Computer Fundamental MCQs, Management Information System MCQs

The Process of Auditing Information Systems MCQs – CISA

Information Systems Auditing – is the process of collecting and evaluating evidence to determine whether a computer system safeguards asset, maintains

More MCQs
HOME
Categories
Management Information System

Computer Fundamental

Computer Science

» Emerging Technology in E-Business MCQs
» Infrastructure and Operations MCQs
» Information and Database MCQs
» System Development Lifecycle & Software Development Models MCQs
» Project Management MCQs

» Governance and Management of IT MCQs
» Auditing Infrastructure and Operations MCQs
» Information Security Management MCQs
» Business Continuity and Disaster Recovery MCQs

The Process of Auditing Information Systems MCQs

Information Systems Auditing – is the process of collecting and evaluating evidence to determine whether a computer system safeguards asset, maintains data integrity, allows organizational goals to achieved effectively and uses resources efficiently. Here on MCQs.club we have prepared easy Multiple-Choice Questions (MCQs) on The Process of Auditing Information Systems that fully cover MCQs on information system audit process, plan of information system audit, IT audit process, Auditing Computer-Based Information Systems. These MCQs on Information Systems Audit and Control Quiz are useful for Business management exams, Competitive exams and Professional Accountancy exams.

The major reasons for establishing a function to examine controls over computer-based data processing include:

1. 1. Organizational costs of data loss
  2. Costs of incorrect decision making
  3. Costs of computer abuse
  4. Value of hardware, software, personnel
  5. High costs of computer error
  6. Maintenance of privacy
  7. Controlled evolution of computer use

1. All of the above
2. (I) (III) and (VI) only
3. (III) (V) and (VII) only
4. None

Information Systems Auditing – is the process of collecting and evaluating evidence to determine whether a computer system safeguards asset, maintains data integrity, allows organizational goals to achieved effectively and uses resources efficiently.

1. The above is correct
2. The above is incorrect

IS auditing being a force that enables organizations to better achieve major objectives including:

1. Improved safeguarding of assets
2. Improved data integrity
3. Improved system effectiveness
4. Improved system efficiency
5. All of the above

The main objective of internal auditing is to confirm the efficiency and effectiveness of operations and their contribution to the achievement of organizational goals. Internal audit also acts as a control mechanism for management to:

1. Ensure adequate internal control
2. Review the reliability of records
3. Prevent and detect fraud
4. All of the above

Functions of Internal auditors include:

1. Systems reviews that are part of an on-going Internal auditor program
2. Efficiency/cost effectiveness audits of different areas within an organization
3. Both A&B
4. None

The external auditor examines whether:

1. Transactions and amounts that should have been recorded are actually reported
2. Reported assets are owned by the business and liabilities owed by the business at the balance sheet date are reported
3. The financial statement amounts are valued in conformity with accounting standards
4. All of the above

Functions of an external auditor may include:

1. A financial statement audit
2. A compliance audit
3. An operational/performance audit
4. All of the above

Which of the following is correct regarding the Role of an IS Auditor?

1. The IS auditor gathers evidence, evaluates the strengths and weaknesses of controls
2. The IS auditor uses automated working papers to perform the IS audit
3. Both A&B
4. None

Various types of audits that an IS auditor should understand include:

1. Financial audits, Operational audits, Integrated audits
2. Administrative audits, Information systems audits, Forensic audit
3. Both A&B
4. None

Audit approaches would require auditors, regulators and standards setters to make significant adjustments. Such adjustments might include:

1. Changes in the riming and frequency of the audit
2. Increased education in technology and analytic methods
3. Adoption of full population examination instead of sampling
4. Re-examination of concepts such as materiality and independence
5. All of the above

The objective of an external audit engagement is to enable the auditor to express an opinion on whether the financial statements:

1. Give a true and fair view
2. Are prepared in all material respects in accordance with an applicable financial reporting framework
3. Both A&B
4. None

Audit risks – can be defined as the risk that the information/financial report may contain material error or that the IS auditor may not detect an error that has occurred.

1. True
2. False

The equation of Audit Risk is:

1. Audit risk = control risk x detection risk
2. Audit risk = Inherent risk x control risk
3. Audit risk = Inherent risk x control risk x detection risk
4. None

Determinants for evaluating the reliability of audit evidence include:

1. Independence of the provider of the evidence
2. Qualification of the individual providing the information or evidence
3. Objectivity of the evidence
4. Timing of the evidence
5. All of the above

The approaches to audit sampling are:

1. Statistical
2. Non-statistical
3. Both A&B
4. None

Statistical sampling –

1. Is an objective method of determining the sample size and selection criteria. The IS auditor quantitatively decides how closely the sample should represent the population.
2. Often referred to as judgmental sampling, uses auditor’s judgment to determine the method of sampling.
3. Both A&B
4. None

Non-Statistical sampling –

1. Is an objective method of determining the sample size and selection criteria. The IS auditor quantitatively decides how closely the sample should represent the population.
2. Often referred to as judgmental sampling, uses auditor’s judgment to determine the method of sampling.
3. Both A&B
4. None

The key steps in the construction and selection of a sample for an audit test include:

1. 1. Determine the objective of the test
  2. Define the population to be sampled
  3. Determine the sampling method
  4. Calculate the sample size
  5. Select the sample
  6. Evaluate the sample from an audit perspective

1. All of the above
2. (I) (II) and (V) only
3. (III) (V) and (VI) only
4. None

The main objectives of the Internal control process is:

1. Safeguarding of assets
2. Assuring the integrity of general operating system environments
3. Assuring the integrity of sensitive and critical application system environments
4. All of the above

The components of Internal control system include:

1. Internal accounting controls
2. An operational control
3. Administrative controls
4. All of the above

Identify the examples of Information systems control objective:

1. All transactions are recorded and entered into the computer for the proper period
2. Information on automated systems is secured from improper access and kept up-to-date
3. Both A&B
4. None

Identify the examples of control procedures:

1. Strategy and direction
2. General organization and management
3. Access to data and programs
4. System development and change control
5. All of the above

The actions that can be taken to protect against physical threats can be categorized as:

1. Preventative measures
2. Detective measures
3. Corrective measures
4. All of the above

In operational audit a risk-based approach should be used that:

1. Identifies the principal business risks involved which may prevent the organization achieving its objectives
2. Assesses the extent to which controls are in place and are operating effectively in order to manage these risks
3. Both A&B
4. None

The purpose of a Risk analysis may include:

1. It helps the auditor in evaluation of controls in audit planning
2. It assists the auditor in determining audit objectives
3. It supports risk-based audit decisions
4. All of the above

Advantages of CAATs include:

1. Greater productivity
2. Simplified project documentation due to automation
3. Improved the planning process
4. All of the above

The personal benefits of CAATs to auditor include:

1. Independence, Greater creativity
2. Reduced audit risk
3. Elimination of respective work
4. All of the above

Disadvantages of CAATs include:

1. Training requirements of most of the CAATs are extensive and therefore can be cumbersome
2. They are so general that customizing them for specific use might be difficult process
3. Both A&B
4. None

Which documentation should be retained when developing CAATs?

1. Commented program listings
2. Flowcharts both detailed and overview
3. Sample reports, Record and file layouts
4. All of the above

The consideration for selection of CAATs are:

1. Ease of Use
2. Capacity to handle the data
3. Efficiency of analysis
4. Effectiveness in preventing and detecting frauds
5. All of the above

With the help of CAATs various tasks in audit of bank branches, which are handled manually can be automated. Illustrative areas that can be covered in the audit are:

1. Interest earned on advances
2. Interest paid on deposits
3. Recovery of commission and income from non-fund business
4. All of the above

The principles used by SysTrust to evaluate whether a system is reliable include:

1. Availability
2. Security
3. Integrity
4. Maintainability
5. All of the above

The Audit strengths may include:

1. An audit may reduce the risk of management bias, fraud and error by acting as a deterrent
2. An audit enhances the credibility of the financial statements
3. Assurance may be obtained from the operating effectiveness of internal controls
4. A&B only

The Limitations of audit may include:

1. Representations from management may have to be relied upon as the only source of evidence in some areas
2. Auditors do not test all transactions and balances they test on a sample basis
3. Deficiencies in the internal control systems may be highlighted by the auditor
4. A&B only

The types of Control Self-Assessment (CSA) processes are:

1. Management Risk Assessment (MRA)
2. Process Risk Assessment (PRA)
3. Both A&B
4. None

—More to come soon—

The Process of Auditing Information Systems MCQs – CISA

SHARE THIS

The Process of Auditing Information Systems MCQs