures and internal controls.

Uploaded by

Fiverr Rall
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
78 views1 page

Page 11 of 15

The document discusses issues related to auditing computerized systems and electronic data. It contains multiple choice questions about topics such as: assessing control risk in a computerized environment, reasons for omitting tests of EDP controls, types of client EDP systems that can be audited without examining computer programs, the purpose of utility software packages, and obtaining evidence that online access controls are functioning properly. It focuses on understanding computerized aspects of auditing procedures and internal controls.

Uploaded by

Fiverr Rall
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

Page 11 of 15

31. Using microcomputers in auditing may affect the methods used to review the work of staff
assistants because
a. The audit field work standards for supervision may differ.
b. Documenting the supervisory review may require assistance of consulting services
personnel.
c. Supervisory personnel may not have an understanding of the capabilities and limitations of
microcomputers.
d. Working paper documentation may not contain readily observable details of calculations.
32. An auditor anticipates assessing control risk at a low level in a computerized environment.
Under these circumstances, on which of the following procedures would the auditor initially
focus?
a. Programmed control procedures c. Output control procedures
b. Application control procedures d. General control procedures
33. After the preliminary phase of the review of a client’s EDP controls, an auditor may decide not
to perform tests of controls (compliance tests) related to the control procedures within the EDP
portion of the client’s internal control structure. Which of the following would not be a valid
reason for choosing to omit such tests?
a. The controls duplicate operative controls existing elsewhere in the structure.
b. There appear to be major weaknesses that would preclude reliance on the stated
procedure.
c. The time and costs of testing exceed the time and costs in substantive testing if the tests of
controls show the controls to be operative.
d. The controls appear adequate.
34. Which of the following client electronic data processing (EDP) systems generally can be
audited without examining or directly testing the EDP computer programs of the system?
a. A system that performs relatively uncomplicated processes and produces detailed output.
b. A system that affects a number of essential master files and produces a limited output.
c. A system that updates a few essential master files and produces no printed output other
than final balances.
d. A system that performs relatively complicated processing and produces very little detailed
output.
35. Computer systems are typically supported by a variety of utility software packages that are
important to an auditor because they
a. May enable unauthorized changes to data files if not properly controlled.
b. Are very versatile programs that can be used on hardware of many manufacturers.
c. May be significant components of a client’s application programs.
d. Are written specifically to enable auditors to extract and sort data.
36. To obtain evidence that online access controls are properly functioning, an auditor most likely
would
a. Create checkpoints at periodic intervals after live data processing to test for unauthorized
use of the system.
b. Examine the transaction log to discover whether any transactions were lost or entered twice
due to a system malfunction
c. Enter invalid identification numbers or passwords to ascertain whether the system rejects
them.
d. Vouch a random sample of processed transactions to assure proper authorization
37. Which of the following statements most likely represents a disadvantage for an entity that
keeps microcomputer-prepared data files rather than manually prepared files?
a. Attention is focused on the accuracy of the programming process rather than errors in
individual transactions.
b. It is usually easier for unauthorized persons to access and alter the files.
c. Random error associated with processing similar transactions in different ways is usually
greater.
d. It is usually more difficult to compare recorded accountability with physical count of assets.
38. An auditor would least likely use computer software to
a. Access client data files c. Assess EDP controls
b. Prepare spreadsheets d. Construct parallel simulations

AT-030507

You might also like