Scribd
Upload
54 views5 pages

LQ.1 Audit

The document contains 30 multiple choice questions about concepts related to auditing and internal controls. Some key topics covered include the COSO framework, risk assessment, internal controls, information technology controls, security, and contingency planning. The questions test understanding of concepts like segregation of duties, monitoring controls, firewalls, encryption, and roles/responsibilities related to auditing.

Uploaded by

joy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
54 views5 pages

LQ.1 Audit

The document contains 30 multiple choice questions about concepts related to auditing and internal controls. Some key topics covered include the COSO framework, risk assessment, internal controls, information technology controls, security, and contingency planning. The questions test understanding of concepts like segregation of duties, monitoring controls, firewalls, encryption, and roles/responsibilities related to auditing.

Uploaded by

joy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Long Quiz 001

1. COSO framework includes


a. Substantive testing
b. Standards of field work
c. Preventive control
d. Risk assessment

2. Risks associated in DDP includes


a. Inadequate segregation of duties
b. Inefficient use of resources
c. All choices are correct
d. Destruction of audit trails

3. Large-scale IT outsourcing involves transferring to a vendor commodity IT assets such as network


management, systems operations, server maintenance, and help-desk functions.
- False

4. Advisory services are professional services offered by public accounting firms to improve their
client organizations' operational efficiency and effectiveness.
- True

5. Not all company's system of internal control has limitations on its effectiveness.
- False

6. Audit trails cannot be used to


a. Reduce the need for other forms of security
b. Facilitate reconstruction of events
c. Promote personal accountability
d. Detect unauthorized access to systems

7. Passwords are secret codes that users enter to gain access to systems. Security can be
compromised by all of the following except
a. Failure to change passwords on a regular basis
b. Selecting passwords that can be easily detected by computer criminals
c. Recording passwords in obvious places
d. Using obscure passwords unknown to others
8. Ongoing monitoring of the entity's internal control may be achieved through
a. Physical use of computers to update accounts
b. Blocking of unauthorized access to entity's financial transactions
c. Integration of special module systems
d. Delegation of responsibility and authority

9. The application of IT controls ensures the following assertions of financial transactions, except:
a. Completeness
b. Accuracy
c. Presentation
d. Validity

10. Application-level firewalls provide efficient but low-security access control.


- False

11. Specific assets are of value to vendors because, once acquired, vendors can achieve economies of
scale by employing them with other clients.
- False

12. Audit objectives for assessing controls in the PC environment include the following, except
a. Verify that backup procedures are in place to prevent data and program loss due to system
failures, errors, and so on.
b. Verify that controls are in place to protect data, programs, and computers from unauthorized
access, manipulation, destruction, and theft.
c. Verify that the system is free from viruses and adequately protected to minimize the risk of
becoming infected with a virus or similar object.
d. All of the above choices are correct.

13. Commodity IT assets include such things are network management.


- True

14. To achieve efficient and effective use of finite computer resources, the operating system must
schedule job processing according to established priorities and balance the use of resources
among the competing applications.
- True

15. Limitations of the effectiveness of internal control include all, except:


a. Possibility of error
b. Circumvention
c. Obsolescence of the system
d. Management override

16. Hackers can disguise their message packets to look as if they came from an authorized user and
gain access to the host's network using a technique called
- Spoofing

17. Firewalls are


a. None of the above
b. Special materials used to insulate computer facilities.
c. Special software used to screen Internet access
d. A system that enforces access control between two networks.
18. Adoption of a new accounting principle that impacts the preparation of financial statements falls
under what framework of COSO?
a. Information and communication
b. Risk assessment
c. Control activities
d. Control environment

19. Encryption is the conversion of data into a secret code for storage in databases and transmission
over networks.
- True

20. In which of the following modifying principles inherent in control objectives states that internal
control system should achieve the four broad objectives regardless of the data processing method
used (whether manual or computer based).
a. Reasonable assurance
b. Limitations
c. Management responsibility
d. Methods of data processing

21. Core competency theory argues that an organization should retain certain specific non-core assets
in-house.
- False

22. The most neglected aspect of contingency planning is


a. Providing Second-Site Backup
b. Creating a Disaster Recovery Team
c. Testing the DRP
d. Backing up of supplies and source documents.

23. External auditors must perform the following procedures quarterly to identify any material
modifications in controls that may impact financial reporting, except:
a. Understand the flow of transactions, including IT aspects, in sufficient detail to identify points
^t which a misstatement could arise.
b. Determine whether changes in internal controls are likely to materially affect internal control
over financial reporting
c. Evaluate the implications of misstatements identified by the auditor as part of the interim
review that relate to effective internal controls.
d. Interview management regarding any significant changes in the design or operation of internal
control that occurred subsequent to the preceding annual audit or prior review of interim financial
information.

24. Internal control objectives are, among others:


a. Compliance with law and regulations.
b. Control environment and monitoring.
c. Segregation of duties.
d. Risk assessment.

25. The task of identifying critical items and prioritizing applications


a. Is delegated to IT professionals
b. Requires the active participation of user departments, accountants, and auditors.
c. Can be made by anyone in the company.
d. Is viewed as a technical computer issue.

26. Many techniques exist to reduce the likelihood and effects of data communication hardware
failure. One of these is
a. Antivirus software
b. Hardware access procedures
c. Parity check
d. Data encryption

27. Certain duties that are deemed incompatible in a manual system may be combined in a
computer-based information system environment.
- True
28. Which of the following is not a role of an audit committee?
a. Check and balance for the internal audit function
b. Assessment and modification of entity's policy and procedure
c. Identification of risks
d. Independent guardian of the entity's assets

29. All of the following are objectives of operating system control except
a. Protecting the OS from users
b. Protesting users from each other
c. Protecting the environment from users
d. Protecting users from themselves

30. Program fraud involves


a. Making unauthorized changes to program modules for the purpose of committing an illegal act
b. Modification of users credentials.
c. Unauthorized access to the company's program modules.
d. All choices are correct

You might also like