Page 9 of 15

12. The reporting of accounting information plays a central role in the regulation of business
operations. Preventive controls are an integral part of virtually all accounting processing
systems, and much of the information generated by the accounting system is used for
preventive control purposes. Which one of the following is not an essential element of a sound
preventive control system?
a. Separation of responsibilities for the recording, custodial, and authorization functions.
b. Sound personnel policies.
c. Documentation of policies and procedures.
d. Implementation of state-of-the-art software and hardware.
13. The most critical aspect regarding separation of duties within information systems is between
a. Project leaders and programmers c. Programmers and systems analysts
b. Programmers and computer operators d. Data control and file librarians
14. Whether or not a real time program contains adequate controls is most effectively determined
by the use of
a. Audit software c. A tracing routine
b. An integrated test facility d. A traditional test deck
15. Compatibility tests are sometimes employed to determine whether an acceptable user is
allowed to proceed. In order to perform compatibility tests, the system must maintain an
access control matrix. The one item that is not part of an access control matrix is a
a. List of all authorized user code numbers and passwords.
b. List of all files maintained on the system.
c. Record of the type of access to which each user is entitled.
d. Limit on the number of transaction inquiries that can be made by each user in a specified
time period.
16. Which one of the following input validation routines is not likely to be appropriate in a real time
operation?
a. Field check c. Sequence check
b. Sign check d. Redundant data check
17. Which of the following controls is a processing control designed to ensure the reliability and
accuracy of data processing?
Limit test Validity check test
a. Yes Yes
b. No No
c. No Yes
d. Yes No
18. Which of the following characteristics distinguishes computer processing from manual
processing?
a. Computer processing virtually eliminates the occurrence of computational error normally
associated with manual processing.
b. Errors or irregularities in computer processing will be detected soon after their occurrences.
c. The potential for systematic error is ordinarily greater in manual processing than in
computerized processing.
d. Most computer systems are designed so that transaction trails useful for audit do not exist.
19. Which of the following most likely represents a significant deficiency in the internal control
structure?
a. The systems analyst review applications of data processing and maintains systems
documentation.
b. The systems programmer designs systems for computerized applications and maintains
output controls.
c. The control clerk establishes control over data received by the EDP department and
reconciles control totals after processing
d. The accounts payable clerk prepares data for computer processing and enters the data into
the computer.
20. Which of the following activities would most likely be performed in the EDP Department?
a. Initiation of changes to master records.
b. Conversion of information to machine-readable form.
c. Correction of transactional errors.
d. Initiation of changes to existing applications.

AT-030507