IT Auditing Flashcards
If a control total were computed on each of the following data items, which would best be identified as a hash total for a payroll EDP application? A. Total debits and total credits. B. Net pay. C. Department numbers. D. Hours worked
C - A hash total is a meaningless total computed to verify the accuracy and completeness of input. Assigned department numbers, when totaled, would provide an example of a hash total
Which of the following computer-assisted auditing techniques allows fictitious and real transactions to be processed together without client operating personnel being aware of the testing process? A. Integrated test facility. B. Input controls matrix. C. Parallel simulation. D. Data entry monitor
A
Which of the following statements is correct concerning internal control in an electronic data interchange (EDI) system?
A. Preventive controls are generally more important than detective controls in EDI systems.
B. Control objectives for EDI systems are generally different from the objectives for other information systems.
C. Internal controls in EDI systems rarely permit control risk to be assessed at below the maximum.
D. Internal controls related to the segregation of duties are generally the most important controls in EDI systems
A - Preventive controls are controls that attempt to deter problems before they occur. Detective controls are controls that discover problems after they occur. In an EDI system, the emphasis would be on preventive controls rather than on detective controls, due to the volume and speed of processing. Waiting to discover problems could result in an unacceptable loss of millions of dollars
Which of the following is usually a benefit of transmitting transactions in an electronic data interchange (EDI) environment?
A. A compressed business cycle with lower year-end receivables balances.
B. A reduced need to test computer controls related to sales and collections transactions.
C. An increased opportunity to apply statistical sampling techniques to account balances.
D. No need to rely on third-party service providers to ensure security
A - An electronic data interchange environment enables the business cycle to be reduced (or compressed). For example, sales may be invoiced immediately, with the resultant speed-up of cash collections and reduction of receivable balances
Which of the following is usually a benefit of using electronic funds transfer for international cash transactions?
A. Improvement of the audit trail for cash receipts and disbursements.
B. Creation of self-monitoring access controls.
C. Reduction of the frequency of data entry errors.
D. Off-site storage of source documents for cash transactions
C