CAATS-4
Short Description
Reviewer regarding CAATs...
Description
JOSE RIZAL UNIVERSITY 80 Shaw Boulevard, Mandaluyong City
Auditing in CIS Environment ACC63-401A
Computer-Assisted Audit Tools and Techniques Multiple Choice Questions Submitted to: Atty. Zander J. Plaza, CPA Prepared by: GROUP IV Leader: RED, Sunshine S. Members: ENRIQUEZ, Jayson ESCOBEDO, Xybelle NARVAEZ. Juana Marie PAZ, Gene Kelly RENIVA, Leandra ROMANA, Fatima Bianca ULAYE, Vanessa
Computer-Assisted Audit Tools and Techniques Multiple Choice Questions 1. The stage designed to ensure that the transactions are valid, accurate and complete. a. Batch control b. Validation control c. Input control d. Error control 2. The following are broad classes of Input control except: a. Source document control b. Output control c. Batch control d. Validation control 3. These are source documents that have unique sequential number on them. a. Post numbered source document b. Numbered source document c. Pre numbered source document d. None of the above 4. The following are types of errors that can corrupt data codes and cause processing errors except: a. Transcription errors b. Single transposition errors c. Double transposition errors d. Multiple transposition errors 5. This error occurs when two adjacent digits are reversed. a. Transcription errors b. Single transposition errors c. Double transposition errors d. Multiple transposition errors 6. The following are classes of transcription errors except: a. Multiplication b. Addition c. Truncation d. Substitution 7. This error occurs when non adjacent digits are transposed. a. Transcription errors b. Single transposition errors c. Double transposition errors
d. Multiple transposition errors 8. A control digit added to the code that is originally assigned that allows the integrity of the code to be established during subsequent processing. a. Check digits b. Cross digits c. Digits d. None of the above 9. An effective method of managing high volumes of transaction data through system. a. Single control b. Batch control c. Dual control d. None of the above 10. These controls are intended to detect errors in transaction before the data are processed. a. Single control b. Batch control c. Validation control d. None of the above 11. What are controls that must be exercised over physical source documents in systems that use them to initiate transactions? a. Validation Controls b. Batch Controls c. Check Digits d. None of the above 12. What method is used to establish application integrity by processing specially prepared sets of input data through production applications that are under review? a. White Box Approach b. Test Data Method c. Black Box Approach d. All of the above 13. What controls that are check on the integrity of data codes used in processing? a. Application Controls b. Input Controls c. Source Document Controls d. Data Coding Controls 14. It performs standard validation routines that are common to many different applications. a. Input Error correction
b. Case System Evaluation c. Generalized Validation Module d. Generalized Data Input System 15. These are the specific run-to-run control figures, EXCEPT: a. Recalculate Control Totals b. Transaction Codes c. Sequence Check d. All of the Above 16. Transcription errors fall into three classes. Except. a. Addition error b. Truncation error c. Substitution error d. None 17. An online data entry technique that can be employed when inexperienced personnel enter data is the use of. a. Overflow procedures b. Compatibility tests c. Prompting d. Checkpoints 18. Edit checks in a completed accounting system a. Are preventive controls b. Should be performed on transactions prior to updating a master file. c. Must be installed for the system to be operational. d. Should be performed immediately prior to output distribution. 19. An employee in the receiving department eyed in a shipment from a remote terminal and advertently omitted the purchase order number. The best systems control to detect this error would be. a. Completeness b. Batch total c. Sequence check d. Reasonableness test 20. An accounting system identification code that uses a sum-of-digits check digit will detect all of the ff. except. a. Validity errors b. Transposition errors c. Completeness errors d. Transcription errors 21. In an automated payroll processing environment, a department manager substituted the time card for a terminated employee with a time card for a
fictitious employee. The fictitious employee had the same pay rate and hours worked as the terminated employee. The best control technique to detect this action using employee identification numbers would be a a. batch total b. record count c. hash total d. subsequent check 22. An employee in the receiving department keyed in a shipment from a remote terminal and inadvertently omitted the purchase order number. The best systems control to detect this error would be a a. batch total b. completeness test c. sequence check d. reasonableness test 23. An online data entry technique that can be employed when inexperienced personnel enter data is the use of a. Overflow procedures. b. Prompting. c. Compatibility tests. d. Checkpoints 24. Edit checks in a computerized accounting system a. Are preventive controls. b. Should be performed on transactions prior to updating a master file. c. Must be installed for the system to be operational. d. Should be performed immediately prior to output distribution. 25. Which one of the following statements concerning concurrent auditing techniques is not correct? a. They allow monitoring a system on a continuous basis for fraudulent transactions. b. They are most useful in complex online systems in which audit trails have either become diminished or are very limited. c. They allow faster detection of unauthorized transactions. d. They are standard components of generic software packages. 26. In auditing computer-based systems, the integrated test facility (ITF) a. allows the auditor to assemble test transactions and run them through the computer system to test the integrity of controls on a sample data base b. is a set of specialized software routines that are designed to perform specialized audit tests and store audit evidence c. is a concurrent audit technique that establishes a special set of dummy master files and enters transactions to test the programs using the dummy files during regular processing runs d. uses an audit log to record transactions and data having special audit significance during regular processing runs
27. An accounting system identification code that uses a sum-of-digits check digit will detect all of the following errors except a. Completeness errors. b. Transcription errors. c. Transposition errors. d. Validity errors. 28. In order to prevent, detect, and correct errors and unauthorized tampering, a payroll system should have adequate controls. The best set of controls for a payroll system includes a. Batch and hash totals, record counts of each run, proper separation of duties, passwords and user codes, and backup copies of activity and master files. b. Employee supervision, batch totals, record counts of each run, and payments by check. c. Passwords and user codes, batch totals, employee supervision, and record counts of each run. d. Batch totals, record counts, user codes, proper separation of duties, and online edit checks. 29. Data input validation routines include a. Terminal logs. b. Passwords. c. Hash totals. d. Backup controls. 30. Whether or not a real-time program contains adequate controls is most effectively determined by the use of a. Audit software. b. An integrated test facility. c. A tagging routine. d. A tracing routine. 31. Which of the following is not a processing control? a. Control risk b. Reasonable Test c. Check digits d. Control total 32. Which of the following is correct? a. Check digits should be used for all data codes b. Check digits are always placed at the end of a data code c. Check digits do not affect processing efficiency d. Check digits are designed to detect transcription errors
33. A clerk inadvertently entered an account number 12368 rather than account number 12638. In processing this transaction, the error would be detected with which of the following controls? a. Batch total b. Key verifying c. Self-checking digit d. An internal consistency check 34. Total amounts in computer-record data fields, which are not usually added but are used only for data processing control purposes are called a. Record totals b. Hash totals c. Processing data totals d. Field totals 35. If a control total were to be computed on each of the following data items, which would be best identified as a hash total for a payroll CIS application? a. Net pay b. Hours worked c. Department numbers d. Total debits and total credits 36. Which is statement is not correct? The goal of batch controls is to ensure that during processing a. Transactions are not omitted b. Transactions are not added c. Transactions are processed more than once d. An audit trail is created 37. An example of hash total is a. Total payroll checks – P12,315 b. Total number of employees – 10 c. Sum of the social security numbers - 12,555,437,251 d. None of the above 38. The employee entered 40 in the hours worked per day field. Which check would detect this unintentional error? a. Numeric/alphabetic check b. Sign check c. Limit check d. Missing data check 39. When auditing around the computer, the independent auditor focuses solely upon the source documents and a. Test data b. CIS processing
c. Compliance techniques d. CIS output 40. Which of the following is not a common type of white box approach? a. Test data b. Integrated test facility c. Auditing around the computer d. Parallel simulation 41. Run-to-run control totals can be used for all of the following except a. to ensure that all data input is validated b. to ensure that only transactions of a similar type are being processed c. to ensure the records are in sequence and are not missing d. to ensure that no transaction is omitted 42. Methods used to maintain an audit trail in a computerized environment include all of the following except a. transaction logs b. unique transaction identifiers c. data encryption d. log of automatic transactions 43. A computer operator was in a hurry and accidentally used the wrong master file to process a transaction file. As a result, the accounts receivable master file was erased. Which control would prevent this from happening? a. header label check b. expiration date check c. version check d. validity check 44. Risk exposures associated with creating an output file as an intermediate step in the printing process (spooling) include all of the following actions by a computer criminal except a. gaining access to the output file and changing critical data values b. using a remote printer and incurring operating inefficiencies c. making a copy of the output file and using the copy to produce illegal output reports d. printing an extra hard copy of the output file 45. Which statement is NOT correct? a. Only successful transactions are recorded on a transaction log. b. Unsuccessful transactions are recorded in an error file. c. A transaction log is a temporary file. d. A hard copy transaction listing is provided to users. 46. Which statement is correct?
a. compiled programs are very susceptible to unauthorized modification b. the source program library stores application programs in source code form c. modifications are made to programs in machine code language d. the source program library management system increases operating efficiency 47. An example of a hash total is a. total payroll checks—$12,315 b. total number of employees—10 c. sum of the social security numbers—12,555,437,251 d. none of the above 48. The employee entered “40” in the “hours worked per day” field. Which check would detect this unintentional error? a. numeric/alphabetic data check b. sign check c. limit check d. missing data check 49. Which of the following is correct? a. Check digits should be used for all data codes. b. Check digits are always placed at the end of data codes. c. Check digits do not affect processing efficiency. d. Check digits are designed to detect transcription errors. 50. Which of the following is an example of an input error correction technique? a. immediate correction b. rejection of batch c. creation of error file d. all are examples of input error correction techniques 51. To obtain evidence that online access controls are properly functioning, an auditor most likely would a. Create checkpoints at periodic intervals after live data processing to test for unauthorized use of the system. b. Examine the transaction log to discover whether any transactions were lost or entered twice due to a system malfunction. c. Enter invalid identification numbers or passwords to ascertain whether the system rejects them. d. Vouch a random sample of processed transactions to assure proper authorization. 52. An auditor most likely would introduce test data into a computerized payroll system to test controls related to the
a. b. c. d.
Existence of unclaimed payroll checks held by supervisors. Early cashing of payroll checks by employees. Discovery of invalid employee LD. numbers. Proper approval of overtime by supervisors.
53. Which of the following is not among the errors that an auditor might include in the test data when auditing a client's computer system? a. Numeric characters in alphanumeric fields. b. Authorized code. c. Differences in description of units of measure. d. Illogical entries in fields whose logic is tested by programmed consistency checks. 54. Which of the following computer-assisted auditing techniques allows fictitious and real transactions to be processed together without client operating personnel being aware of the testing process? a. Integrated test facility. b. Input controls matrix. c. Parallel simulation. d. Data entry monitor. 55. Which of the following methods of testing application controls utilizes a generalized audit software package prepared by the auditors'? a. Parallel simulation. b. Integrated testing facility approach. c. Test data approach. d. Exception report tests. 56. In creating lead schedules for an audit engagement, a CPA often uses automated work paper software. What client information is needed to begin this process? a. Interim financial information such as third quarter sales, net income, and inventory and receivables balances. a. Specialized journal information such as the invoice and purchase order numbers of the last few sales and purchases of the year. b. General ledger information such as account numbers prior year account balances and current year unadjusted information. c. Adjusting entry information such as deferrals and accruals, and reclassification journal entries. 57. Using microcomputers in auditing may affect the methods used to review the work of staff assistants because a. The audit fieldwork standards for supervision may differ. b. Documenting the supervisory review may require assistance of consulting services personnel. c. Supervisory personnel may not have an understanding of the capabilities and limitations of microcomputers.
d. Working paper documentation may not contain readily observable detail is of calculations. 58. An auditor would least likely use computer software to a. Access client data files. b. Prepare spreadsheets. c. Assess computer control risk. d. Construct parallel simulations. 59. A primary advantage of using generalized audit software packages to audit the financial statements of a client that uses a computer system is that the auditor may a. Access information stored on computer files while having a limited understanding of the client's hardware and software features. b. Consider increasing the use of substantive tests of transactions in place of analytical procedures. c. Substantiate the accuracy of data through self-checking digits and hash totals. d. Reduce the level of required tests of controls 10 a relatively small amount. 60. Auditors often make use of computer programs that perform routine processing functions such as sorting and merging. These programs are made available by electronic data processing companies and others and are specifically referred to as a. Compiler programs. b. Supervisory programs. c. Utility programs. d. User programs. 61. These are programmed procedures designed to deal with potential exposures that threaten specific applications. a. Input controls b. Output controls c. Application controls d. Process controls 62. Application controls fall into three broad categories, except: a. Input controls b. Output controls c. Application controls d. Process controls 63. It is a control digit (or digits) added to the code when it is originally assigned that allows the integrity of the code to be established during subsequent processing. a. Check digits b. Batch controls
c. Data digits d. Field interrogation 64. STATEMENT 1: Validity checks compare actual values in a field against known acceptable values. STATEMENT 2: Validity checks are used to verify such things as transaction codes, state abbreviations or employee job skill codes. a. Both statements are correct. b. Both statements are wrong. c. Only statement 1 is correct. d. Only statement 2 is correct. 65. Its purpose is to ensure that the correct file is being processed by the system. a. Version checks b. Record interrogation c. File interrogation d. Expiration date check 66. Processing controls are divided into three categories, except: a. run-to-run controls b. operator intervention controls c. audit trail controls d. none of the above 67. Tests which verify that an individual, a programmed procedure, or a message attempting to access a system is authentic. a. Authenticity tests b. Accuracy tests c. Completeness tests d. Redundancy tests 68. What is the advantage of Test Data Techniques? a. Auditors must rely on computer services personnel. b. They require only minimal computer expertise on the part of Auditors. c. They provide a static picture of application integrity at a single point in time. d. Their relatively high cost of implementation, which results in audit inefficiency. 69. It requires the auditor to write a program that simulates key features or processes of application under review. a. Parallel simulation b. Black-box Approach c. Hash total d. Base case system evaluation
70. This group is responsible for verifying the accuracy of computer output before it is distributed to the user. a. Database administration b. Check Digit Group c. Data Digits Group d. Data Control Group
71. If a control total were to be computed on each of the following data items, which would best be identified as a hash total for a payroll computer application? a. Net pay. b. Department numbers. c. Hours worked. d. Total debits and total credits. 72. Auditing by testing the input and output of a computer system instead of the computer program itself will: a. Not detect program errors which do not show up in the output sampled. b. Provide the auditors with the same type of evidence. c. Detect all program errors, regardless of the nature of the output d. Not provide the auditors with the confidence in the results of the auditing procedures. 73. Parallel simulation programs used by the auditors for testing programs: a. Must simulate all functions of the production computer-application system. b. Cannot be developed with the aid of generalized audit software. c. Can use live data or test data. d. Is generally restricted to data base environments. 74. Smith Corporation has numerous customers. A customer file is kept on disk storage. Each account in the customer file contains name, address, credit limit, and account balance. The auditor wishes to test this file to determine whether credit limits are being exceeded. The best procedure for the auditor to follow would be to: a. Develop test data that would cause some account balance to exceed the credit limit and determine if the system properly detects such situations. b. Develop a program to compare credit limits with account balances and print out the details of any account with a balance exceeding its credit limit. c. Require a printout of all account balances so they can be manually checked against the credit limits. d. Request a printout of a sample of account balances so they can be individually checked against the credit limits. 75. In the weekly computer run to prepare payroll checks, a check was printed for an employee who had been terminated the previous week. Which of the following controls, if properly utilized, would have been most effective in preventing the error or ensuing its prompt detection? a. A control total for hours worked, prepared from time cards collected by the timekeeping department. b. Requiring the treasurer's office to account for the numbers of the prenumbered checks issued to the computer department for the processing of the payroll.
c. Use of a check digit for employee numbers. d. Use of a header label for the payroll input sheet. 76. In the weekly computer run to prepare payroll checks, a check was printed for an employee who had been terminated the previous week. Which of the following controls, if properly utilized, would have been most effective in preventing the error or ensuring its prompt detection? a. A control total for hours worked, prepared from time cards collected by the timekeeping department. b. Requiring the treasurer's office to account for the number of the prenumbered checks issued to the CBIS department for the processing of the payroll. c. Use of a check digit for employee numbers. d. Use of a header label for the payroll input sheet. 77. An auditor is preparing test data for use in the audit of a computer based accounts receivable application. Which of the following items would be appropriate to include as an item in the test data? a. A transaction record which contains an incorrect master file control total. b. A master files record which contains an invalid customer identification number. c. A master files record which contains an incorrect master file control total. d. A transaction record which contains an invalid customer identification number. 78. Unauthorized alteration of on-line records can be prevented by employing: a. Key verification. b. Computer sequence checks. c. Computer matching. d. Data base access controls. 79. In auditing through a computer, the test data method is used by auditors to test the a. Accuracy of input data. b. Validity of the output. c. Procedures contained within the program. d. Normalcy of distribution of test data. 80. Which of the following is an advantage of generalized computer audit packages? a. They are all written in one identical computer language. b. They can be used for audits of clients that use differing CBIS equipment and file formats. c. They have reduced the need for the auditor to study input controls for CBIS related procedures. d. Their use can be substituted for a relatively large part of the required control testing.
81. Processing simulated file data provides the auditor with information about the reliability of controls from evidence that exists in simulated files. One of the techniques involved in this approach makes use of a. Controlled reprocessing. b. Program code checking. c. Printout reviews. d. Integrated test facility. 82. An integrated test facility (ITF) would be appropriate when the auditor needs to a. Trace a complex logic path through an application system. b. Verify processing accuracy concurrently with processing. c. Monitor transactions in an application system continuously. d. Verify load module integrity for production programs. 83. When auditing "around" the computer, the independent auditor focuses solely upon the source documents and a. Test data. b. CBIS processing. c. Control techniques. d. CBIS output. 84. A hash total of employee numbers is part of the input to a payroll master file update program. The program compares the hash total to the total computed for transactions applied to the master file. The purpose of this procedure is to: a. Verify that employee numbers are valid. b. Verify that only authorized employees are paid. c. Detect errors in payroll calculations. d. Detect the omission of transaction processing. 85. When testing a computerized accounting system, which of the following is not true of the test data approach? a. The test data need consist of only those valid and invalid conditions in which the auditor is interested. b. Only one transaction of each type need be tested. c. Test data are processed by the client's computer programs under the auditor's control. d. The test data must consist of all possible valid and invalid conditions. 86. Which of the following procedures is an example of auditing "around" the computer? a. The auditor traces adding machine tapes of sales order batch totals to a computer printout of the sales journal. b. The auditor develops a set of hypothetical sales transactions and, using the client's computer program, enters the transactions into the system and observes the processing flow.
c. The auditor enters hypothetical transactions into the client's processing system during client processing of live" data. d. The auditor observes client personnel as they process the biweekly payroll. The auditor is primarily concerned with computer rejection of data that fails to meet reasonableness limits. 87. Auditing by testing the input and output of a computer-based system instead of the computer program itself will a. Not detect program errors which do not show up in the output sampled. b. Detect all program errors, regardless of the nature of the output. c. Provide the auditor with the same type of evidence. d. Not provide the auditor with confidence in the results of the auditing procedures. 88. The applications of auditing procedures using the computer as an audit tool refer to a. Integrated test facility b. Data-based management system c. Auditing through the computer d. Computer assisted audit techniques 89. Audit automation least likely include a. Expert systems. b. Tools to evaluate a client’s risk management procedures. c. Manual working papers. d. Corporate and financial modeling programs for use as predictive audit tests. 90. Whether or not a real time program contains adequate controls is most effectively determined by the use of a. Audit software b. An integrated test facility c. A tracing routine d. A traditional test deck
View more...
Comments