IT Auditing Final Exam
Course Introduction
IT Auditing focuses on the examination and evaluation of an organizations information technology infrastructure, policies, and operations. The course covers key frameworks and standards for IT audit, risk management, compliance, and controls, including topics such as audit planning, evidence gathering, data analytics, and reporting. Students will learn about assessing the effectiveness of IT systems in supporting business objectives, identifying vulnerabilities, ensuring data integrity, and maintaining regulatory compliance. Emphasis is placed on both technical and managerial aspects of IT auditing, preparing students to conduct audits and provide recommendations that enhance organizational security and efficiency.
Recommended Textbook
Accounting Information Systems The Crossroads of Accounting and IT 2nd Edition by Kay
Available Study Resources on Quizplus
14 Chapters
1472 Verified Questions
1472 Flashcards
Source URL: https://quizplus.com/study-set/3369 Page 2
Chapter 1: Accounting Systems Insights
Available Study Resources on Quizplus for this Chatper
102 Verified Questions
102 Flashcards
Source URL: https://quizplus.com/quiz/66901
Sample Questions
Q1) Which of the following agents is internal to a company?
A)Customer
B)Employee
C)Vendor
D)Investor Answer: B
Q2) An IT audit includes auditing the System Development Life Cycle (SDLC).
A)True
B)False
Answer: True
Q3) Business processes are related activities performed by an enterprise to create value by transforming input into output.
A)True
B)False Answer: True
Q4) Financial accounting focuses on providing accounting information to internal users, primarily management.
A)True
B)False
Answer: False
Page 3
To view all questions and flashcards with answers, click on the resource link above.
Chapter 2: Accounting Databases
Available Study Resources on Quizplus for this Chatper
100 Verified Questions
100 Flashcards
Source URL: https://quizplus.com/quiz/66895
Sample Questions
Q1) The ________ is responsible for managing the enterprise's databases. Answer: database administrator (DBA)
Q2) What is an operational database and a data warehouse? How are they different?
Answer: An operational database stores data related to operating a business. The data is collected from enterprise accounting transactions, such as vendor transactions, customer transactions, and employee payroll. It also includes data about people, for example customers, vendors, and employees. The data is stored with primary keys so specific data may be retrieved.
A data warehouse stores data from a variety of sources. The data may be current, historical, or future estimates.
The difference is the data in an operational database is used for routine business activities. The data in a data warehouse is used for business intelligence to improve management decision making.
Q3) Database anomalies are limited to databases using a network structure.
A)True
B)False
Answer: False
Q4) Entering data ________ reduces the change of entering errors.
Answer: once
To view all questions and flashcards with answers, click on the resource link above. Page 4
Chapter 3: Accounting Interface: Database Forms, Queries, and Reports
Available Study Resources on Quizplus for this Chatper
100 Verified Questions
100 Flashcards
Source URL: https://quizplus.com/quiz/66894
Sample Questions
Q1) Accounting systems usually use a GUI to increase the ease of entering and retrieving accounting data.
A)True
B)False
Answer: True
Q2) Queries may be used with ________ to update data in the database.
A)navigation
B)forms
C)reports
D)tables
Answer: B
Q3) In a baseline accounting system, an onscreen journal form is usually associated with the ________ module.
Answer: financial
Q4) The difference between Real-time reports and Live reports is that Real-time reports continuously provide up-to-the minute data.
A)True
B)False
Answer: False
Page 5
To view all questions and flashcards with answers, click on the resource link above.
Chapter 4: Accounting Systems and Business Processes
Available Study Resources on Quizplus for this Chatper
100 Verified Questions
100 Flashcards
Source URL: https://quizplus.com/quiz/66893
Sample Questions
Q1) How many levels of detail may be shown in a flowchart?
A)1 level
B)2 level
C)3 levels
D)4 levels
Q2) An event typically associated with the customer module of a baseline accounting system is
A)Make deposits
B)Create purchase orders
C)Receive inventory
D)Pay bills
Q3) In a BPMN diagram, define an event. How is an event represented?
Q4) What are the transactions typically associated with customers? Please define each transaction.
Q5) What are the transactions typically associated with employees? Please define each transaction.
Q6) In BPMN 2.0 a gateway is represented by a triangle.
A)True
B)False
Q7) In a flowchart, a(n)________ indicates a process flow.
To view all questions and flashcards with answers, click on the resource link above. Page 6
Chapter 5: Business Processes: Purchasing, Sales, and Payroll Cycles
Available Study Resources on Quizplus for this Chatper
102 Verified Questions
102 Flashcards
Source URL: https://quizplus.com/quiz/66892
Sample Questions
Q1) Annotate the Books Ga'Lore! Online Payment Deposit narrative.
Q2) Create a business process map organizer for the Nice Lawn Pay Payroll Liabilities narrative.
Q3) List the gateways in the Spice House Receive Customer Payment BPMN diagram.
Q4) Create a flowchart for the Spice House enter Bills from Vendors narrative.
Q5) As business processes for a new system are planned, workflow management is not considered.
A)True
B)False
Q6) Payroll ________ are paid to the appropriate governmental agencies or entities.
Q7) List the swim lane(s)and pool(s)in the Spice House Customer Payment BPMN diagram.
Q8) The biggest disadvantage to the ________ approach is that the new system goes live all at once.
Q9) The ________ approach to customization involves customizing and installing customer, vendor, employee, and remaining modules for the entire enterprise at the same time.
Q10) A ________ identifies the differences between the baseline modules and the Page 7
customization required to meet enterprise-specific needs.
To view all questions and flashcards with answers, click on the resource link above. Page 8
Chapter 6: Integrated Enterprise Systems and Cloud Computing
Available Study Resources on Quizplus for this Chatper
99 Verified Questions
99 Flashcards
Source URL: https://quizplus.com/quiz/66891
Sample Questions
Q1) A computer system that does not connect or communicate with any other computer system is called a ________.
Q2) Table names in MS SQL Server start with the prefix [dbo] which stands for
Q3) Which form below is NOT one of the forms used in the SAP purchasing module?
A)A/P Invoice
B)Purchase Order
C)A/P PO
D)Goods Receipt PO
Q4) The integrated database management system offers the enterprise additional reporting capabilities that could not be offered before the era of integrated systems.
A)True
B)False
Q5) Integrated enterprise systems, such as SAP, are able to integrate with customer systems to share data with customers.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 9
Q6) Using the SAP purchasing module, explain how a workflow can be integrated into a system.
Chapter 7: Accounting and Business Intelligence
Available Study Resources on Quizplus for this Chatper
101 Verified Questions
101 Flashcards
Source URL: https://quizplus.com/quiz/66890
Sample Questions
Q1) A digital dashboard, an interactive tool that allows a user to see the effect of changes in various scenarios, is an example of ________.
Q2) Which of the following is an example of a routine business decision?
A)Contracting with another enterprise to provide a customer support call center
B)Using the most cost effective shipping procedure
C)Purchasing a competing business
D)Launching a new product
Q3) What is the integrative decision model?
Q4) A data warehouse may contain data duplication and inconsistencies.
A)True
B)False
Q5) The main components of an intelligent system work together to
A)Identify meaningful interrelationships
B)Create shadow data
C)Prevent unauthorized access to the data
D)Store data
Q6) Why are shadow data spreadsheets created?
Q7) List and explain the seven basic steps in the IDM framework.
To view all questions and flashcards with answers, click on the resource link above. Page 10
Q8) The ________ provides a framework to structure and organize the decision-making process.
Chapter 8: Accounting and Sustainability Intelligence
Available Study Resources on Quizplus for this Chatper
100 Verified Questions
100 Flashcards
Source URL: https://quizplus.com/quiz/66889
Sample Questions
Q1) List four value creation approaches.
Q2) ________ involves collecting, storing, organizing, and reporting economic, social, and environmental information for making decisions and evaluating performance.
Q3) INTERNATIONAL FEDERATION OF ACCOUNTANTS (IFAC)SUSTAINABILITY FRAMEWORK
A)Enables organizations to identify and control their environmental impact, continuously improve their environmental performance, and implement a systematic approach to setting and achieving environmental targets.
B)Provides a resource summarizing various frameworks used in accounting for sustainability.
C)Provides a sustainability reporting framework of which the G3 guidelines are the cornerstone.
D)Requires ISO 14001 as the environmental management system.
E)Provide guiding principles for sustainability and a framework that integrates sustainability into management decision making.
Q4) ________ is an innovation method that seeks sustainable solutions by emulating nature's patterns and strategies.
Q5) Define the five guiding principles of integrated reporting.
Q6) What new perspective does sustainability require of corporations?
To view all questions and flashcards with answers, click on the resource link above. Page 11
Chapter 9: XBRL: Intelligent Business Reporting
Available Study Resources on Quizplus for this Chatper
110 Verified Questions
110 Flashcards
Source URL: https://quizplus.com/quiz/66888
Sample Questions
Q1) Credit rating agencies must use XBRL for reporting all ratings beginning in August 2020.
A)True
B)False
Q2) Identifier elements
A)Unit of measure
B)Numeric and nonnumeric facts
C)Time period
D)Defines the company or entity
E)Unique ID for the element
F)Explains the environment in which the data appears
Q3) XBRL tags enable computers to process data intelligently by storing, updating, searching, analyzing, transmitting, and communicating with greater speed, standardization, and capabilities.
A)True
B)False
Q4) XML is a programming language used for Web site development that is static.
A)True
B)False
Q5) What is XBRL? How does it work?
Page 12
To view all questions and flashcards with answers, click on the resource link above.
Chapter 10: Fraud and Internal Control
Available Study Resources on Quizplus for this Chatper
115 Verified Questions
115 Flashcards
Source URL: https://quizplus.com/quiz/66900
Sample Questions
Q1) What is SOX?
Q2) Which report provides an opinion regarding fairness of the service organization's description of controls other than those relevant to a company's internal control related to financial reporting, including the service auditor tests controls and expresses an opinion regarding the effectiveness of the controls?
A)SOC 1 Type 1 Report
B)SOC 1 Type 2 Report
C)SOC 2 Type 1 Report
D)SOC 2 Type 2 Report
Q3) Which general IT control includes control over SDLC phases for software upgrades and modifications?
A)Program development controls
B)Access security controls
C)Computer operations controls
D)Program change controls
Q4) What factors are part of the control environment?
Q5) The accounting profession is self-regulated.
A)True
B)False
To view all questions and flashcards with answers, click on the resource link above. Page 13
Chapter 11: Cybersecurity
Available Study Resources on Quizplus for this Chatper
113 Verified Questions
113 Flashcards
Source URL: https://quizplus.com/quiz/66899
Sample Questions
Q1) A commercial disaster recovery service that provides IT services and can be fully operational is a few hours is which type of back up facility?
A)Warm site
B)Cold site
C)Internal site
D)Hot site
Q2) Ethernet protocol
A)A software program that provides message transportation services between sending and receiving computers
B)A software program commonly used to connect computers to create a LAN
C)A software program that provides routing services to messages transmitted over the Internet
D)A software program that allows the enterprise network to connect to the network of vendors and suppliers through proprietary lines
Q3) COSO provides a code of practice for information security management.
A)True
B)False
Q4) List and define the information sensitivity classifications for the private sector.
To view all questions and flashcards with answers, click on the resource link above. Page 14
Chapter 12: The Risk Intelligent Enterprise: Enterprise Risk Management
Available Study Resources on Quizplus for this Chatper
108 Verified Questions
108 Flashcards
Source URL: https://quizplus.com/quiz/66898
Sample Questions
Q1) Which of the following titles does NOT refer to someone in the C-Suite?
A)CIO: Chief Information Officer
B)CSO: Chief Sustainability Officer
C)CIA: Certified Internal Auditor
D)CFO: Chief Financial Officer
Q2) Which of the 7Rs of risk management listed below pertains to risk assessment?
A)Reaction planning
B)Rank
C)Resource controls
D)Report and monitor risk performance
Q3) The company where you work is implementing risk management for spreadsheets. This includes adding a user log and change log to each spreadsheet. A co worker complains to you about having this information attached to spreadsheets. How do you explain the purpose of the these logs?
Q4) ________ risks have the possibility of benefits associated with it.
Q5) What is risk intelligence?
Q6) What is the difference between downside risks and upside risks?
Page 15
Q7) ________ are controls embedded in business processes where a majority of security breaches occur.
Q8) ________ risks have no benefits, only threats to success.
To view all questions and flashcards with answers, click on the resource link above.
Page 16
Chapter 13: Accounting System Development
Available Study Resources on Quizplus for this Chatper
109 Verified Questions
109 Flashcards
Source URL: https://quizplus.com/quiz/66897
Sample Questions
Q1) Analyze
A)Deliver the new system, including hardware and software.
B)Models for the current system, such as database models and business process models, are studied to determine modifications required.
C)In this phase, the models are transformed into software programming code, which is then tested.
D)Identify the problem, need, or opportunity that a new system would address.
E)Based on your system analysis, design new system models.
F)Operate the new system as users enter data, execute processing, and generate reports.
Q2) Why do accountants need to be included on the development team for an accounting system?
Q3) For most enterprises it is more cost-effective to hire programmers to write custom software programs for all of their accounting functions.
A)True
B)False
Q4) The ________ methodology often used to teach system development methodologies.
Q5) List and define the phases of the SDLC.
Q6) What is system development methodology (SDM)?
Page 17
To view all questions and flashcards with answers, click on the resource link above.
Chapter 14: Database Design: ERD, REA, and SQL
Available Study Resources on Quizplus for this Chatper
113 Verified Questions
113 Flashcards
Source URL: https://quizplus.com/quiz/66896
Sample Questions
Q1) In an ERD diagram, an entity identifier is represented as A)PK symbol listed by attribute
B)Connector lines
C)Square box
D)Crow's feet symbols
Q2) In an REA, a(n)________ has an economic value to the enterprise, such as inventory.
Q3) In SQL, Data Definition Language statements create, alter, and drop database objects.
A)True
B)False
Q4) List and define the first three normalization rules.
Q5) What is the difference between a procedural programming language and a non-procedural programming language?
Q6) What are the steps for designing an ERD?
Q7) A ________ relationship are problematic when designing databases
Q8) List the ERD design steps that are independent of the database structure.
Q9) A candidate key is an entity identifier that uniquely identifies an entity.
A)True
B)False Page 18
To view all questions and flashcards with answers, click on the resource link above.
Page 19