1-a Online Auditing Quiz Flashcards
(1) Management of an organization is evaluating automated audit tool for its critical business
processes.
Which of the following audit tools is MOST useful when an audit trail is required?
A. Integrated test facility (ITF)
B. Continuous and intermittent simulation (CIS)
C. Audit hook
D. Snapshots
Answer: D. Snapshots
Explanation:
In the snapshot technique, snaps (pictures) are taken of the transactions as transaction moves through
various stages in the application system. Both before -processing and after -processing images of
the transactions are captured. The auditor can verify the correctness of the processing by checking
before-processing and after-processing images of the transactions.
(2)Integrated test facility (ITF) has advantages over other automated audit tools because of its
following characteristics:
A. Creation of dummies/fictitious entity is not required as testing is done on actual master files.
B. ITF does not require setting up separate test environment/test processes.
C. ITF is a continuous audit tool and validates the ongoing operation of the system.
D. ITF eliminates the need to prepare test data.
Answer: B. ITF does not require setting up a separate test environment/test processes.
Explanation:
The fictitious entity is created in LIVE environment. As live environment is used, there is no need to
create separate test processes. However, careful planning is necessary and test data must be
isolated from production data.
(3)Characteristics that BEST describes an integrated test facility:
A. Technique to verify system processing.
B. Technique to verify system integration.
C. Technique to generate test data.
D. Technique to validate the ongoing operation of the system.
Answer: A. Technique to verify system processing.
Explanation:
In ITF, fictitious entity is created in LIVE environment. Auditor can enter dummy or test
transactions and verify the processing and results of these transactions for correctness. Processed
results and expected results are compared to verify that systems are operating correctly. ITF does
not verify system integration neither it is used to generate test data. ITF does not validate the
ongoing operation of the system.
(4) Management of an organization is evaluating automated audit tool for its critical business
processes. Which of the following audit tools is MOST useful for the early detection of errors or irregularities?
A. Embedded audit module
B. Integrated test facility
C. Snapshots
D. Audit hooks
Answer: D. Audit hooks
Explanation:
The audit hook technique involves embedding code in application systems for the examination of
selected transactions. This helps the IS auditor to act before an error or an irregularity gets out of
hand. Audit hooks have very low complexity in designing criteria and hence most useful tool when
early detection is warranted.
(5)Which of the below online auditing tool would best identify transactions as per predefined criteria?
A. Systems Control Audit Review File and Embedded Audit Modules (SCARF/EAM)
B. Continuous and Intermittent Simulation (CIS)
C. Integrated Test Facilities (ITF)
D. Audit hooks
Answer: B. Continuous and Intermittent Simulation (CIS)
Explanation:
As high complex criteria can be set in CIS, it is the best technique to identify transactions as per predefined
criteria. Continuous and Intermittent Simulation (CIS) is a moderately complex set of
programs that during a process run of a transaction, simulates the instruction execution of its
application. As each transaction is entered, the simulator decides whether the transaction meets
certain predetermined criteria and if so, audits the transaction. If not, the simulator waits until it
encounters the next transaction that meets the criteria. Audits hooks which are of low complexity
focus on specific conditions instead of detailed criteria in identifying transactions for review. ITF is
incorrect because its focus is on test versus live data.
65
(6)Characteristics that BEST describes an integrated test facility:
A. actual transactions are validated on ongoing basis.
B. enables the IS auditors to generate test data.
C. pre-determined results are compared with processing output to ascertain correctness of
system processing.
D. enables the IS auditors to analyse large range of information.
Answer: C. pre-determined results are compared with processing output to ascertain correctness of system processing.
Explanation:
In ITF technique, auditor can enter dummy or test transactions and verify the processing and
results of these transactions for correctness. Processed results and expected results are compared to
verify that systems are operating correctly. Other options are not correct in view of ITF
characteristics.
(7) To identify excess inventory for the previous year, which online auditing technique can be used?
A. Test data
B. Generalized audit software
C. Integrated test facility
D. Embedded audit module
Answer: B. Generalized audit software
Explanation: The IS auditor, using generalized audit software, could design appropriate tests to
identify excess inventory. Test data would not be relevant here as audit will be required on actual
data. ITF and EAM cannot detect errors for a previous period.
ITF -Notes
Dummy entities are created in live production environment
SCARF - Notes
Inbuilt audit software when regular processing cannot be interrupted
Snapshot -Notes
Take pictures (snpas). Used when trial audit is required
CIS - Notes
Used DBMS
CIS simulates the application processing
As high complex criteria can be set in CIS, it is the best technique transactions as per pre-defined criteria