(QUIZ BEE)
GUIDELINES
(Team Players)
GUIDELINES
(Question and Point System)
Coverage:
80% Impact of Information Technology on the Audit
* Impact of IT Systems * IT Audit Approaches
* IT Controls * IT Auditor's Toolkit
* EDP Systems
20% Other topics previously discussed
GUIDELINES
(Play)
GUIDELINES
(Powers)
LET THE
BATTLE
BEGIN!
NO.
TOPIC
LEVEL
PLAYERS
IT Controls
Easy
Multiple Choice
This control feature in a computer system requires the
central processing unit (CPU) to send signals to the
printer to activate the print mechanism for each
character. The print mechanism, just prior to printing,
sends a signal back to the CPU verifying that the proper
print position has been activated.
A. Echo check.
B. Parity check.
C. Signal control.
D. Check digit control.
ANSWER
A.
Echo check.
NO.
TOPIC
LEVEL
PLAYERS
IT Audit Approach
Easy
True or False
Auditing around the computer is most appropriate
when the client has not maintained detailed output or
source documents in a form readable by humans.
ANSWER
FALSE
NO.
TOPIC
LEVEL
PLAYERS
Overview of Audit
Easy
Multiple Choice
In assessing audit risk, the CPA needs to do all of the
following except
A. Gather audit evidence in support of recorded
transactions.
B. Obtain an understanding of the client's system of
internal control.
C. Understand the economic substance of significant
transactions completed by the client.
D. Understand the entity and the industry in which it
operates.
ANSWER
A. Gather audit evidence in support of recorded
transactions.
NO.
TOPIC
LEVEL
PLAYERS
IT Audit Approaches
Easy
Multiple Choice
Which of the following is not a testing strategy when
auditing through the computer?
A. Pilot simulation.
B. Snapshot.
C. Parallel simulation.
D. Embedded audit module.
ANSWER
A.
Pilot simulation.
NO.
TOPIC
LEVEL
PLAYERS
Impact of IT System
Diff
True or False
Certain types of computer irregularity are caused by
unauthorized entries. One example is the trapdoor,
which is an unauthorized entry point through which an
individual may change data or instructions without
proper approval.
ANSWER
TRUE
NO.
TOPIC
LEVEL
PLAYERS
IT Controls
Ave
Identification
These are individuals performs an internal audit function
within the EDP department. They review input data
submitted by user departments, monitor computer
processing, review ad follow-up error detected by the
computer, and distribute output to different users.
ANSWER
Control group/ data input/output control
NO.
TOPIC
LEVEL
PLAYERS
IT Auditors Toolkit
Ave
True or False
One common use of generalized audit software is to
help the auditor identify weaknesses in the clients IT
control procedures.
ANSWER
FALSE
NO.
TOPIC
LEVEL
PLAYERS
IT Audit Approaches
Diff
Multiple Choice
An auditor who is testing IT controls in a payroll system
would most likely use test data that contain conditions
such as:
A. overtime not approved by supervisors.
B. time tickets with invalid job numbers.
C. deductions not authorized by employees.
D. payroll checks with unauthorized signatures.
ANSWER
B.
NO.
TOPIC
LEVEL
PLAYERS
Impact of IT Systems
Easy
True or False
One potential disadvantage of IT systems is the
reduction or elimination of source documents, which
reduces the visibility of the audit trail.
ANSWER
TRUE
NO.
TOPIC
LEVEL
PLAYERS
10
EDP System
Easy
True or False
Distributive data processing eliminates the need for data
security.
ANSWER
FALSE
NO.
TOPIC
LEVEL
PLAYERS
11
IT Controls
Ave
True or False
In IT systems, if general controls are effective, it
increases the auditors ability to rely on application
controls to reduce control risk.
ANSWER
TRUE
NO.
TOPIC
LEVEL
PLAYERS
12
Professional Standards
Ave
Multiple Choice
Which of the following underlies the application of
generally accepted auditing standards, particularly the
standards of field work and reporting?
A. The element of reasonable assurance.
B. The element of internal control.
C. The element of corroborating evidence.
D. The elements of materiality and relative risk.
ANSWER
D.
NO.
TOPIC
LEVEL
PLAYERS
13
IT Audit Approaches
Diff
Identification
The auditor creates dummy or fictitious transactions to
be processed simultaneously with the actual
transactions in the entitys computer system. This
technique is best used in evaluating integrated online
systems and complex programming logic.
ANSWER
Integrated test facility
NO.
TOPIC
LEVEL
PLAYERS
14
EDP System
Ave
True or False
Operational inefficiencies occur because accounts
common to many concurrent transactions need to be
updated in real time.
ANSWER
TRUE
NO.
TOPIC
LEVEL
PLAYERS
15
IT Audit Approaches
Easy
Identification
An audit approach wherein the auditor does not rely on
and testing controls embedded in computer application
programs.
ANSWER
Auditing around the computer/ black box approach
NO.
TOPIC
LEVEL
PLAYERS
16
Easy
Multiple Choice
As part of audit planning, CPAs should design audit
programs
for each individual audit and should include
audit steps and procedures to
A. Detect and eliminate fraud.
B. Increase the amount of management information
available.
C. Provide assurances that the objectives of the audit
are met.
D.
Ensure that only material items are audited.
ANSWER
C. Provide assurances that the objectives of the
audit are met.
NO.
TOPIC
LEVEL
PLAYERS
17
EDP Systems
Ave
Identification
It is a network of remote computer sites, each having a
small computer that is connected to a main computer
system.
ANSWER
Distributed systems/ distributed data processing
system
NO.
TOPIC
LEVEL
PLAYERS
18
Impact of IT Systems
Easy
Multiple Choice
Which of the following is not a risk to IT systems?
A. Need for IT experienced staff
B. Separation of IT duties from accounting functions
C. Improved audit trail
D. Hardware and data vulnerability
ANSWER
C.
NO.
TOPIC
LEVEL
PLAYERS
19
IT Auditors Toolkit
Ave
Identification
These are computer programs and data which the
auditor uses as part of the audit procedures to process
data of audit significance contained in the entitys
environment.
ANSWER
Computer assisted audit techniques
NO.
TOPIC
LEVEL
PLAYERS
20
Diff
Multiple Choice
Internal control procedures are not designed to provide
reasonable assurance that
A. Transactions are executed in accordance with
management's authorization.
B. Irregularities will be eliminated.
C. Access to assets is permitted only in accordance with
management's authorization.
D. The recorded accountability for assets is compared
with the existing assets at reasonable intervals.
ANSWER
B.
NO.
TOPIC
LEVEL
PLAYERS
21
EDP Systems
Easy
Multiple Choice
Consider the following computer applications:
(1) At a catalog sales firm, as phone orders are entered into their
computer, both inventory and credit are immediately checked.
(2) A manufacturer's computer sends the coming week's
production schedule and parts orders to a supplier's computer.
Which statement below is true for these applications?
A. Both applications are examples of EDI.
B. Both applications are examples of on-line real-time
processing.
C. The first application is an example of EDI and the second is
an example of on-line real-time.
D. The first application is an example of on-line real-time and
the second is an example of EDI.
ANSWER
D. The first application is an example of on-line
real-time and the second is an example of EDI.
NO.
TOPIC
LEVEL
PLAYERS
22
Ave
Multiple Choice
To test for unsupported entries in the ledger, the
direction of audit testing should be from the
A. Ledger entries.
B. Journal entries.
C. Externally generated documents.
D. Original source documents.
ANSWER
A.
Ledger entries
NO.
TOPIC
LEVEL
PLAYERS
23
IT Controls
Easy
Identification
These controls provide assurance that transactions are
properly authorized, accurate and complete before
processing by the computer.
ANSWER
Input controls/ controls over inputs
NO.
TOPIC
LEVEL
PLAYERS
24
IT Audit Approach
Ave
Multiple Choice
Which of the following is a disadvantage of the
integrated test facility approach?
A. In establishing fictitious entities, the auditor may be
compromising audit independence.
B. Removing the fictitious transactions from the system
is somewhat difficult and, if not done carefully, may
contaminate the client's files.
C. ITF is simply an automated version of auditing
"around" the computer.
D. The auditor may not always have a current copy of
the authorized version of the client's program.
ANSWER
B. Removing the fictitious transactions from the
system is somewhat difficult and, if not done
carefully, may contaminate the client's files.
NO.
TOPIC
LEVEL
PLAYERS
25
IT Controls
Ave
Multiple Choice
Which of the following statements about general controls
is not correct?
A. Disaster recovery plans should identify alternative
hardware to process company data.
B. Successful IT development efforts require the
involvement of IT and non-IT personnel.
C. The chief information officer should report to senior
management and the board.
D. Programmers should have access to computer
operations to aid users in resolving problems.
ANSWER
D. Programmers should have access to
computer operations to aid users in resolving
problems.
NO.
TOPIC
LEVEL
PLAYERS
26
IT Controls
Ave
Multiple Choice
To obtain evidence that online access controls are
properly functioning, an auditor most likely would
A. Create checkpoints at periodic intervals after live
data processing to test for unauthorized use of the
system.
B. Enter invalid identification numbers or passwords to
ascertain whether the system rejects them.
C. Examine the transaction log to discover whether any
transactions were lost or entered twice due to a system
malfunction
D. Vouch a random sample of processed transactions to
assure proper authorization
ANSWER
B. Enter invalid identification numbers or
passwords to ascertain whether the system
rejects them.
NO.
TOPIC
LEVEL
PLAYERS
27
IT Audit Approach
Ave
Multiple Choice
When the auditor encounters sophisticated computer-based
systems, he or she may need to modify the audit approach. Of
the following conditions, which one is not a valid reason for
modifying the audit approach?
A. More advanced computer systems produce less
documentation, thus reducing the visibility of the audit trail.
B. In complex computer-based systems, computer verification
of data at the point of input replaces the manual verification
found in less sophisticated data processing systems.
C. Integrated data processing has replaced the more traditional
separation of duties that existed in manual and batch
processing systems.
D. Real-time processing of transactions has enabled the
auditor to concentrate less on the completeness assertion.
ANSWER
D. Real-time processing of transactions has
enabled the auditor to concentrate less on the
completeness assertion.
NO.
TOPIC
LEVEL
PLAYERS
28
IT Controls
Diff
Multiple Choice
A data warehouse is an example of:
A. On-line analytical processing.
B. On-line transaction processing.
C. Essential information batch processing.
D. Decentralized processing.
ANSWER
A.
NO.
TOPIC
LEVEL
PLAYERS
29
IT Controls
Diff
Identification
It is a system of hardware and software that monitors
and controls the flow of e-commerce communications by
channeling all network connections through controls that
verify external users, grant accesses to authorized
users, deny access to unauthorized users, and direct
authorized users to requested programs or data.
ANSWER
Firewall
NO.
TOPIC
LEVEL
PLAYERS
30
Diff
Multiple Choice
When the auditor has the same level of willingness to
risk that material misstatements will exist after the audit
is finished for all financial statement cycles:
A. a different extent of evidence will likely be needed for
various cycles.
B. the same amount of evidence will be gathered for
each cycle.
C. the auditor has not followed generally accepted
auditing standards.
D. the level for each cycle must be no more than 2% so
that the entire audit does not exceed 10%.
ANSWER
A. a different extent of evidence will likely be
needed for various cycles.
NO.
TOPIC
LEVEL
PLAYERS
31
IT Audit Approaches
Diff
Multiple Choice
Douga Corporation has numerous customers. A customer file is
kept on disk storage. Each customer file contains name, address,
credit limit, and account balance. The auditor wishes to test this file
to determine whether the credit limits are being exceeded. The
best procedure for the auditor to follow would be to
A. Develop test data that would cause some account balances to
exceed the credit limit and determine if the system properly
detects such situations.
B. Develop a program to compare credit limits with account
balances and print out the details of any account with a balance
exceeding its credit limit.
C. Request a printout of all account balances so they can be
manually checked against the credit limits.
D. Request a printout of a sample of account balances so they
can be individually checked against the credit limits.
ANSWER
B. Develop a program to compare credit limits
with account balances and print out the details
of any account with a balance exceeding its
credit limit.
END