AUDIT IN CIS ENVIRONMENT - SALOSAGCOL

Study online at https://quizlet.com/_gtn4la

1. 1. Which statement is incorrect when auditing in a CIS d. A CIS environment

environment changes the overall objec-
tive and scope of an audit.
a. A CIS environment exists when a computer of any
type or size is involved in the processing by the entity
of financial information of significance to the audit,
whether that computer is operated by the entity or by
a third party.
b. The auditor should consider how a CIS environment
affects the audit.
c. The use of a computer changes the processing,
storage, and communication of financial information
and may affect the accounting and internal control
systems employed by the entity.
d. A CIS environment changes the overall objective
and scope of an audit.

2. 2. An important characteristic of CIS is uniformity of c. Erroneous processing

processing. Therefore, a risk exists that: can result in the accumu-
lation of a great number of
a. Auditors will not be able to access data quickly. misstatements in a short
b. Auditors will not be able to determine if data is period of time.
processed consistently.
c. Erroneous processing can result in the accumula-
tion of a great number of misstatements in a short
period of time.
d. All of the above.

3. 3. Which of the following is not a benefit of using IT d. Over-reliance on com-

based controls? puter generated reports.

a. Ability to process large volumes of transactions:

1 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

b. Ability to replace manual controls with comput-

er-bascd controls.
c. Reduction in misstatements due to consistent pro-
cessing of transactions.
d. Over-reliance on computer generated reports.

4. 4. The characteristics that distinguish computer pro- c. Only statements (1) and
cessing from manual processing include the follow- (3) are true
ing:

1) Computer processing uniformly subjects like trans-

actions to the same instructions.
2) Computer systems always ensure that complete
transaction trails useful for audit purposes are pre-
served for indefinite periods.
3) Computer processing virtually eliminates the oc-
currence of clerical errors normally associated with
martual processing.
4) Control procedures as to segregation of functions
may no longer be necessary in computer environ-
ment.

a. All of the above statements are true.

b. Only statements (2) and (4) are true.
c. Only statements (1) and (3) are true
d. All of the above statements are false.

5. 5. Which of the following is not a risk specific to CIS b. Increased human in-
environments? volvement

a. Reliance on the functioning capabilities of hardware

and software
b. Increased human involvement
2 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

c. Loss of data due to insufficient backup

d. Unauthorized access

6. 6. Which of the following is not a risk in a computer- c. Improved audit trail

ized information system (CIS)?

a. Need for CIS experienced staff

b. Separation of CIS duties from accounting functions
c. Improved audit trail
d. Hardware and data vulnerability

7. 7. Which of the following statements is not correct? d. The specific meth-

ods appropriate for im-
a. The overall objective and scope of an audit do not plementing the basic au-
change in a CIS environment. diting concepts do not
b. When computers or CIS are introduced, the basic change, as systems be-
concept of evidence accumulation remains the same. come more complex.
c. Most CIS rely extensively on the same type of proce-
dures for control that are used in manual processing
system.
d. The specific methods appropriate for implementing
the basic auditing concepts do not change, as systems
become more complex.

8. 8. The use of CIS will least likely affect the b. The auditor's specific
audit objectives.
a. The procedures followed by the auditor in obtain-
ing a sufficient understanding of the accounting and
internal control systems.
b. The auditor's specific audit objectives.
c. The consideration of inherent risk and control risk
through which the auditor arrives at the risk assess-
ment.The auditor's design and performance of tests
3 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

of control and substantive procedures appropriate to

meet the audit objective.
d. The auditor's designa and performance of tests
of control and substantive procedures appropriate to
meet the audit objective.

9. 9. Which of the following is unique to CIS? a. Error listing

a. Error listing
b. Flowchart
c. Questionnaires
d. Pre-numbered documents

10. 10. CIS has several significant effects on an organiza- d. None of the above; ie.,
tion. Which of the folowing would not be important they are all important.
from an auditing perspective?

a. organizational changes
b. the visibility of information
c. the potential for material misstatement
d. None of the above; ie., they are all important.

11. 11. Where computer processing is used in significant c. Application

accounting applications, internal control procedures
may be defined by classifying control procedures in
two types: general and

a. Administrative
b. Specific
c. Application
d. Authorization

12. b. General control

4 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

12. A control which relates to all parts of the CIS is

called a(n)

a. Systems control
b. General control
c. Applications control
d. Universal control

13. 13. Controls which apply to a specific use of the system c. Applications controls.
are called

a. Systems controls
b. General controls.
c. Applications controls.
d. User controls.

14. 14. Some CIS control procedures relate to all CIS ac- c. Controls for document-
tivities (general controls) and some relate to specific ing and approving pro-
tasks (application controls).General controls include grams and changes to
programs.
a. Controls designed to ascertain that all data submit-
ted to CIS for processing have been properly autho-
rized.
b. Controls that relate to the correction and resubmis-
sion of data that were initially incorrect.
c. Controls for documenting and approving programs
and changes to programs.
d. Controls designed to assure the accuracy of the
processing results.

15. 15. Which of the following statements is correct? c. Auditors should evalu-
ate general controls be-
a. Auditors should evaluate application controls be-
5 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

fore evaluating general controls. fore evaluating applica-

b. Auditors should evaluate application controls and tion controls.
general controls simultaneously.
c. Auditors should evaluate general controls before
evaluating application controls.
d. None of these statements is correct.

16. 16. Which of the following is a component of general c. Back-up and contin-
controls? gency planning

a. Processing controls
b. Output controls
c. Back-up and contingency planning
d. Input controls

17. 17. Which of the following is least likely to be a general d. A control total.
control over computer activities?

a. Procedures for developing new programs and sys-

tems.
b. Requirements for system documentation.
c. An access control.
d. A control total.

18. 18. Which of the following is an example of general c. Operations manual.

control?

a. Input validation checks.

b. Control total.
c. Operations manual.
d. Generalized audit software

19. c. Processing controls.

6 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

19. Which of the following is not a general control?

a. The plan of organization and operation of CIS activ-

ity.
b. Procedures for documenting, reviewing, and ap-
proving systems and programs.
c. Processing controls.
d. Hardware controls.

20. 20. Which of the following activities would most likely b. Conversion of informa-
be performed in the CIS department? tion to machine-readable
form.
a. Initiation of changes to master records
b. Conversion of information to machine-readable
form.
c. Correction of transactional errors.
d. Initiation of changes to existing applications.

21. 21. Which of the following IT duties should be separat- d. All of the above should
ed from the others? be separated

a. Systems development
b. Operations
c. IT management
d. All of the above should be separated

22. 22. For control purposes, which of the following b. Systems development
should be organizationally segregated from the com-
puter operations functions?

a. Data conversion
b. Systems development

7 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

c. Minor maintenance according to a schedule

d. Processing of data

23. 23. Which of the following computer related employ- c. The operator.
ees should not be allowed access to program listings
of application programs?

a. The systems analyst.

b. The programmer.
c. The operator.
d. The librarian.

24. 24. Which of the following statements about general d. Programmers should
controls is not correct? have access to computer
operations to aid users in
a. Backup and disaster recover plans should identify resolving problems.
alternative hardware to process company data.
b. Successful IT development efforts require the in-
volvement of IT and non-IT personnel.
c. The chief information officer should report to senior
management. and the board.
d. Programmers should have access to computer op-
erations to aid users in resolving problems.

25. 25. Where computers are used, the effectiveness of c. Systems analyst and
internal control depends, in part, upon whether the programmer
organizational structure includes any incompatible
combinations. Such a combination would exist when
there is no separation of the duties between.

a. Documentation librarian and manager of program-

ming
b. Programming and computer operator
8 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

c. Systems analyst and programmer

d. Processing control clerk and keypunch supervisor

26. 26. Which of the following is a general control that c. Systems documenta-
would most likely assist an entity whose system ana- tion.
lyst left the entity in the middle of a major project?

a. Grandfather-father-son record retention.

b. Data encryption
c. Systems documentation.
d. Check digit verification.

27. 27. Internal control is ineffective when computer de- c. Originate changes in
partment personnel master files.

a. Participate in computer software acquisition deci-

sion.
b. Design documentation for computerized systems.
c. Originate changes in master files.
d. Provide physical security for program files.

28. 28. An example of an access control is a: b. Password.

a. Check digit.
b. Password.
c. Test facility.
d. Read only memory.

29. 29. Access control in an on-line CIS can best be provid- d. User and terminal iden-
ed in most circumstancesby tification controls, such as
passwords.
a. An adequate librarianship function controlling ac-
cess to files.

9 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

b. A label affixed to the outside of a file medium holder

that identifies the contents.
c. Batch processing of all input through a centralized,
well-guarded facility.
d. User and terminal identification controls, such as
passwords.

30. 30. Controls which are built in by the manufacturer to c. Hardware controls.
detect equipment failure are called:

a. Input controls.
b. Data integrity controls.
c. Hardware controls.
d. Manufacturer's controls.

31. 31. In a CIS environment, automated equipment con- c. Detect and control er-
trols or hardware controls are designed to: rors arising from the use
of equipment.
a. Correct errors in the computer programs.
b. Monitor and detect errors in source documents.
c. Detect and control errors arising from the use of
equipment.
d. Arrange data in a logical sequential manner for
processing purposes.

32. 32. To determine that user ID and password controls a. Test the system by at-
are functioning, an auditor would most likely: tempting to sign on using
invalid user identifications
a. Test the system by attempting to sign on using and passwords.
invalid user identifications and passwords.
b. Write a computer program that simulates the logic
of the client's access control software.
c. Extract a random sample of processed transactions
10 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

and ensure that the transactions were appropriately

authorized.
d. Examine statements signed by employees stating
that they have not divulged their user identifications
and passwords to any other person.

33. 33. Adequate control over access to data processing is a. Deter improper use or
required to manipulation of data files
and programs.
a. Deter improper use or manipulation of data files
and programs.
b. Ensure that only console operators have access to
program documentation.
c. Minimize the need for backup data files.
d. Ensure that hardware controls are operating effec-
tively and as designed by the computer manufacturer.

34. 34. The management of ZNVS Co. suspects that some- c. Passwords
one is tampering with pay rates by entering changes
through the Co.'s remote terminals located in the fac-
tory. The method ZNVS Co. should implement to pro-
tect the system from these unauthorized alterations
to the system's files is

a. Batch totals
b. Checkpoint recovery
c. Passwords
d. Record count

35. 35. Passwords for microcomputer software programs d. Unauthorized use of the
are designed to prevent: software.

a. Inaccurate processing of data.

11 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

b. Unauthorized access to the computer.

c. Incomplete updating of data files.
d. Unauthorized use of the software.

36. 36. The possibility of losing a large amount of infor- a. Back-up files
mation stored in computer. files most likely would be
reduced by the use of

a. Back-up files
b. Check digits
c. Completeness tests
d. Conversion verification.

37. 37. Which of the following controls most likely would b. Backup diskettes or
assure that an entity can reconstruct its financial tapes of files are stored
records? away from originals.

a. Hardware controls are built into the computer by

the computer manufacturer.
b. Backup diskettes or tapes of files are stored away
from originals.
c. Personnel who are independent of data input per-
form parallel simulations.
d. System flowcharts provide accurate descriptions of
input and output operations.

38. 38. Unauthorized alteration of on-line records can be d. Data base access con-
prevented by employing: trols

a. Key verification.
b. Computer sequence checks
c. Computer matching
d. Data base access controls
12 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

39. 39. XYZ Company updates its accounts receivable c. Permit reconstruction of
master file weekly and retains the master files and cor- the master file if needed.
responding update transactions for the most recent
2-week period. The purpose of this practice is to

a. Verify run-to-run control totals for receivables.

b. Match internal labels to avoid writing on the wrong
volume.
c. Permit reconstruction of the master file if needed.
d. Validate groups of update transactions for each

40. 40. Which of the following is not a general control? c. Output controls

a. Separation of duties
b. Systems development.
c. Output controls
d. Hardware controls

41. 41. General controls include all of the following ex- c. Check digit
cept:

a. Systems development.
b. Online security.
c. Check digit
d. Hardware controls.

42. 42. Which of the following is not a general control? a. Computer performed
validation tests of input
a. Computer performed validation tests of input accu- accuracy
racy
b. Equipment failure causes error messages on moni-
tor

13 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

c. Separation of duties between programmer and op-

erators
d. Adequate program run instructions for operating
the computer

43. 43. Controls which are designed to assure that the a. Input controls
information processed by the computer is authorized,
complete, and accurate are called

a. Input controls
b. Output controls
c. Processing controls
d. General controls

44. 44. Which of the following statements related to appli- d. Application controls re-
cation controls is correct? late to the processing of
individual transactions.
a. Application controls relate to various aspects of the
CIS operation including software acquisition and the
processing of transactions.
b. Application controls relate to various aspects of
the CIS operation including physical security and the
processing of transactions in various cycles.
c. Application controls relate to all aspects of the CIS
operation.
d. Application controls relate to the processing of in-
dividual transactions.

45. 45. Which of the following is not an example of an a. Back-up of data to a re-
applications control? mote site for data security.

a. Back-up of data to a remote site for data security.

b. There is a preprocessing authorization of the sales
14 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

transactions.
c. There are reasonableness tests for the unit selling
price of a sale.
d. After processing, all sales transactions are reviewed
by the sales department.

46. 46. Which of the following is not an example of an a. An equipment failure

application control? causes an error message
on the monitor.
a. An equipment failure causes an error message on
the monitor.
b. There is a preprocessing authorization of the sales
transactions.
c. There are reasonableness tests for the unit-selling
price of a sale.
d. After processing, all sales transactions are reviewed
by the sales department.

47. 47. Which of the following statements related to appli- d. Application controls re-
cation controls is correct? late to the processing of
individual transactions.
a. Application controls relate to various aspects of
the IT function including software acquisition and the
processing of transactions.
b. Application controls relate to various aspects of the
IT function including physical security and the pro-
cessing of transactions in various cycles.
c. Application controls relate to all aspects of the IT
function.
d. Application controls relate to the processing of in-
dividual transactions.

48. a. Control risk

15 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

48. Which of the following is not a processing control?

a. Control risk
b. Reasonable test
c. Check digits
d. Control total

49. 49. When CIS programs or files can be accessed from b. Personal identification
terminals, users should be required to enter a(n) code.

a. Parity check.
b. Personal identification code.
c. Self-diagnosis test.
d. Echo check.

50. 50. Which of the following is an example of a check b. An algebraically deter-

digit? mined number produced
by the other digits of the
a. An agreement of the total number of employees to employee number.
the total number of checks printed by the computer.
b. An algebraically determined number produced by
the other digits of the employee number.
c. A logic test that ensures all employee numbers are
nine digits.
d. A limit check that an employee's hours do not ex-
ceed 50 hours per work week.

51. 51. Controls which are designed to assure that the a. Input controls.
data that will be processed by the computer is autho-
rized, complete, and accurate are called:

a. Input controls.
b. Processing controls.
16 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

c. Output controls.
d. General controls.

52. 52. The completeness of computer-generated sales c. Control totals.

figures can be tested by comparing the number of
items listed on the daily sales report with the number
of items billed on the actual invoices. This process
uses

a. Check digits
b. Validity tests.
c. Control totals.
d. Process tracing data.

53. 53. A company's labor distribution report requires d. Control total.

extensive cotrections each month because of labor
hours charged to inactive jobs. Which of the following
data processing input controls appears to be missing?

a. Completeness test.
b. Validity test.
c. Limit test.
d. Control total.

54. 54. When an on-line, real-time (OLRT) system is in use, d. Making a validity check
control over input data can be strengthened by of an identification num-
ber before a user can ob-
a. Providing for the separation of duties between key tain access to the comput-
punching and error listing operations. er files.
b. Attaching plastic file protection rings to reels of
magnetic tape before new data can be entered on the
file.
c. Preparing batch totals to provide assurance that file
17 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

updates are made for the entire input.

d. Making a validity check of an identification number
before a user can obtain access to the computer files.

55. 55. A company uses the account code 669 for mainte- d. Valid-code test.
nance expense. However, one of the company clerks
often codes maintenance expense as 996. The highest
account code in the system is 750. What would be the
best internal control check to build into the company's
computer program to detect this error?

a. A check for this type of error would have to be

made before the information was transmitted to the
IT department.
b. Batch total.
c. Sequence check
d. Valid-code test.

56. 56. Which of the following is not an application con- d. Separation of duties
trol? between computer pro-
grammer and operators.
a. Preprocessing authorization of sales transactions
b. Reasonableness test for unit selling price of sale.
c. Post-processing review of sales transactions by the
sales department.
d. Separation of duties between computer program-
mer and operators.

57. 57. Which of the following is correct? d. Check digits are de-
signed to detect transcrip-
a. Check digits should be used for all data codes. tion errors.
b. Check digits are always placed at the end of a data
code.
18 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

c. Check digits do not affect processing efficiency.

d. Check digits are designed to detect transcription
errors.

58. 58. A clerk inadvertently entered an account number c. Self-checking digit

12368 rather than account number 12638. In process-
ing this transaction, the error would be detected with
which of the following controls?

a. Batch total
b. Key verifying
c. Self-checking digit
d. An internal consistency check

59. 59. Totals of amounts in computer-record data fields, b. Hash totals

which are NOT usually added but are used only for
data processing control purposes are called.

a. Records totals
b. Hash totals
c. Processing data totals
d. Field totals.

60. 60. If a control total were to be computed on each of c. Department numbers.

the following data items, which would best be identi-
fied as a hash total for a payroll CIS application?

a. Net pay.
b. Hours worked.
c. Department numbers.
d. Total debits and total credits.

61.

19 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

61. In updating a computerized accounts receivable c. The sum of the cash de-
file, which one of the following would be used as a posits less the discounts
batch control to verify the accuracy of the posting of taken by customers.
cash receipts remittances?

a. The sum of the cash deposits plus the discounts less

the sales returns.
b. The sum of the cash deposits.
c. The sum of the cash deposits less the discounts
taken by customers.
d. The sum of the cash deposits plus the discounts
taken by customers.

62. 62. Which statement is NOT correct? The goal of batch b. Transactions are
controls is to ensure that during processing processed more than
once.
a. Transactions are not omitted.
b. Transactions are processed more than once.
c. Transactions are not added
d. An audit trail is created.

63. 63. An example of a hash total Is c. Sum of the so-

cial security numbers -
a. Total payroll checks - P12,315. 12,555,437,251.
b. Total number of employees - 10.
c. Sum of the social security numbers -
12,555,437,251.
d. None of the above.

64. 64. The employee entered "40" in the "hours worked b. Limit check
per day" field. Which check would detect this uninten-
tional error?

20 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

a. Numeric/alphabetic check
b. Limit check
c. Sign check
d. Missing data check

65. 65. Output controls are not designed to assure that d. Used appropriately by
information generated by the computer are: management.

a. Accurate.
b. Distributed only to authorized people.
c. Complete.
d. Used appropriately by management.

66. 66. Output controls necd to be designed for which of a. Detecting errors after
the following data integrity objectives? the processing is complet-
ed
a. Detecting errors after the processing is completed
b. Preventing ettors before the processing is complet-
ed
c. Detecting errors in the general ledger adjustment
process
d. Preventing errors in separation of duties for CIS
personnel

67. 67. An unauthorized employee took computer print- d. A report distribution

outs from output bins accessible to all employees. A control.
control which would have prevented this occurrence
is

a. A storage/retention control.
b. An output review control.
c. A spooler file control.
d. A report distribution control.
21 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

68. 68. The most important output control is b. Review of the data for
reasonableness by some-
a. Distribution control, which assures that only autho- one who knows what the
rized personnel receive the reports generated by the output should look like.
system.
b. Review of the data for reasonableness by someone
who knows what the output should look like.
c. Control totals, which are used to verify that the
computer's results are correct.
d. Logic tests, which verify that no mistakes were
made in processing.

69. 69. Which of the following is not an application con- b. Hardware controls
trol?
a. Processing controls
b. Hardware controls
c. Output control
d. Input controls

70. 70. Which of the following is likely to be of least impor- d. The cost/benefit of data
tance to an auditor in considering the internal control processing operations.
in a company with computer processing?

a. The segregation of duties within the computer cen-

ter.
b. The control over source documents.
c. The documentation maintained for accounting ap-
plications.
d. The cost/benefit of data processing operations.

71. 71. Controls over output are not designed to assure d. Relevant
that data generated by the computer are
22 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

a. Accurate
b. Distributed only to authorized people
c. Complete
d. Relevant

72. 72. Most auditors evaluate application and general b. Most auditors evaluate
contiols in what manner? the effectiveness of gen-
eral controls before evalu-
a. Most auditors evaluate application and general con- ating application controls.
trols simultaneously.
b. Most auditors evaluate the effectiveness of general
controls before evaluating application controls.
c. Most auditors evaluate the effectiveness of applica-
tion controls before evaluating general controls.
d. Most auditors evaluate application and general con-
trols only if they do not intend to rely on systems
controls

73. 73. In their consideration of a client's CIS controls, the b. Hash total.
auditors will encounter general controls and applica-
tion controls. Which of the following is an application
control?

a. The operations manual.

b. Hash total.
c. Systems documentation.
d. Control over program changes.

74. 74. Which of the following is not a general control? a. Reasonableness test for
unit selling price of a sale.
a. Reasonableness test for unit selling price of a sale.
b. Equipment failure causes error messages on moni-
23 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

tor.
c. Separation of duties between programmer and op-
erators.
d. Adequate program run instructions for operating
the computer.

75. 75. It involves pplication of audiing procedures using b. Computer assisted au-
the computer as an audirtool. This includes computer dit technique
programs and data the auditor uses as part of the
audit procedures to process data of audit significance
contained in an entity's information systems.

a. Test data approach

b. Computer assisted audit technique
c. Generalized audit software
d. Auditing around the computer

76. 76. The process of assessing control risk considering c. Auditing around the
only non IT controls is known as? computer.

a. Integrated test facility

b. The test data approach.
c. Auditing around the computer.
d. Generalized audit software.

77. 77. When auditing "around" the computer, the inde- d. CIS output
pendent auditor focuses solely upon the source doc-
uments and

a. Test data
b. CIS processing
c. Compliance techniques
d. CIS output
24 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

78. 78. Which of the following CIS generally can be audit- a. A system that per-
ed without examining or directly testing the computer forms relatively uncompli-
programs of the system? cated processes and pro-
duces detail output
a. A system that performs relatively uncomplicated
processes and produces detail output
b. A system that affects a number of essential master
files and produces no a limited output c. A system that
updates a few essential master files and produces no
printed output other than final balances
d. A system that uses an on-line real-time processing
feature.

79. 79. When the client uses a computer but the auditor a. Computer programs
chooses to use only the non-IT segment of internal must be available in Eng-
control to assess control risk, it is referred to as au- lish
diting around the computer. Which one of the follow-
ing conditions need not be present in order to audit
around the computer?

a. Computer programs must be available in English

b. The source documents must be available in a
non-machine language.
c. The documents must be filed in a manner that
makes it possible to locate them.
d. The output must be listed in sufficient detail to
enable the auditor to trace individual transactions

80. 80. Which of the following is not a characteristic of a c. The posting of a trans-
batch-processed computersystem? action, as it occurs, to sev-
eral files, without interme-
a. The production of numerous printouts. diate printouts.
25 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

b. Keypunching of transactions, followed by machine

processing.
c. The posting of a transaction, as it occurs, to several
files, without intermediate printouts.
d. The collection of like transactions that are sorted
and processed sequentially against a master file.

81. 81. Which of the following procedures is an example a. The auditor traces
of auditing "around" the computer? adding machine tapes of
sales order batch totals to
a. The auditor traces adding machine tapes of sales a computer printout of the
order batch totals to a computer printout of the sales sales journal.
journal.
b. The auditor develops a set of hypothetiçal sales
transactions and, using the client's computer pro-
gram, enters the transactions into the system and
observes the processing flow.
c. The auditor enters hypothetical transactions into
the client's processing system during client process-
ing of live" data.
d. The auditor observes client personnel as they
process the biweekly payroll. The auditor is primarily
concerned with computer rejection of data that fails
to meet reasonableness limits.

82. 82. A disadvantage of auditing around the computer a. Permits no direct as-
is that it sessment of actual pro-
cessing.
a. Permits no direct assessment of actual processing.
b. Requires highly skilled auditors.
c. Demands intensive use of machine resources. d.
Interacts actively with auditee applications.

26 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

83. 83. Auditing by testing the input and output of an IT a. Not detect program er-
system instead of computer program itself will rors which do not show up
in the output sampled.
a. Not detect program errors which do not show up in
the output sampled.
b. Detect all program errors, regardless of the nature
of the output
c. Provide the auditor with the same type of evidence.
d. Not provide the auditor with confidence in the re-
sults of the auditing procedures.

84. 84. Which of the following is NOT a common type of b. Auditing around the
white box approach? computer

a. Test data
b. Auditing around the computer
c. Integrated test facility
d. Parallel simulation

85. 85. Compliance testing of an advanced CIS b. Can be performed us-

ing actual transactions or
simulated transactions
a. Can be performed using only actual transactions
since testing of simulated transactions is of no conse-
quence
b. Can be performed using actual transactions or sim-
ulated transactions
c. Is impractical since many procedures within the
CIS activity leave no visible evidence of having been
performed
d. Is inadvisable because it may distort the evidence in
master files

27 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

86. 86. Which of the following best describes the test data a. Auditors process their
approach? own test data using the
clients computer system
a. Auditors process their own test data using the and application program
clients computer system and application program
b. Auditors process their own test data using their own
computers that simulate the client's computer system
c. Auditors use auditor-controlled software to do the
same operations that the client's software does, using
the same data files
d. Auditors use client-controlled software to do the
same operations that the client's software does, using
auditor created data files

87. 87. When auditing a computerized system, an auditor b. Involves introduc-

may use the test data approach as an audit tool. This ing simulated transactions
technique. into the client's actual ap-
plication programs.
a. Is more applicable to independent audits than in-
ternal audits.
b. Involves introducing simulated transactions into
the client's actual application programs. c. Is a com-
monly used audit technique for auditing around the
computer.
d. Should not involve the actual application programs
the client uses throughout the year, since use of the
actual programs would contaminate the client's ac-
counting data.

88. 88. Creating simulated transactions that are b. Use of test data.
processed through a system to generate results that
are compared with predetermined results, is an audit-

28 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

ing procedure referred to as

a. Program checking
b. Use of test data.
c. Completing outstanding jobs.
d. Parallel simulation.

89. 89. An auditor estimates that 10,000 checks were is- d. One transaction
sued during the accounting period. If a computer ap-
plication control which performs a limit check for each
check request is to be subjected to the auditor's test
data approach, the sample should include

a. Approximately 1,000 test items

b. A number of test items determined by the auditor
to be sufficient under the circumstances
c. A number of test items determined by the auditor's
reference to the appropriate sampling tables
d. One transaction

90. 90. An integrated test facility (IT) would be appropriate b. Verify processing ac-
when the auditor needs to curacy concurrently with
processing.
a. Trace a complex logic path through an application
system.
b. Verify processing accuracy concurrently with pro-
cessing.
c. Monitor transactions in an application system con-
tinuously.
d. Verify load module integrity for production pro-
grams.

91. a. Test data approach.

29 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

91. The auditor's objective to determine whether the

client's computer programs can correctly handle valid
and invalid transactions as they arise is accomplished
through the

a. Test data approach.

b. Generalized audit software approach.
c. Microcomputer-aided auditing approach.
d. Generally accepted auditing standards.

92. 92. When an auditor tests a computerized accounting d. Test data should include
system, which of the following is true of the test data data that the clients sys-
approach? tem should accept or re-
ject
a. Several transactions of each type must be tested
b. Test data must consist of all possible valid and in-
valid conditions
c. The program tested is different from the program
used throughout the year by the client
d. Test data should include data that the clients system
should accept or reject

93. 93. Which of the following statements is not true to c. The test data must
the test data approach when testing a computerized cousist of all possible valid
accounting system? and invalid conditions

a. The test needs to consist of only those valid and

invalid conditions which interest the auditor
b. Only one transaction of each type need be tested
c. The test data must cousist of all possible valid and
invalid conditions
d. Test data are processed by the client's computed
programs under the auditor's control
30 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

94. 94. In auditing through a computer, the test data c. Procedures contained
method is used by auditors to test the within the program.

a. Accuracy of input data.

b. Validity of the output.
c. Procedures contained within the program.
d. Normalcy of distribution of test data.

95. 95. An auditor who is testing IT controls in a payroll a. Time tickets with invalid
system would most likely use test data that contain job numbers
conditions such as

a. Time tickets with invalid job numbers

b. Overtime not approved by supervisors
c. Deductions not authorized by employees
d. Payroll checks with authorized signatures

96. 96. Which of the following computer-assisted auditing c. Integrated test facility.
techniques allows fictitious and real transactions to be
processed together without client ocrating personnel
being aware of the testing process?

a. Parallel simulation.
b. Generalized audit software programming.
c. Integrated test facility.
d. Test data approach.

97. 97. A primary reason auditors are reluctant to use an d. Identify and reverse the
ITF is that it requires them to fictitious entries to avoid
contamination of the mas-
a. Reserve specific master file records and process ter file
them at regular intervals

31 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

b. Collect transaction and master file records in a sep-

arate file
c. Notify user personnel so they can make manual
adjustments to output
d. Identify and reverse the fictitious entries to avoid
contamination of the master file

98. 98. Which of the following is a disadvantage of the b. Removing the fictitious
integrated test facility approach? transactions from the sys-
tem is somewhat difficult
a. In establishing fictitious entities, the auditor may be and, if not done careful-
compromising audit independence. ly, may contaminate the
b. Removing the fictitious transactions from the sys- client's
tem is somewhat difficult and, if not done carefully,
may contaminate the client's
c. ITF is simply an automated version of auditing
"around" the computer.
d. The auditor may not always have a current copy of
the authorized version of the client's program.

99. 99. The audit approach in which the auditor runs b. The generalized audit
his/her own program on a controlled basis in order software approach.
to verify the client's data recorded in a machine lan-
guage is

a. The test data approach.

b. The generalized audit software approach. c. The
microcomputer-aided auditing approach.
d. Called auditing around the computer.

100. 100. Brandy Corporation has numerous customers. A b. Develop a program

customer file is kept on disk storage. Each account to compare credit limits
in the customer file contains name, address, credit with account balances and
32 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

limit, and account balance. The auditor wishes to test print out the details of any
this file to determine whether credit limits are being account with a balance ex-
exceeded. The best procedure for the auditor to follow ceeding its credit limit.
would be to:

a. Develop test data that would cause some account

balance to exceed the credit limit and determine if the
system properly detects such situations.
b. Develop a program to compare credit limits with
account balances and print out the details of any ac-
count with a balance exceeding its credit limit.
c. Require a printout of all account balances so they
can be manually checked against the credit limits.
d. Request a printout of a sample of account balances
so they can be individually checked against the credit
limits.

101. 101. Which of the following methods of testing appli- a. Parallel simulation
cation controls utilizes a generalized audit software
package prepared by the auditors?

a. Parallel simulation
b. Integrated testing facility approach
c. Test data approach
d. Exception report tests

102. 102. This question is based on the following flowchart: b. Parallel simulation
This flowchart depicts (dili ma insert and flowchart kay
free version ra)

a. Program code checking

b. Parallel simulation

33 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

c. Integrated test facility

d. Controlled reprocessing

103. 103. When performing a parallel simulation the audi- b. Can be applied to a vari-
tor may use generalized audit software (GAS). Which ety of client's after detailed
of the following is not seen as an advantage to using customizations
GAS?

a. Auditors can learn the software in a short period of

time
b. Can be applied to a variety of client's after detailed
customizations
c. Can be applied to a variety of client's with minimal
adjustments to the software
d. Greatly accelerates audit testing over manual pro-
cedures

104. 104. Parallel simulation is an audit technique em- d. Live transactions are
ployed to verify processing by making use of audit processed using test pro-
test programs. These audit test programs "simulate" grams.
the processing logic of an application program or
progress under review. Which statement indicates the
use of parallel simulation audit techniques?

a. Live transactions are processed using live programs

b. Live transactions are processed with test master file
c. Test transactions are processed using test pro-
grams
d. Live transactions are processed using test pro-
grams.

105. 105. Which of the following is not one of the three cat- a. Pilot simulation
egories of testing strategies when auditing through
34 / 35
 AUDIT IN CIS ENVIRONMENT - SALOSAGCOL
Study online at https://quizlet.com/_gtn4la

the computer?

a. Pilot simulation
b. Parallel simulation
c. Test data approach
d. Embedded audit module

106. 106. Which of the following computer-assisted audit- c. Embedded audit mod-
ing techniques inserts an audit module in the client's ule
application system to identify specific types of trans-
actions?

a. Parallel simulation testing

b. Test data approach
c. Embedded audit module
d. Generalized audit software testing

35 / 35