Microcomputers are generally under the control of the data processing department and use the same control features.. Processing simulated file data provides the auditor with information
Trang 1Systems (CBIS) MULTIPLE CHOICE:
1 In the weekly computer run to prepare payroll checks, a
check was printed for an employee who had been
terminated the previous week Which of the
or ensuring its prompt detection?
a A control total for hours worked, prepared from time cards collected by the timekeeping department
b Requiring the treasurer's office to account for the
number of the pre-numbered checks issued to the CBIS department for the processing of the payroll
c Use of a check digit for employee numbers
d Use of a header label for the payroll input sheet
ANSWER: A 2 An auditor is preparing test data for use in the audit of a computer based accounts receivable application Which of the following items would be appropriate to include as an item in the test data?
a A transaction record which contains an incorrect master file control total
b A master file record which contains an invalid customer identification number
c A master file record which contains an incorrect master file control total
d A transaction record which contains an invalid customer identification number
ANSWER: D 3 Unauthorized alteration of on-line records can be prevented by employing:
a Key verification
b Computer sequence checks
c Computer matching
d Data base access controls ANSWER: D
120
Trang 24 In auditing through a computer, the test data method is used
by auditors to test the
a Accuracy of input data
b Validity of the output
c Procedures contained within the program
d Normalcy of distribution of test data
ANSWER: C 5 In the preliminary survey the auditor learns that a department has several microcomputers Which of the following is usually true and should be considered in planning the audit? a Microcomputers, though small, are capable of processing financial information, and physical security is a
control concern
b Microcomputers are limited to applications such as
worksheet generation and do not present a significant audit risk
c Microcomputers are generally under the control of the data processing department and use the same control
features
d Microcomputers are too small to contain any built-in control features Therefore, other controls must be relied upon
ANSWER: A 6 The primary reason for internal auditing's involvement in the development of new computer-based sysstems is to: a Plan post-implementation reviews
b Promote adequate controls
c Train auditors in CBIS techniques
d Reduce overall audit effort
ANSWER: B 7 Which of the following is an advantage of generalized computer audit packages?
a They are all written in one identical computer language b They can be used for audits of clients that use
differing CBIS equipment and file formats
c They have reduced the need for the auditor to study
input controls for CBIS related procedures
d Their use can be substituted for a relatively large part of the required control testing
Trang 3
ANSWER: B
8 Processing simulated file data provides the auditor with
information about the reliability of controls from evidence that exists in simulated files One of the techniques
involved in this approach makes use of
a Controlled reprocessing
b Program code checking
c Printout reviews
d Integrated test facility
ANSWER: D 9 Which of the following statements most likely represents a disadvantage for an entity that keeps microcomputer-prepared data files rather than manually prepared files?
a It is usually more difficult to detect transposition errors
b Transactions are usually authorized before they are
executed and recorded
c It is usually easier for unauthorized persons to access and alter the files
d Random error associated with processing similar
transactions in different ways is usually greater
ANSWER: C 10 The possibility of losing a large amount of information stored in computer files most likely would be reduced by the use of
a Back-up files b Check digits
c Completeness tests d Conversion verification
ANSWER: A 11 An integrated test facility (ITF) would be appropriate when the auditor needs to
a Trace a complex logic path through an application system b Verify processing accuracy concurrently with processing c Monitor transactions in an application system
continuously
d Verify load module integrity for production programs
Trang 4ANSWER: B
12 Where computer processing is used in significant accounting
applications, internal accounting control procedures may be defined by classifying control procedures into two types:
general and
a Administrative
b Specific
c Application
d Authorization
ANSWER: C 13 The increased presence of the microcomputer in the workplace has resulted in an increasing number of persons having access to the computer A control that is often used to prevent unauthorized access to sensitive programs is: a Backup copies of the diskettes
b Passwords for each of the users
c Disaster-recovery procedures
d Record counts of the number of input transactions in a batch being processed
ANSWER: B 14 Checklists, systems development methodology, and staff hiring are examples of what type of controls?
a Detective
b Preventive
c Subjective
d Corrective
ANSWER: B 15 When an on-line, real-time (OLRT) computer-based processing system is in use, internal control can be strengthened by a Providing for the separation of duties between
keypunching and error listing operations
b Attaching plastic file protection rings to reels of
magnetic tape before new data can be entered on the
file
c Making a validity check of an identification number
before a user can obtain access to the computer files d Preparing batch totals to provide assurance that file updates are made for the entire input
Trang 5
ANSWER: C
16 When auditing "around" the computer, the independent auditor
focuses solely upon the source documents and
a Test data
b CBIS processing
c Control techniques
d CBIS output
ANSWER: D 17 One of the features that distinguishes computer processing from manual processing is
a Computer processing virtually eliminates the occurrence of computational error normally associated with manual processing
b Errors or fraud in computer processing will be detected soon after their occurrences
c The potential for systematic error is ordinarily greater in manual processing than in computerized processing d Most computer systems are designed so that transaction trails useful for audit purposes do not exist
ANSWER: A 18 Given the increasing use of microcomputers as a means for accessing data bases, along with on-line real-time processing, companies face a serious challenge relating to data security Which of the following is not an appropriate means for meeting this challenge? a Institute a policy of strict identification and password controls housed in the computer software that permit only specified individuals to access the computer files and perform a given function b Limit terminals to perform only certain transactions c Program software to produce a log of transactions showing date, time, type of transaction, and operator d Prohibit the networking of microcomputers and do not permit users to access centralized data bases ANSWER: D 19 What type of computer-based system is characterized by data that are assembled from more than one location and records that are updated immediately?
Trang 6a Microcomputer system
b Minicomputer system
c Batch processing system
d Online real-time system
ANSWER: D 20 Company A has recently converted its manual payroll to a computer-based system Under the old system, employees who had resigned or been terminated were occasionally kept on the payroll and their checks were claimed and cashed by other employees, in collusion with shop foremen The controller is concerned that this practice not be allowed to continue under the new system The best control for preventing this form of "payroll padding" would be to a Conduct exit interviews with all employees leaving the company, regardless of reason b Require foremen to obtain a signed receipt from each employee claiming a payroll check c Require the human resources department to authorize all hires and terminations, and to forward a current computerized list of active employee numbers to payroll prior to processing Program the computer to reject inactive employee numbers d Install time clocks for use by all hourly employees ANSWER: C 21 Compared to a manual system, a CBIS generally
1 Reduces segregation of duties
2 Increases segregation of duties
3 Decreases manual inspection of processing results
4 Increases manual inspection of processing results
a 1 and 3
b 1 and 4
c 2 and 3
d 2 and 4
ANSWER: A 22 One of the major problems in a CBIS is that incompatible functions may be performed by the same individual One compensating control for this is the use of
a Echo checks
b A self-checking digit system
Trang 7
c Computer generated hash totals
d A computer log
ANSWER: D 23 Which of the following processing controls would be most
effective in assisting a store manager to ascertain whether the payroll transaction data were processed in their entirety? a Payroll file header record
b Transaction identification codes
c Processing control totals
d Programmed exception reporting
ANSWER: C 24 An organizational control over CBIS operations is
a Run-to-run balancing of control totals
b Check digit verification of unique identifiers
c Separation of operating and programming functions
d Maintenance of output distribution logs
ANSWER: C 25 Which of the following methods of testing application controls utilizes a generalized audit software package prepared by the auditors?
a Parallel simulation
b Integrated testing facility approach
c Test data approach
d Exception report tests
ANSWER: A 26 An unauthorized employee took computer printouts from output bins accessible to all employees A control which would have prevented this occurrence is
a A storage/retention control
b A spooler file control
c An output review control
d A report distribution control ANSWER: D
27 Which of the following is a disadvantage of the integrated
test facility approach?
Trang 8a In establishing fictitious entities, the auditor may be
compromising audit independence
b Removing the fictitious transactions from the system is
somewhat difficult and, if not done carefully, may contaminate the client's files
c ITF is simply an automated version of auditing "around"
the computer
d The auditor may not always have a current copy of the
authorized version of the client's program
ANSWER: B
28 Totals of amounts in computer-record data fields which are
not usually added for other purposes but are used only
for data processing control purposes are called
a Record totals
b Hash totals
c Processing data totals
d Field totals
ANSWER: B 29 A hash total of employee numbers is part of the input to a payroll master file update program The program compares the hash total to the total computed for transactions applied to the master file The purpose of this procedure is to:
a Verify that employee numbers are valid
b Verify that only authorized employees are paid
c Detect errors in payroll calculations
d Detect the omission of transaction processing
ANSWER: D 30 Matthews Corp has changed from a system of recording time worked on clock cards to a computerized payroll system in which employees record time in and out with magnetic cards The CBIS automatically updates all payroll records Because of this change
a A generalized computer audit program must be used
b Part of the audit trail is altered
c The potential for payroll related fraud is diminished d Transactions must be processed in batches
ANSWER: B
Trang 931 Generalized audit software is of primary interest to the
auditor in terms of its capability to
a Access information stored on computer files
b Select a sample of items for testing
c Evaluate sample test results
d Test the accuracy of the client's calculations
ANSWER: A 32 An accounts payable program posted a payable to a vendor not included in the on-line vendor master file A control which would prevent this error is a
a Validity check
b Range check
c Reasonableness test
d Parity check
ANSWER: A 33 In a computerized sales processing system, which of the following controls is most effective in preventing sales invoice pricing errors? a Sales invoices are reviewed by the product managers before being mailed to customers b Current sales prices are stored in the computer, and, as stock numbers are entered from sales orders, the computer automatically prices the orders c Sales prices, as well as product numbers, are entered as sales orders are entered at remote terminal locations d Sales prices are reviewed and updated on a quarterly basis ANSWER: B 34 Which of the following is likely to be of least importance to an auditor in reviewing the internal control in a company with a CBIS?
a The segregation of duties within the data processing center b The control over source documents
c The documentation maintained for accounting
applications
d The cost/benefit ratio of data processing operations ANSWER: D
Trang 1035 For the accounting system of Acme Company, the amounts of
cash disbursements entered into an CBIS terminal are
transmitted to the computer that immediately
a Establish the validity of the account number
b Verify the amount was entered accurately
c Verify the authorization of the disbursement
d Prevent the overpayment of the account
ANSWER: B 36 Which of the following audit techniques most likely would provide an auditor with the most assurance about the
effectiveness of the operation of an internal control procedure? a Inquiry of client personnel
b Recomputation of account balance amounts
c Observation of client personnel
d Confirmation with outside parties
ANSWER: C 37 Adequate technical training and proficiency as an auditor encompasses an ability to understand a CBIS
sufficiently to identify and evaluate
a The processing and imparting of information
b Essential accounting control features
c All accounting control features
d The degree to which programming conforms with application of generally accepted accounting principles
ANSWER: B 38 Which of the following is not a major reason why an accounting audit trail should be maintained for a computer system?
a Query answering
b Deterrent to fraud c Monitoring purposes
d Analytical review
ANSWER: D 39 Adequate control over access to data processing is required to
Trang 11a Prevent improper use or manipulation of data files
and programs
b Ensure that only console operators have access to
program documentation
c Minimize the need for backup data files
d Ensure that hardware controls are operating effectively and as designed by the computer manufacturer
ANSWER: A 40 When testing a computerized accounting system, which of the following is not true of the test data approach?
a The test data need consist of only those valid and
invalid conditions in which the auditor is interested b Only one transaction of each type need be tested
c Test data are processed by the client's computer
programs under the auditor's control
d The test data must consist of all possible valid and invalid conditions
ANSWER: D 41 In studying a client's internal controls, an auditor must be able to distinguish between prevention controls and detection controls Of the following data processing controls, which is the best detection control?
a Use of data encryption techniques
b Review of machine utilization logs
c Policy requiring password security
d Backup and recovery procedure ANSWER: B
42 Which of the following procedures is an example of auditing
"around" the computer?
a The auditor traces adding machine tapes of sales order batch totals to a computer printout of the sales
journal
b The auditor develops a set of hypothetical sales
transactions and, using the client's computer program, enters the transactions into the system and observes
the processing flow
c The auditor enters hypothetical transactions into the client's processing system during client processing of live" data
d The auditor observes client personnel as they process
the biweekly payroll The auditor is primarily