General Controls

Question 1

Limitations of Internal Controls

Answer 1

Human element, collusion, unusual transactions

Question 2

The conrol environment

Answer 2

• ensures staff take controls seriously
• ensures responsibilities are delegated correctly

Question 3

If auditor importance is weak

Answer 3

less likely to rely on controls

Question 4

if auditor importance is strong

Answer 4

more likely to rely on controls

Question 5

Procedure for business risks

Answer 5

1) identify 2) impact 3) liklehood 4) act

Question 6

information system controls allow:

Answer 6

Transactions to be intiated
Transactions to be processed
Transactions to be reported
Transactions to be recorded

Question 7

General IT controls: normal operations, testing and documentation of changes

Answer 7

• complete testing procedures
• documentation standards
• approval of changes by computer users and management
• Training of staff using the programme

Question 8

General IT controls: normal operations, to prevent wrong programmes or files being used

Answer 8

• operation controls over programme
• libraries of programme
• proper job scheduling
• passwords to prevent unauthorised entry

Question 9

cyber security risks

Answer 9

• human threats
• fraud
• deliberate sabotage
• viruses and other corruptions
• malware
• denial of services attack

Question 10

Controls to ensure continuity of Operations

Answer 10

• storing extra copies of programmes off site
• protection of equipment against hazards
• back up power sources
• emergency procedures
• disaster recovery procedures
• maintenence agreements and insurance

Question 11

Controls over input - completeness

Answer 11

• manual or programmed agreement of control tasks
• document counts
• 1 for 1 checking of processed output to source documents
• programmed matching of input to an expected input control file
• procedures over the resubmission of rejected data

Question 12

Controls over input- accuracy

Answer 12

Digit verification eg reference numbers as expected
* Reasonableness test eg. VAT to total value
* Existence checks eg customer name
* Character checks eg. no unexpected characters
* Necessary information no transaction passed with missinginformation
* Permitted range no transaction processed over a certainvalue
* Manual scrutiny of output and reconciliation to source
* Agreement of control totals

Question 13

Controls over input- authorisation

Answer 13

• manual checks so that information input was authorised by correct authorised personel

Question 15

controls over processing

Answer 15

• similar controls to input must be completed when the input is complete for example batch reconciliations
• screen warnings stop people logging out before processing is complete

Question 16

Controls over master files and standing data

Answer 16

• 1 to 1 checking of master files to source documents
• cyclical reveiws of standing data and documents
• record counts and hash totals totals when master files are used so there are no deletions
• controls over the deletion of accounts with no balances

Question 17

Types of control activities

Answer 17

• authorisation
• reconciliation
• verification
• physical or logical controls
• segregation of duties

Question 18

Types of control activities

Answer 18

• authorisation
• reconciliation
• verification
• physical or logical controls
• segregation of duties