Chapter 7 Flashcards

1
Q

Nature of Computers

A
  • fast
  • do not think the way humans do
  • do not get tired but succumbs to technical problems
  • follows the dictum: “do it right the first time, do it right all the time.”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Three broad classes of application controls

A
  1. Input Controls
  2. Processing Controls
  3. Output Controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Designed to ensure that the transactions that bring data into the system are valid, accurate, and complete

A

Input controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Data input procedures can be:

A
  • Source document triggered (batch)
  • Direct input (real-time)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Classes of input controls:

A
  1. Source document controls
  2. Data coding controls
  3. Batch controls
  4. Validation controls
  5. Input error correction
  6. Generalized data input systems
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Five CAATTs approaches used for testing application logic:

A
  1. Test data method
  2. Base care system evaluation
  3. Tracing
  4. Integrated test facility
  5. Parallel simulation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Source document input requires human involvement and is prone to clerical errors.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Direct input employs real-time editing techniques to identify and correct errors immediately.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Controls in systems that are using physical source documents.

A

Source document controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Control procedures over source documents:

A
  • Use pre-numbered source documents
  • Use source documents in sequence
  • Periodically audit source documents
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Checks on the integrity of data codes used in processing.

A

Data Coding Controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Three types of processing errors:

A
  1. Transcription errors
  2. Single transposition errors
  3. Multiple transposition errors
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Three classes of transcription errors:

A
  1. Addition errors
  2. Truncation errors
  3. Substitution errors
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Occurs when an extra digit or character is added to the code.

A

Addition errors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Occurs when a digit or character is removed from the end of a code.

A

Truncation errors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

The replacement of one digit in a code with another.

A

Substitution errors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Occurs when two adjacent digits are reversed.

A

Single transposition errors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Occurs when non-adjacent digits are transposed.

A

Multiple transposition errors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Data coding controls:

A

Check digits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

A control digit added to the code when it is originally assigned that allows the integrity of the code to be established during subsequent processing. (suffix, prefix, embedded)

A

Check digits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Check-digit techniques:

A
  1. Sum of digits
  2. Modulus 11
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

The steps in modulus 11:

A
  1. Assign weights
  2. Sum the products
  3. Divide by the modulus
  4. Subtract the remainder from the modulus to obtain the check digit.
  5. Add the check digit to the original code to yield the new code.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

An effective method of managing high volumes of transaction data through a system, especially paper-fed information system.

A

Batch controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Batch controls provide assurance that:

A
  1. All records in the batch are processed.
  2. No records are processed more than once.
  3. An audit trail of transactions is created from input through processing to the output stage of the system.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Two documents used to accomplish batch control objectives:

A
  1. Batch transmittal sheet
  2. Batch control log
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

The batch transmittal sheet captures relevant information such as:

A
  1. A unique batch number
  2. A batch date
  3. A transaction code
  4. The number of records in the batch
  5. The total dollar value of a financial field (batch control total)
  6. The total of a unique non-financial field (hash total)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Refers to a simple control technique that uses non-financial data to keep track of the records in a batch.

A

Hash total

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Are intended to detect errors in transaction data before the data are processed.

A

Validation controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Three levels of input validation controls

A
  1. Field interrogation
  2. Record interrogation
  3. File interrogation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Types of files in a computer-based systems:

A
  1. Master file
  2. Transaction file
  3. Reference file
  4. Archive file
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Audit trails in computer-based systems are less observable than in a traditional manual system.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Generally contains account data.

A

Master file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

A temporary file of transaction records used to change or update data in a master file. Examples are sales orders, inventory receipts, and cash receipts.

A

Transaction file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Stores data that are used as standards for processing transactions.

A

Reference file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Contains records of past transactions that are retained for future reference.

A

Archive file

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Examples of transaction files

A
  • Sales orders
  • Inventory receipts
  • Cash receipts
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Examples of reference file

A
  • price list used for preparing customer invoices
  • list of authorized suppliers
  • employee rosters
  • customer credit files for approving credit sales
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Hierarchy of data

A
  1. Field (name, year level)
  2. Record (for every student)
  3. File (all bsa students)
  4. Database (all HNU students)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Involves programmed procedures that examine the characteristics of the data in the field.

A

Field interrogation

40
Q

Common types of field interrogation:

A
  1. Missing data checks
  2. Numeric-alphabet data checks
  3. Zero value checks
  4. Limit checks
  5. Range checks
  6. Validity checks
  7. Check digit
41
Q

Used to examine the contents of a field for the presence of blank spaces.

A

Missing data checks

42
Q

Determine whether the correct form of data is in a field.

A

Numeric-alphabet data checks

43
Q

Are used to verify that certain fields are filled with zeros.

A

Zero-value checks

44
Q

Determine if the value in the field exceeds an authorized limit.

A

Limit checks

45
Q

Assign upper and lower limits to acceptable data values.

A

Range checks

46
Q

Compare actual values in a field against known acceptable values.

A

Validity checks

47
Q

Identify keystroke errors in key fields by testing the internal validity of the code.

A

Check digit

48
Q

Procedures which validate the entire record by examining the interrelationship of its field values.

A

Record interrogation

49
Q

Determine if a value in one field, which has already passed a limit check and arrange check, is reasonable when considered along with other data fields in the record.

A

Reasonableness checks

50
Q

Are tests to see if the sign of a field is correct for the type of record being processed.

A

Sign checks

51
Q

Are used to determine if a record is out of order.

A

Sequence checks

52
Q

To ensure that the correct file is being processed by the system.

A

File interrogation

53
Q

Verify that the file processed is the one the program is actually calling for.

A

Internal label checks

54
Q

Are used to verify that the version of the file being processed is correct.

A

Version checks

55
Q

Prevents a file from being deleted before it expires.

A

Expiration date check

56
Q

What consists the label part of the Header Label on Magnetic Tape

A
  1. Tape serial number
  2. File name
  3. Expiration date
  4. Control totals
  5. Number of records
57
Q

When errors are detected in a batch they must be corrected and the records resubmitted for reprocessing.

A

Input error correction

58
Q

Three common error handling techniques:

A
  1. Correct immediately.
  2. Create an error file.
  3. Reject the entire batch.
59
Q

Some forms of errors are associated with the entire batch and are not clearly attributable to individual records.

A

Reject the batch.

60
Q

Upon detecting a keystroke error or an illogical relationship, the system should halt the data procedure until the user corrects the error.

A

Correct immediately.

61
Q

At the end of the validation procedure, the records flagged as errors are removed from the batch and placed in a temporary error holding file until the errors can be investigated.

A

Create an error file.

62
Q

Includes centralized procedures to manage the data input for all of the organization’s transaction processing systems.

A

Generalized Data Input Systems

63
Q

It eliminates the need to recreate redundant routines for each new application.

A

GDIS

64
Q

Advantages of the Generalized Data Input Systems

A
  1. Improves control by having one common system perform all data validation.
  2. Ensures that each AIS application applies a consistent standard for data validation.
  3. Improves systems development efficiency.
65
Q

It is where the input data that are validated by the generalized validation module are stored.

A

Validated data file

66
Q

Performs standard validation routines that are common to many different applications.

A

Generalized validation module

67
Q

Plays the same role as a traditional error file.

A

Error file

68
Q

Distributed to users to facilitate error correction.

A

Error reports

69
Q

A permanent record of all validated transactions.

A

Transaction log

70
Q

Three categories of processing controls:

A
  1. Run-to-run controls
  2. Operator intervention controls
  3. Audit trail controls
71
Q

Uses batch figures to monitor the batch as it moves from one program procedure to another.

A

Run-to-run controls

72
Q

Specific uses of run to run controls:

A
  1. Recalculate control totals.
  2. Check transaction codes.
  3. Sequence checks
73
Q

This happens when operator manually enters controls into the system

A

Operator Intervention Controls

74
Q

Examples of operator intervention controls:

A
  1. Entering control totals for a batch
  2. Providing parameter values
  3. Activating a program
75
Q

Systems that limit operator intervention through operator intervention controls are thus less prone to processing errors.

A

True

76
Q

To reduce error parameter values and programs start points be derived logically and look-up tables be provided by system.

A

True

77
Q

Makes sure that every transaction becomes traceable from input to output.

A

Audit Trail Controls

78
Q

Examples of techniques used to preserve audit trails in computer based accounting systems:

A
  1. Transaction logs
  2. Log of automatic transactions
  3. Listing of automatic transactions
  4. Unique transaction identifiers
  5. Error listing
79
Q

Ensures that system output is not lost, misdirected, or corrupted, and that privacy is not violated.

A

Output controls

80
Q

Output controls ensure that system output is:

A
  • not misplaced or lost
  • not misdirected
  • not corrupted
  • and privacy is not violated
81
Q

Output controls:

A
  1. Output spooling
  2. Print programs
  3. Bursting
  4. Waste
  5. Data control
  6. Report distribution
  7. End user controls
82
Q

Two general approaches in testing computer application controls:

A
  1. Black box (around the computer) approach
  2. White box (through the computer) approach
83
Q

Common types of test of controls in the white box approach includes:

A
  1. Authenticity tests
  2. Accuracy tests
  3. Completeness tests
  4. Redundancy tests
  5. Access tests
  6. Audit trail tests
  7. Rounding error tests
84
Q

Used to establish application integrity by processing specially prepared sets of input data through production applications that are under review.

A

The test data method

85
Q

When the set of test data in use is comprehensive.

A

Base case system evaluation

86
Q

Performs an electronic walk-through of the application’s internal logic.

A

Tracing

87
Q

The three steps of the tracing procedure:

A
  1. The application under review must undergo a special compilation to activate the trace option.
  2. Specific transactions are types of transactions are created as test data.
  3. The test data transactions are traced through all processing stages of the program and a listing is produced of all program instructions that were executed during the test.
88
Q

Three primary advantages of test data techniques:

A
  1. They employ through-the-computer testing, thus providing the auditor with explicit evidence concerning application functions.
  2. If properly planned test data runs can be employed with only minimal disruption to the organization’s operations.
  3. They require only minimal computer expertise on the part of auditors.
89
Q

Disadvantages of test data techniques:

A
  1. Auditors must rely on computer services personnel to obtain a copy of the application for test purposes.
  2. They provide a static picture of application integrity at a single point in time.
  3. Their relatively high cost of implementation, which results in audit inefficiency.
90
Q

An automated technique that enables the auditor to test an application’s logic and controls during its normal operation.

A

The integrated test facility

91
Q

Advantages of integrated test facility:

A
  1. It supports ongoing monitoring of controls as required by SAS 78.
  2. Applications with ITF can be economically tested without disrupting the user’s operations and without the intervention of computer services personnel.
92
Q

Disadvantage of integrated test facility

A

The potential for corrupting the data files of the organization with test data.

93
Q

Steps to remedy the disadvantage of ITF:

A
  1. Adjusting entries may be processed to remove the effects of ITF from general ledger account balances.
  2. Data files can be scanned by special software that remove the ITF transactions.
94
Q

Requires the auditor to write a program that simulates key features or processes of the application under review.

A

Parallel simulation

95
Q

Five major components of GDIS:

A

Generalized validation module
Validated data file
Error file
Error reports
Transaction log