Computer Auditing Exam Solutions
Course Introduction
Computer Auditing explores the principles, practices, and tools required to examine and evaluate computer-based information systems within organizations. The course covers topics such as audit planning, risk assessment, internal control frameworks, evidence collection, data integrity verification, and the use of computer-assisted audit techniques (CAATs). Students will learn to assess the reliability and security of information systems, detect fraud and errors, and ensure compliance with legal, ethical, and professional standards. Through case studies and practical exercises, the course prepares students to address contemporary challenges in auditing computerized environments.
Recommended Textbook Information Technology Auditing 3rd Edition by James A. Hall
Available Study Resources on Quizplus 12 Chapters
1295 Verified Questions
1295 Flashcards
Source URL: https://quizplus.com/study-set/351
Page 2
Chapter 1: Auditing and Internal Control
Available Study Resources on Quizplus for this Chatper
103 Verified Questions
103 Flashcards
Source URL: https://quizplus.com/quiz/5812
Sample Questions
Q1) A key modifying assumption in internal control is that the internal control system is the responsibility of management.
A)True
B)False
Answer: True
Q2) The same internal control objectives apply to manual and computer-based information systems.
A)True
B)False
Answer: True
Q3) COSO identifies two broad groupings of information system controls.What are they? Answer: general; application
Q4) Both the SEC and the PCAOB require management to use the COSO framework for assessing internal control adequacy.
A)True
B)False
Answer: False
To view all questions and flashcards with answers, click on the resource link above. Page 3
Chapter 2: Auditing IT Governance Controls
Available Study Resources on Quizplus for this Chatper
99 Verified Questions
99 Flashcards
Source URL: https://quizplus.com/quiz/5813
Sample Questions
Q1) What exposures do data consolidation in a CBIS environment pose?
Answer: In a CBIS environment,data consolidation exposes the data to computer fraud and losses from disaster.
Q2) Explain the outsourcing risk of failure to perform.
Answer: Once a client firm has outsourced specific IT assets,its performance becomes linked to the vendor's performance.The negative implications of such dependency are illustrated in the financial problems that have plagued the huge outsourcing vendor Electronic Data Systems Corp.(EDS).In a cost-cutting effort,EDS terminated seven thousand employees,which impacted its ability to serve other clients.Following an eleven-year low in share prices,EDS stockholders filed a class-action lawsuit against the company.Clearly,vendors experiencing such serious financial and legal problems threaten the viability of their clients also.
Q3) Some systems professionals have unrestricted access to the organization's programs and data.
A)True
B)False
Answer: True
To view all questions and flashcards with answers, click on the resource link above. Page 4
Chapter 3: Security Part I: Auditing Operating Systems and Networks
Available Study Resources on Quizplus for this Chatper
143 Verified Questions
143 Flashcards
Source URL: https://quizplus.com/quiz/5814
Sample Questions
Q1) A firewall is a hardware partition designed to protect networks from power surges. A)True
B)False Answer: False
Q2) A distributed denial of service (DDoS)attack may take the form of a SYN flood but not a smurf attack.
A)True
B)False Answer: False
Q3) Describe two tests of controls that would provide evidence that the database management system is protected against unauthorized access attempts. Answer: compare job descriptions with authority tables; verify that database administration employees have exclusive responsibility for creating authority tables and designing user subschemas; evaluate biometric and inference controls
Q4) What can be done to defeat a DDoS Attack?
Answer: Intrusion Prevention Systems (IPS)that employ deep packet inspection (DPI)are a countermeasure to DDoS attacks.
To view all questions and flashcards with answers, click on the resource link above. Page 5
Chapter 4: IT Security Part II: Auditing Database Systems
Available Study Resources on Quizplus for this Chatper
101 Verified Questions
101 Flashcards
Source URL: https://quizplus.com/quiz/5815
Sample Questions
Q1) The database management system provides a controlled environment for accessing the database.
A)True
B)False
Q2) What are the four elements of the database approach? Explain the role of each.
Q3) The __________________________ authorizes access to the database.
Q4) To the user,data processing procedures for routine transactions,such as entering sales orders,appear to be identical in the database environment and in the traditional environment.
A)True
B)False
Q5) What is a database authorization table?
Q6) Which duty is not the responsibility of the database administrator?
A) to develop and maintain the data dictionary
B) to implement security controls
C) to design application programs
D) to design the subschema
Q7) In a distributed data processing system,a database can be centralized or distributed.What are the options? Explain.
Page 6
Q8) The conceptual view of the database is often called ____________________.
To view all questions and flashcards with answers, click on the resource link above.
Chapter 5: Systems Development and Program Change
Activities
Available Study Resources on Quizplus for this Chatper
108 Verified Questions
108 Flashcards
Source URL: https://quizplus.com/quiz/5816
Sample Questions
Q1) Site preparation costs include all of the following except
A) crane used to install equipment
B) freight charges
C) supplies
D) reinforcement of the building floor
Q2) Project feasibility includes all of the following except
A) technical feasibility
B) conceptual feasibility
C) operational feasibility
D) schedule feasibility
Q3) Systems analysis involves all of the following except
A) gathering facts
B) surveying the current system
C) redesigning bottleneck activities
D) reviewing key documents
Q4) A tangible benefit
A) can be measured and expressed in financial terms
B) might increase revenues
C) might decrease costs
D) all of the above
To view all questions and flashcards with answers, click on the resource link above. Page 7
Chapter 6: Overview of Transaction Processing and Financial Reporting Systems
Available Study Resources on Quizplus for this Chatper
143 Verified Questions
143 Flashcards
Source URL: https://quizplus.com/quiz/5817
Sample Questions
Q1) Resource use is one characteristic used to distinguish between batch and real-time systems.Explain.
Q2) Provide a specific example of a general ledger account and a corresponding subsidiary ledger.
Q3) What are the subsystems of the expenditure cycle?
Q4) System flowcharts
A) depict logical tasks that are being performed, but not who is performing them
B) illustrate the relationship between database entities in systems.
C) represent relationships between key elements of both manual and computer systems.
D) describe the internal logic of computer applications in systems. .
Q5) Sequential storage means
A) data is stored on tape
B) access is achieved through an index
C) access is direct
D) reading record 100 requires first reading records 1 to 99
Q6) List a method of data processing that uses the destructive update approach?
8
Q7) For what purpose are ER diagrams used?
Q8) Most organizations have replaced the general journal with a
To view all questions and flashcards with answers, click on the resource link above.
Page 9
Chapter 7: Computer-Assisted Audit Tools and Techniques
Available Study Resources on Quizplus for this Chatper
83 Verified Questions
83 Flashcards
Source URL: https://quizplus.com/quiz/5818
Sample Questions
Q1) Give one example of an error that is detected by a check digit control.
Q2) What control issue is related to reentering corrected error records into a batch processing system? What are the two methods for doing this?
Q3) Classify each of the following as a field,record,or file interrogation:
a.Limit check
b.Validity check
c.Version check
d.Missing data check
e.Sign checks
f.Expiration date check
g.Numeric-alphabetic data check
h. Sequence check
i. Zero-value check
j. Header label check
k. Range check
l. Reasonableness check
Q4) Name three types of transcription error.
Q5) What are the five major components of a GDIS?
Q6) What are the three categories of processing control?
Q7) Explain input controls.
To view all questions and flashcards with answers, click on the resource link above. Page 10
Chapter 8: Data Structures and CAATTs for Data Extraction
Available Study Resources on Quizplus for this Chatper
89 Verified Questions
89 Flashcards
Source URL: https://quizplus.com/quiz/5819
Sample Questions
Q1) Cardinality describes the number of possible occurrences in one table that are associated with a single occurrence in a related table.
A)True
B)False
Q2) Generalized audit software packages are used to assist the auditor in performing substantive tests.
A)True
B)False
Q3) The update anomaly in unnormalized databases
A) occurs because of data redundancy
B) complicates adding records to the database
C) may result in the loss of important data
D) often results in excessive record insertions
Q4) It is appropriate to use a sequential file structure when
A)records are routinely inserted.
B)single records need to be retrieved.
C)records need to be scanned using secondary keys.
D) a large portion of the file will be processed in one operation.
Q5) What is a partial dependency?
Q6) What is the update anomaly?
11
To view all questions and flashcards with answers, click on the resource link above.
Chapter 9: Auditing the Revenue Cycle
Available Study Resources on Quizplus for this Chatper
105 Verified Questions
105 Flashcards
Source URL: https://quizplus.com/quiz/5820
Sample Questions
Q1) What role does each of the following departments play in the sales order processing subsystem: sales,credit,and shipping? Be complete.
Q2) Which of following functions should be segregated?
A) opening the mail and making the journal entry to record cash receipts
B) authorizing credit and determining reorder quantities
C) maintaining the subsidiary ledgers and handling customer queries
D) providing information on inventory levels and reconciling the bank statement
Q3) In a manual system,the billing department is responsible for recording the sale in the sales journal.
A)True
B)False
Q4) The shipping notice
A) is mailed to the customer
B) is a formal contract between the seller and the shipping company
C) is always prepared by the shipping clerk
D) informs the billing department of the quantities shipped
Q5) What specific internal control procedure would prevent an accounts receivable clerk from issuing a fictitious credit memo to a customer (who is also a relative)for goods that were "supposedly" returned from previous sales?
To view all questions and flashcards with answers, click on the resource link above. Page 12
Chapter 10: Auditing the Expenditure Cycle
Available Study Resources on Quizplus for this Chatper
144 Verified Questions
144 Flashcards
Source URL: https://quizplus.com/quiz/5821
Sample Questions
Q1) In a merchandising firm,authorization for the payment of inventory is the responsibility of
A) inventory control
B) purchasing
C) accounts payable
D) cash disbursements
Q2) Permitting warehouse staff to maintain the only inventory records violates separation of duties.
A)True
B)False
Q3) In a merchandising firm,authorization for the purchase of inventory is the responsibility of
A) inventory control
B) purchasing
C) accounts payable
D) cash disbursements
Q4) Why should employees clocking on and off the job be supervised.
Q5) Why should employee paychecks be drawn against a special checking account?
Q6) Describe an internal control procedure that would prevent payment of a invoice for goods that were never delivered.
Page 13
To view all questions and flashcards with answers, click on the resource link above.
Chapter 12: Business Ethics, Fraud, and Fraud Detection
Available Study Resources on Quizplus for this Chatper
85 Verified Questions
85 Flashcards
Source URL: https://quizplus.com/quiz/5822
Sample Questions
Q1) Explain the characteristics of management fraud.
Q2) Para computer ethics is the exposure to stories and reports found in the popular media regarding the good or bad ramifications of computer technology.
A)True
B)False
Q3) Internal control systems are recommended but not required to prevent fraud.
A)True
B)False
Q4) What is check tampering?
Q5) All of the following are conditions for fraud except
A) false representation
B) injury or loss
C) intent
D) material reliance
Q6) All of the following are factors in the fraud triangle except
A) Ethical behavior of an individual
B) Pressure exerted on an individual at home and job related
C) Materiality of the assets
D) Opportunity to gain access to assets
To view all questions and flashcards with answers, click on the resource link above. Page 14
Q7) Explain the problems associated with Questionable Executive Compensation Schemes
Chapter 11: Enterprise Resource Planning Systems
Available Study Resources on Quizplus for this Chatper
92 Verified Questions
92 Flashcards
Source URL: https://quizplus.com/quiz/5823
Sample Questions
Q1) Efficient supply-chain management provides firms with a competitive advantage.
A)True
B)False
Q2) The recommended data architecture for an ERP includes separate operational and data warehouse databases.
A)True
B)False
Q3) What is scalability?
Q4) In a two-tier architecture approach is used primarily for wide area network (WAN)applications.
A)True
B)False
Q5) This chapter stressed the importance of data normalization when constructing a relational database.Why then is it important to de-normalize data in a data warehouse?
Q6) Internal efficiency is cited as one reasone for separating the data warehouse from the operational database.Explain.
Q7) If an auditor suspected an "unusual" relationship between a purchasing agent and certain suppliers,how could "drill-down" be used to collect data?
Page 15
To view all questions and flashcards with answers, click on the resource link above.