Chapter 12
Multiple-Choice Questions
1.
easy
IT has several significant effects on an organization. Which of the following would not be
important from an auditing perspective?
da.Organizational changes.
b.The visibility of information.
c.The potential for material misstatement.
d.None of the above; i.e., they are all important.
2.
easy
The audit procedure which is least useful in gathering evidence on significant computer
processes is:
ba.documentation.
b.observation.
c.test decks.
d.generalized audit software.
3.Which of the following is not a benefit of using IT-based controls?
easya.Ability to process large volumes of transactions.
db.Ability to replace manual controls with computer-based controls.
c.Reduction in misstatements due to consistent processing of transactions.
d.Over-reliance on computer-generated reports.
4.
easy
One significant risk related to an automated environment is that auditors may ____ information
provided by an information system.
ba.not place enough reliance on
b.place too much reliance on
c.reveal
d.not understand
5.Which of the following is not a risk specific to IT environments?
easya.Reliance on the functioning capabilities of hardware and software.
bb.Increased human involvement.
c.Loss of data due to insufficient backup.
d.Reduced segregation of duties.
6.
easy
Which of the following is not an enhancement to internal control that will occur as a
consequence of increased reliance on IT?
da.Computer controls replace manual controls.
b.Higher quality information is available.
c.Computer-based controls provide opportunities to enhance separation of duties.
d.Manual controls replace automated controls.
7.Which of the following is not a risk to IT systems?
easya.Need for IT experienced staff
cb.Separation of IT duties from accounting functions
c.Improved audit trail
d.Hardware and data vulnerability
8.Which of the following is not a category of an application control?
easya.Processing controls.
c b.Output controls.
c.Hardware controls.
Arens/Elder/Beasley