More MCQs
HOME
Categories
Management Information System
» Emerging Technology in E-Business MCQs
» Infrastructure and Operations MCQs
» Information and Database MCQs
» System Development Lifecycle & Software Development Models MCQs
» Project Management MCQs
» Governance and Management of IT MCQs
» Auditing Infrastructure and Operations MCQs
» Information Security Management MCQs
» Business Continuity and Disaster Recovery MCQs
The Process of Auditing Information Systems MCQs
Information Systems Auditing – is the process of collecting and evaluating evidence to determine whether a computer system safeguards asset, maintains data integrity, allows organizational goals to achieved effectively and uses resources efficiently. Here on MCQs.club we have prepared easy Multiple-Choice Questions (MCQs) on The Process of Auditing Information Systems that fully cover MCQs on information system audit process, plan of information system audit, IT audit process, Auditing Computer-Based Information Systems. These MCQs on Information Systems Audit and Control Quiz are useful for Business management exams, Competitive exams and Professional Accountancy exams.
- The major reasons for establishing a function to examine controls over computer-based data processing include:
- Organizational costs of data loss
- Costs of incorrect decision making
- Costs of computer abuse
- Value of hardware, software, personnel
- High costs of computer error
- Maintenance of privacy
- Controlled evolution of computer use
- All of the above
- (I) (III) and (VI) only
- (III) (V) and (VII) only
- None
- Information Systems Auditing – is the process of collecting and evaluating evidence to determine whether a computer system safeguards asset, maintains data integrity, allows organizational goals to achieved effectively and uses resources efficiently.
- The above is correct
- The above is incorrect
- IS auditing being a force that enables organizations to better achieve major objectives including:
- Improved safeguarding of assets
- Improved data integrity
- Improved system effectiveness
- Improved system efficiency
- All of the above
- The main objective of internal auditing is to confirm the efficiency and effectiveness of operations and their contribution to the achievement of organizational goals. Internal audit also acts as a control mechanism for management to:
- Ensure adequate internal control
- Review the reliability of records
- Prevent and detect fraud
- All of the above
- Functions of Internal auditors include:
- Systems reviews that are part of an on-going Internal auditor program
- Efficiency/cost effectiveness audits of different areas within an organization
- Both A&B
- None
- The external auditor examines whether:
- Transactions and amounts that should have been recorded are actually reported
- Reported assets are owned by the business and liabilities owed by the business at the balance sheet date are reported
- The financial statement amounts are valued in conformity with accounting standards
- All of the above
- Functions of an external auditor may include:
- A financial statement audit
- A compliance audit
- An operational/performance audit
- All of the above
- Which of the following is correct regarding the Role of an IS Auditor?
- The IS auditor gathers evidence, evaluates the strengths and weaknesses of controls
- The IS auditor uses automated working papers to perform the IS audit
- Both A&B
- None
- Various types of audits that an IS auditor should understand include:
- Financial audits, Operational audits, Integrated audits
- Administrative audits, Information systems audits, Forensic audit
- Both A&B
- None
- Audit approaches would require auditors, regulators and standards setters to make significant adjustments. Such adjustments might include:
- Changes in the riming and frequency of the audit
- Increased education in technology and analytic methods
- Adoption of full population examination instead of sampling
- Re-examination of concepts such as materiality and independence
- All of the above
- The objective of an external audit engagement is to enable the auditor to express an opinion on whether the financial statements:
- Give a true and fair view
- Are prepared in all material respects in accordance with an applicable financial reporting framework
- Both A&B
- None
- Audit risks – can be defined as the risk that the information/financial report may contain material error or that the IS auditor may not detect an error that has occurred.
- True
- False
- The equation of Audit Risk is:
- Audit risk = control risk x detection risk
- Audit risk = Inherent risk x control risk
- Audit risk = Inherent risk x control risk x detection risk
- None
- Determinants for evaluating the reliability of audit evidence include:
- Independence of the provider of the evidence
- Qualification of the individual providing the information or evidence
- Objectivity of the evidence
- Timing of the evidence
- All of the above
- The approaches to audit sampling are:
- Statistical
- Non-statistical
- Both A&B
- None
- Statistical sampling –
- Is an objective method of determining the sample size and selection criteria. The IS auditor quantitatively decides how closely the sample should represent the population.
- Often referred to as judgmental sampling, uses auditor’s judgment to determine the method of sampling.
- Both A&B
- None
- Non-Statistical sampling –
- Is an objective method of determining the sample size and selection criteria. The IS auditor quantitatively decides how closely the sample should represent the population.
- Often referred to as judgmental sampling, uses auditor’s judgment to determine the method of sampling.
- Both A&B
- None
- The key steps in the construction and selection of a sample for an audit test include:
- Determine the objective of the test
- Define the population to be sampled
- Determine the sampling method
- Calculate the sample size
- Select the sample
- Evaluate the sample from an audit perspective
- All of the above
- (I) (II) and (V) only
- (III) (V) and (VI) only
- None
- The main objectives of the Internal control process is:
- Safeguarding of assets
- Assuring the integrity of general operating system environments
- Assuring the integrity of sensitive and critical application system environments
- All of the above
- The components of Internal control system include:
- Internal accounting controls
- An operational control
- Administrative controls
- All of the above
- Identify the examples of Information systems control objective:
- All transactions are recorded and entered into the computer for the proper period
- Information on automated systems is secured from improper access and kept up-to-date
- Both A&B
- None
- Identify the examples of control procedures:
- Strategy and direction
- General organization and management
- Access to data and programs
- System development and change control
- All of the above
- The actions that can be taken to protect against physical threats can be categorized as:
- Preventative measures
- Detective measures
- Corrective measures
- All of the above
- In operational audit a risk-based approach should be used that:
- Identifies the principal business risks involved which may prevent the organization achieving its objectives
- Assesses the extent to which controls are in place and are operating effectively in order to manage these risks
- Both A&B
- None
- The purpose of a Risk analysis may include:
- It helps the auditor in evaluation of controls in audit planning
- It assists the auditor in determining audit objectives
- It supports risk-based audit decisions
- All of the above
- Advantages of CAATs include:
- Greater productivity
- Simplified project documentation due to automation
- Improved the planning process
- All of the above
- The personal benefits of CAATs to auditor include:
- Independence, Greater creativity
- Reduced audit risk
- Elimination of respective work
- All of the above
- Disadvantages of CAATs include:
- Training requirements of most of the CAATs are extensive and therefore can be cumbersome
- They are so general that customizing them for specific use might be difficult process
- Both A&B
- None
- Which documentation should be retained when developing CAATs?
- Commented program listings
- Flowcharts both detailed and overview
- Sample reports, Record and file layouts
- All of the above
- The consideration for selection of CAATs are:
- Ease of Use
- Capacity to handle the data
- Efficiency of analysis
- Effectiveness in preventing and detecting frauds
- All of the above
- With the help of CAATs various tasks in audit of bank branches, which are handled manually can be automated. Illustrative areas that can be covered in the audit are:
- Interest earned on advances
- Interest paid on deposits
- Recovery of commission and income from non-fund business
- All of the above
- The principles used by SysTrust to evaluate whether a system is reliable include:
- Availability
- Security
- Integrity
- Maintainability
- All of the above
- The Audit strengths may include:
- An audit may reduce the risk of management bias, fraud and error by acting as a deterrent
- An audit enhances the credibility of the financial statements
- Assurance may be obtained from the operating effectiveness of internal controls
- A&B only
- The Limitations of audit may include:
- Representations from management may have to be relied upon as the only source of evidence in some areas
- Auditors do not test all transactions and balances they test on a sample basis
- Deficiencies in the internal control systems may be highlighted by the auditor
- A&B only
- The types of Control Self-Assessment (CSA) processes are:
- Management Risk Assessment (MRA)
- Process Risk Assessment (PRA)
- Both A&B
- None
—More to come soon—
5 Responses
We want more mcqs
Hey Thanks for the valuable feedback!! More to come soon. Stay tuned.
Txu sir…
Yes plzz ,
we want more mcqs…..
Hey Sure buddy! We are tirelessly working on it.
Stay tuned.