Information Technology Flashcards

1
Q

Controls are redundant to another department

The system does not appear to be reliable and testing controls would not be an efficient use of time

Costs exceed benefit

A

Auditing and IT

Audit of IT is not required

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

System isn’t complex or complicated

System output is detailed

A

Auditing and IT

Audit of IT can be performed without directly interacting with the system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Maintains database

Restricts access

Responsible for IT internal control

A

Auditing and IT

Database Admin

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Recommends changes or upgrades

Liaison between IT and users

A

Auditing and IT

Systems Analyst

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Responsible for disc storage

Holds system documentation

A

Auditing and IT

Librarian

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Uses computer speed to quickly sort data and files- which leads to a more efficient audit

Compatible with different client IT systems

Extracts evidence from client databases

Tests data without auditor needing to spend time learning the IT system in detail

Client-tailored or commercially produced

A

Auditing and IT

GAS- Generalized Audit Software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Group of related spreadsheets

Retrieves information through Queries

A

Auditing and IT

Relational Database

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A language that defines a database and gives information on database structure.

It maintains tables- which can be joined together.

It establishes database constraints.

A

Auditing and IT

Data Definition language

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Maintains and queries a database

Auditor needs information- so client uses DML to get the information needed

A

Auditing and IT

Data Manipulation Language

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A Data Control Language controls a database and restricts access to the database.

A

Auditing and IT-Data Control Language

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

A numerical character consistently added to a set of numbers.

It makes it more difficult for a fraudulent account to be set up or go undetected.

A

Auditing and IT

Check Digits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A Code Review tests a program’s processing logic.

Advantageous because auditor gains a greater understanding of the program.

A

Auditing and IT

Code Review

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Examines data and looks for reasonableness using upper and lower limits to determine if data fits the correct range.

Did anyone score higher than 100%?

A

Auditing and IT

Limit Test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Auditor processes data with client’s computer - fake transactions are used to test program control procedures.

Each control needs to only be tested once

Problem with this method - fake data could combine with real data.

A

Auditing and IT

Test Data Method

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Auditor can review logs to see which applications were run and by whom.

A

Auditing and IT-Operating Systems Logs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Helpful in online environments

Restricts computer access - may use encryption.

A

Auditing and IT

Access Security Software

17
Q

Library Management Software logs any changes to system/applications etc.

A

Auditing and IT-Library Management Software

18
Q

Assist with audit calculations

Enable continuous monitoring in an audit environment that is changing

Weakness: requires implementation into the system design

Example: SCARF - Collects information based on some criteria and can be analyzed at a later time (necessary because the audit environment is continually changing)

A

Auditing and IT

Embedded Audit Modules

19
Q

An Audit Hook is an application instruction that gives auditor control over the application.

A

Auditing and IT

Grab Transactions

20
Q

Transaction Tagging allows logging of company transactions and activities.

A

Auditing and IT

Tag and Trace

21
Q

Extended Records add audit data to financial records.

A

Auditing and IT

Helps create Audit Trails

22
Q

Destroys prior data when updated

aka Destructive Updating

Requires well-documented Audit Trail

A

Auditing and IT

23
Q

If the auditor only audits the outputs of a computer system and doesn’t also audit the software applications- an error in the applications could be missed.

A

Auditing and IT

Systems VS Application output

24
Q

Software that translates source program (similar to English) into a language that the computer can understand

A

Auditing and IT

Compiler

25
Q

Client data is processed using Generalized Audit Software (GAS)

Sample size can be expanded without significantly increasing the audit cost

GAS output compared to client output

A

Auditing and IT
Parralel Simulation
Controlled Reprocessing is a form that recreates clients system

26
Q

Plan the rest of audit- Shorter audit trails that may expire- Less documentation

Assess the level of Control Risk - Unauthorized access to systems or data is more difficult to catch

Systems access controls adds another layer to separation of duties analysis

Focus should be on the general controls- new systems development- current systems changes- and program or data access control or computer ops control changes

A

Auditing and IT