3.1.a Online Auditing Quiz (Doshi) Flashcards
Management of an organization is evaluating automated audit tool for its critical business processes. Which of the following audit tools is MOST useful when an audit trail is required?
A. Integrated test facility (ITF)
B. Continuous and intermittent simulation (CIS)
C. Audit hook
D. Snapshots
D. Snapshots
In the snapshot technique, snaps (pictures) are taken of the transactions as transaction moves through various stages in the application system.
Both before -processing and after -processing images of the transactions are captured. The auditor can verify the correctness of the processing by checking before-processing and after-processing images of the transactions.
Integrated test facility (ITF) has advantages over other automated audit tools because of its following characteristics:
A. Creation of dummies/fictitious entity is not required as testing is done on actual master files.
B. ITF does not require setting up separate test environment/test processes.
C. ITF is a continuous audit tool and validates the ongoing operation of the system.
D. ITF eliminates the need to prepare test data.
B. ITF does not require setting up a separate test environment/test processes.
The fictitious entity is created in LIVE environment. As live environment is used, there is no need to create separate test processes. However, careful planning is necessary and test data must be isolated from production data.
Characteristics that BEST describes an integrated test facility:
A. Technique to verify system processing.
B. Technique to verify system integration.
C. Technique to generate test data.
D. Technique to validate the ongoing operation of the system.
A. Technique to verify system processing.
In ITF, fictitious entity is created in LIVE environment. Auditor can enter dummy or test transactions and verify the processing and results of these transactions for correctness. Processed results and expected results are compared to verify that systems are operating correctly. ITF does not verify system integration neither it is used to generate test data. ITF does not validate the ongoing operation of the system.
Management of an organization is evaluating automated audit tool for its critical business processes. Which of the following audit tools is MOST useful for the early detection of errors or irregularities?
A. Embedded audit module
B. Integrated test facility
C. Snapshots
D. Audit hooks
D. Audit hooks
The audit hook technique involves embedding code in application systems for the examination of selected transactions. This helps the IS auditor to act before an error or an irregularity gets out of hand. Audit hooks have very low complexity in designing criteria and hence most useful tool when early detection is warranted.
Which of the below online auditing tool would best identify transactions as per predefined criteria?
A. Systems Control Audit Review File and Embedded Audit Modules (SCARF/EAM)
B. Continuous and Intermittent Simulation (CIS)
C. Integrated Test Facilities (ITF)
D. Audit hooks
B. Continuous and Intermittent Simulation (CIS)
As high complex criteria can be set in CIS, it is the best technique to identify transactions as per predefined criteria. Continuous and Intermittent Simulation (CIS) is a moderately complex set of programs that during a process run of a transaction, simulates the instruction execution of its application. As each transaction is entered, the simulator decides whether the transaction meets certain predetermined criteria and if so, audits the transaction. If not, the simulator waits until it encounters the next transaction that meets the criteria. Audits hooks which are of low complexity focus on specific conditions instead of detailed criteria in identifying transactions for review. ITF is incorrect because its focus is on test versus live data.
Characteristics that BEST describes an integrated test facility:
A. actual transactions are validated on ongoing basis.
B. enables the IS auditors to generate test data.
C. pre-determined results are compared with processing output to ascertain correctness of system processing.
D. enables the IS auditors to analyse large range of information.
C. pre-determined results are compared with processing output to ascertain correctness of system processing.
In ITF technique, auditor can enter dummy or test transactions and verify the processing and results of these transactions for correctness. Processed results and expected results are compared to verify that systems are operating correctly. Other options are not correct in view of ITF characteristics.
To identify excess inventory for the previous year, which online auditing technique can be used?
A. Test data
B. Generalized audit software
C. Integrated test facility
D. Embedded audit module
B. Generalized audit software
The IS auditor, using generalized audit software, could design appropriate tests to identify excess inventory. Test data would not be relevant here as audit will be required on actual data. ITF and EAM cannot detect errors for a previous period.
ITF -Notes
Dummy entities are created in live production environment
SCARF - Notes
Inbuilt audit software when regular processing cannot be interrupted
Snapshot -Notes
Take pictures (snpas). Used when trial audit is required
CIS - Notes
Used DBMS
CIS simulates the application processing
As high complex criteria can be set in CIS, it is the best technique transactions as per pre-defined criteria