Midterms (T/F) Flashcards
Preventive controls are passive techniques designed to reduce fraud.
True
False
True
A key modifying assumption in internal control is that the internal control system is the responsibility of management.
True
False
True
A qualified opinion on management’s assessment of internal controls is over the financial reporting system necessitates a qualified opinion on the financial statements.
True
False
False
IT auditing is a small part of most external and internal audits.
True
False
False
An IT auditor expresses an opinion on the fairness of the financial statements.
True
False
False
Segregation of duties is an example of an internal control procedures.
True
False
True
The same internal control objectives apply to manual and computer-based information systems.
True
False
True
Corporate management (including the CEO) must certify monthly and annually their organization’s internal controls over financial reporting.
True
False
False
Application controls apply to a wide range of exposures that threaten the integrity of all programs processed within the computer environment.
True
False
False
To fulfill the segregation of duties control objective, computer processing/functions (like authorization of credit and billing) are separated.
True
False
False
Distributed data processing places the control IT resources under end users.
True
False
True
RAID is the use of parallel disks that contain redundant elements of data applications.
True
False
True
A database administrator is responsible for the receipt, storage, retrieval, and custody of data files.
True
False
False
Commodity IT assets include such things are network management.
True
False
True
Transaction cost economics (TCE) theory suggests that firm should outsource specific non core IT assets.
True
False
False