Homework answers / question archive / 1) Audit procedures in a database environment will be affected principally by The extent to which the data in the database are used by the accounting system

1) Audit procedures in a database environment will be affected principally by The extent to which the data in the database are used by the accounting system

Management

Share With

---

1) Audit procedures in a database environment will be affected principally by

1. 1. The extent to which the data in the database are used by the accounting system.
   2. The type and significance of financial transactions being processed.
   3. The nature of the database, the DBMS, the database administration tasks and the applications.
   4.  The general CIS controls which are particularly important in a database environment.

 

2. Which statement is incorrect regarding the characteristics of a CIS organizational structure?
   1. Certain data processing personnel may be the only ones with a detailed knowledge of the interrelationship between the source of data, how it is processed and the distribution and use of the output.
   2. Many conventional controls based on adequate segregation of incompatible functions may not exist, or in the absence of access and other controls, may be less effective.
   3. Transaction and master file data are often concentrated, usually in machine-readable form, either in one computer installation located centrally or in a number of installations distributed throughout an entity.
   4. Systems employing CIS methods do not include manual operations since the number of persons involved in the processing of financial information is significantly reduced.

 

3. System characteristics that may result from the nature of CIS processing include, except
   1. Absence of input documents.
   2. Lack of visible transaction trail.
   3. Lack of visible output.
   4. Difficulty of access to data and computer programs.

 

4. The development of CIS will generally result in design and procedural characteristics that are different from those found in manual systems. These different design and procedural aspectsof CIS include, except:
   1. Consistency of performance.
   2. Programmed control procedures.
   3. Vulnerability of data and program storage media
   4. Multiple transaction update of multiple computer files or databases.

 

5. Which statement is incorrect regarding internal controls in a CIS environment?
   1. Manual and computer control procedures comprise the overall controls affecting the CIS environment (general CIS controls) and the specific controls over the accounting applications (CIS application controls).
   2. The purpose of general CIS controls is to establish a framework of overall control over the CIS activities and to provide a reasonable level of assurance that the overall objectives of internal control are achieved.
   3. The purpose of CIS application controls is to establish specific control procedures over the application systems in order to provide reasonable assurance that all transactions are authorized and recorded, and are processed completely, accurately and on a timely basis.

 

 

1. 4. The internal controls over computer processing, which help to achieve the overall objectives of internal control, include only the procedures designed into computer programs.

 

6. General CIS controls may include, except:
   1. Organization and management controls.
   2. Delivery and support controls.
   3. Development and maintenance controls.
   4. Controls over computer data files.

 

7. 57. CIS application controls include, except
   1. Controls over input.
   2. Controls over processing and computer data files.
   3. Controls over output.
   4. Monitoring controls.

 

8. Which statement is incorrect regarding the review of general CIS controls and CIS application controls?
   1. The auditor should consider how these general CIS controls affect the CIS applications significant to the audit.
   2.  General CIS controls that relate to some or all applications are typically interdependent controls in that their operation is often essential to the effectiveness of CIS application controls.
   3. Control over input, processing, data files and output may be carried out by CIS personnel, by users of the system, by a separate control group, or may be programmed into application software.
   4. It may be more efficient to review the design of the application controls before reviewing the general controls.

 

9. Which statement is incorrect regarding the evaluation of general CIS controls and CIS application controls?
   1. The general CIS controls may have a pervasive effect on the processing of transactions in application systems.
   2. If general CIS controls are not effective, there may be a risk that misstatements might occur and go undetected in the application systems.
   3. Manual procedures exercised by users may provide effective control at the application level.
   4. Weaknesses in general CIS controls cannot preclude testing certain CIS application controls.

 

10. The applications of auditing procedures using the computer as an audit tool refer to
    1. Integrated test facility
    2. Auditing through the computer
    3. Data-based management system
    4. Computer assisted audit techniques

 

11. Which statement is incorrect regarding CAATs?
    1. CAATs are often an efficient means of testing a large number of transactions or controls over large populations.
    2. To ensure appropriate control procedures, the presence of the auditor is not necessarily required at the computer facility during the running of a CAAT.
    3.  The general principles outlined in PAPS 1009 apply in small entity IT environments.
    4. Where smaller volumes of data are processed, the use of CAATs is more cost effective.

 

12. Consists of generalized computer programs designed to perform common audit tasks or standardized data processing functions.
    1. Package or generalized audit software
    2. Utility programs
    3. Customized or purpose-written programs
    4. System management programs

 

 

 

 

 

 

13. Which of the following characteristics distinguishes computer processing from manual processing?
    1. Computer processing virtually eliminates the occurrence of computational error normally associated with manual processing.
    2. Errors or irregularities in computer processing will be detected soon after their occurrences.
    3. The potential for systematic error is ordinarily greater in manual processing than in computerized processing.
    4. Most computer systems are designed so that transaction trails useful for audit do not exist.

 

14. Which of the following most likely represents a significant deficiency in the internal control structure?
    1. The systems analyst review applications of data processing and maintains systems documentation.
    2. The systems programmer designs systems for computerized applications and maintains output controls.
    3. The control clerk establishes control over data received by the EDP department and reconciles control totals after processing
    4. The accounts payable clerk prepares data for computer processing and enters the data into the computer.

 

15. Which of the following activities would most likely be performed in the EDP Department?
    1. Initiation of changes to master records.
    2. Conversion of information to machine-readable form.
    3. Correction of transactional errors.
    4. Initiation of changes to existing applications.

 

16. For control purposes, which of the following should be organizationally segregated from the computer operations function?
    1. Data conversion
    2. Systems development
    3. Surveillance of CRT messages
    4. Minor maintenance according to a schedule

 

17. Mill Co. uses a batch processing method to process its sales transactions. Data on Mill’s sales transaction tape are electronically sorted by customer number and are subject to programmed edit checks in preparing its invoices, sales journals, and updated customer account balances. One of the direct outputs of the creation of this tape most likely would be a
    1. Report showing exceptions and control totals.
    2. Printout of the updated inventory records.
    3. Report showing overdue accounts receivable.
    4. Printout of the sales price master file.

 

18. Using microcomputers in auditing may affect the methods used to review the work of staff assistants because
    1. The audit field work standards for supervision may differ.
    2. Documenting the supervisory review may require assistance of consulting services personnel.

 

1. 3.  Supervisory personnel may not have an understanding of the capabilities and limitations of microcomputers.
   4. Working paper documentation may not contain readily observable details of calculations.

 

19. An auditor anticipates assessing control risk at a low level in a computerized environment. Under these circumstances, on which of the following procedures would the auditor initially focus?
    1. Programmed control procedures
    2. Output control procedures
    3. Application control procedures
    4. General control procedures

 

20. After the preliminary phase of the review of a client’s EDP controls, an auditor may decide not to perform tests of controls (compliance tests) related to the control procedures within the EDP portion of the client’s internal control structure. Which of the following would not be a valid reason for choosing to omit such tests?
    1. The controls duplicate operative controls existing elsewhere in the structure.
    2. There appear to be major weaknesses that would preclude reliance on the stated procedure.
    3.  The time and costs of testing exceed the time and costs in substantive testing if the tests of controls show the controls to be operative.
    4. The controls appear adequate.

 

21. Which of the following client electronic data processing (EDP) systems generally can be audited without examining or directly testing the EDP computer programs of the system?
    1. A system that performs relatively uncomplicated processes and produces detailed output.
    2. A system that affects a number of essential master files and produces a limited output.
    3. A system that updates a few essential master files and produces no printed output other than final balances.
    4. A system that performs relatively complicated processing and produces very little detailed output.

 

22. Computer systems are typically supported by a variety of utility software packages that are important to an auditor because they
    1. May enable unauthorized changes to data files if not properly controlled.
    2. Are very versatile programs that can be used on hardware of many manufacturers.
    3. May be significant components of a client’s application programs.
    4. Are written specifically to enable auditors to extract and sort data.

 

23. To obtain evidence that online access controls are properly functioning, an auditor most likely would
    1. Create checkpoints at periodic intervals after live data processing to test for unauthorized use of the system.
    2. Examine the transaction log to discover whether any transactions were lost or entered twice due to a system malfunction
    3. Enter invalid identification numbers or passwords to ascertain whether the system rejects them.
    4. Vouch a random sample of processed transactions to assure proper authorization

 

24.  Which of the following statements most likely represents a disadvantage for an entity that keeps microcomputer-prepared data files rather than manually prepared files?
    1. Attention is focused on the accuracy of the programming process rather than errors in individual transactions.
    2.  It is usually easier for unauthorized persons to access and alter the files.
    3.  Random error associated with processing similar transactions in different ways is usually greater.
    4.  It is usually more difficult to compare recorded accountability with physical count of assets.

 

25.  An auditor would least likely use computer software to
    1. Access client data files
    2. Assess EDP controls
    3. Prepare spreadsheets
    4. Construct parallel simulations

 

26. A primary advantage of using generalized audit software packages to audit the financial statements of a client that uses an EDP system is that the auditor may
    1. Consider increasing the use of substantive tests of transactions in place of analytical procedures.
    2. Substantiate the accuracy of data through self-checking digits and hash totals.
    3.  Reduce the level of required tests of controls to a relatively small amount.
    4.  Access information stored on computer files while having a limited understanding of the client’s hardware and software features.

 

27. Auditors often make use of computer programs that perform routine processing functions such as sorting and merging. These programs are made available by electronic data processing companies and others and are specifically referred to as
    1. Compiler programs
    2. Utility programs
    3. Supervisory programs
    4. User programs

 

28. Smith Corporation has numerous customers. A customer file is kept on disk storage. Each customer file contains name, address, credit limit, and account balance. The auditor wishes to test this file to determine whether the credit limits are being exceeded. The best procedure for the auditor to follow would be to
    1. Develop test data that would cause some account balances to exceed the credit limit and determine if the system properly detects such situations.
    2.  Develop a program to compare credit limits with account balances and print out the details of any account with a balance exceeding its credit limit.
    3.  Request a printout of all account balances so they can be manually checked against the credit limits.
    4.  Request a printout of a sample of account balances so they can be individually checked against the credit limits.

 

29. The use of generalized audit software package
    1. Relieves an auditor of the typical tasks of investigating exceptions, verifying sources of information, and evaluating reports.
    2.  Is a major aid in retrieving information from computerized files.
    3. Overcomes the need for an auditor to learn much about computers.
    4. Is a form of auditing around the computer.

 

30. An auditor used test data to verify the existence of controls in a certain computer program. Even though the program performed well on the test, the auditor may still have a concern that
    1. The program tested is the same one used in the regular production runs.
    2. Generalized audit software may have been a better tool to use.
    3. Data entry procedures may change and render the test useless.
    4. The test data will not be relevant in subsequent audit periods.

 

31. An auditor most likely would introduce test data into a computerized payroll system to test internal controls related to the
    1. Existence of unclaimed payroll checks held by supervisors.
    2. Early cashing of payroll checks by employees.
    3. Discovery of invalid employee I.D. numbers.
    4. Proper approval of overtime by supervisors.

 

32. When an auditor tests a computerized accounting system, which of the following is true of the test data approach?
    1. Test data must consist of all possible valid and invalid conditions.
    2. The program tested is different from the program used throughout the year by the client.
    3. Several transactions of each type must be tested.
    4. Test data are processed by the client’s computer programs under the auditor’s control.

 

33. Which of the following statements is not true to the test data approach when testing a computerized accounting system?
    1. The test need consist of only those valid and invalid conditions which interest the auditor
    2. Only one transaction of each type need be tested.
    3. The test data must consist of all possible valid and invalid conditions.
    4. Test data are processed by the client’s computer programs under the auditor’s control.

 

34. Which of the following is not among the errors that an auditor might include in the test data when auditing a client’s EDP system?
    1. Numeric characters in alphanumeric fields.
    2. Authorized code.
    3. Differences in description of units of measure.
    4. Illogical entries in fields whose logic is tested by programmed consistency checks.

 

35. An auditor who is testing EDP controls in a payroll system would most likely use test data that contain conditions such as
    1. Deductions not authorized by employees.
    2. Overtime not approved by supervisors.
    3. Time tickets with invalid job numbers.
    4. Payroll checks with unauthorized signatures.

 

36. Auditing by testing the input and output of an EDP system instead of the computer program itself will
    1. Not detect program errors which do not show up in the output sampled.
    2. Detect all program errors, regardless of the nature of the output.
    3. Provide the auditor with the same type of evidence.
    4. Not provide the auditor with confidence in the results of the auditing procedures.

 

37. Which of the following computer-assisted auditing techniques allows fictitious and real transactions to be processed together without client operating personnel being aware of the testing process?
    1. Integrated test facility
    2. Parallel simulation
    3. Input controls matrix
    4. Data entry monitor

 

38. Which of the following methods of testing application controls utilizes a generalized audit software package prepared by the auditors?
    1. Parallel simulation
    2. Test data approach
    3. Integrated testing facility approach
    4. Exception report tests

 

39. Misstatements in a batch computer system caused by incorrect programs or data may not be detected immediately because
    1. Errors in some transactions may cause rejection of other transactions in the batch.
    2. The identification of errors in input data typically is not part of the program.
    3. There are time delays in processing transactions in a batch system.
    4. The processing of transactions in a batch system is not uniform.

 

40. Which of the following is not a characteristic of a batch processed computer system?
    1. The collection of like transactions which are sorted and processed sequentially against a master file.
    2. Keypunching of transactions, followed by machine processing.
    3. The production of numerous printouts.
    4. The posting of a transaction, as it occurs, to several files, without immediate printouts.