The Process of Auditing Information Systems MCQs – CISA

Share on facebook
Share on twitter
Share on linkedin
Share on pinterest
Share on reddit
Share on whatsapp

SHARE THIS

Information Systems Auditing – is the process of collecting and evaluating evidence to determine whether a computer system safeguards asset, maintains
The Process of Auditing Information Systems MCQs

The Process of Auditing Information Systems MCQs

Information Systems Auditing – is the process of collecting and evaluating evidence to determine whether a computer system safeguards asset, maintains data integrity, allows organizational goals to achieved effectively and uses resources efficiently. Here on MCQs.club we have prepared easy Multiple-Choice Questions (MCQs) on The Process of Auditing Information Systems that fully cover MCQs on information system audit process, plan of information system audit, IT audit process, Auditing Computer-Based Information Systems. These MCQs on Information Systems Audit and Control Quiz are useful for Business management exams, Competitive exams and Professional Accountancy exams.

  1. The major reasons for establishing a function to examine controls over computer-based data processing include:
      1. Organizational costs of data loss
      2. Costs of incorrect decision making
      3. Costs of computer abuse
      4. Value of hardware, software, personnel
      5. High costs of computer error
      6. Maintenance of privacy
      7. Controlled evolution of computer use
    1. All of the above
    2. (I) (III) and (VI) only
    3. (III) (V) and (VII) only
    4. None
  1. Information Systems Auditing – is the process of collecting and evaluating evidence to determine whether a computer system safeguards asset, maintains data integrity, allows organizational goals to achieved effectively and uses resources efficiently.
    1. The above is correct
    2. The above is incorrect
  1. IS auditing being a force that enables organizations to better achieve major objectives including:
    1. Improved safeguarding of assets
    2. Improved data integrity
    3. Improved system effectiveness
    4. Improved system efficiency
    5. All of the above
  1. The main objective of internal auditing is to confirm the efficiency and effectiveness of operations and their contribution to the achievement of organizational goals. Internal audit also acts as a control mechanism for management to:
    1. Ensure adequate internal control
    2. Review the reliability of records
    3. Prevent and detect fraud
    4. All of the above
  1. Functions of Internal auditors include:
    1. Systems reviews that are part of an on-going Internal auditor program
    2. Efficiency/cost effectiveness audits of different areas within an organization
    3. Both A&B
    4. None
  1. The external auditor examines whether:
    1. Transactions and amounts that should have been recorded are actually reported
    2. Reported assets are owned by the business and liabilities owed by the business at the balance sheet date are reported
    3. The financial statement amounts are valued in conformity with accounting standards
    4. All of the above
  1. Functions of an external auditor may include:
    1. A financial statement audit
    2. A compliance audit
    3. An operational/performance audit
    4. All of the above

  1. Which of the following is correct regarding the Role of an IS Auditor?
    1. The IS auditor gathers evidence, evaluates the strengths and weaknesses of controls
    2. The IS auditor uses automated working papers to perform the IS audit
    3. Both A&B
    4. None
  1. Various types of audits that an IS auditor should understand include:
    1. Financial audits, Operational audits, Integrated audits
    2. Administrative audits, Information systems audits, Forensic audit
    3. Both A&B
    4. None
  1. Audit approaches would require auditors, regulators and standards setters to make significant adjustments. Such adjustments might include:
    1. Changes in the riming and frequency of the audit
    2. Increased education in technology and analytic methods
    3. Adoption of full population examination instead of sampling
    4. Re-examination of concepts such as materiality and independence
    5. All of the above
  1. The objective of an external audit engagement is to enable the auditor to express an opinion on whether the financial statements:
    1. Give a true and fair view
    2. Are prepared in all material respects in accordance with an applicable financial reporting framework
    3. Both A&B
    4. None
  1. Audit risks – can be defined as the risk that the information/financial report may contain material error or that the IS auditor may not detect an error that has occurred.
    1. True
    2. False
  1. The equation of Audit Risk is:
    1. Audit risk = control risk x detection risk
    2. Audit risk = Inherent risk x control risk
    3. Audit risk = Inherent risk x control risk x detection risk
    4. None
  1. Determinants for evaluating the reliability of audit evidence include:
    1. Independence of the provider of the evidence
    2. Qualification of the individual providing the information or evidence
    3. Objectivity of the evidence
    4. Timing of the evidence
    5. All of the above

  1. The approaches to audit sampling are:
    1. Statistical
    2. Non-statistical
    3. Both A&B
    4. None
  1. Statistical sampling –
    1. Is an objective method of determining the sample size and selection criteria. The IS auditor quantitatively decides how closely the sample should represent the population.
    2. Often referred to as judgmental sampling, uses auditor’s judgment to determine the method of sampling.
    3. Both A&B
    4. None
  1. Non-Statistical sampling –
    1. Is an objective method of determining the sample size and selection criteria. The IS auditor quantitatively decides how closely the sample should represent the population.
    2. Often referred to as judgmental sampling, uses auditor’s judgment to determine the method of sampling.
    3. Both A&B
    4. None
  1. The key steps in the construction and selection of a sample for an audit test include:
      1. Determine the objective of the test
      2. Define the population to be sampled
      3. Determine the sampling method
      4. Calculate the sample size
      5. Select the sample
      6. Evaluate the sample from an audit perspective
    1. All of the above
    2. (I) (II) and (V) only
    3. (III) (V) and (VI) only
    4. None
  1. The main objectives of the Internal control process is:
    1. Safeguarding of assets
    2. Assuring the integrity of general operating system environments
    3. Assuring the integrity of sensitive and critical application system environments
    4. All of the above
  1. The components of Internal control system include:
    1. Internal accounting controls
    2. An operational control
    3. Administrative controls
    4. All of the above
  1. Identify the examples of Information systems control objective:
    1. All transactions are recorded and entered into the computer for the proper period
    2. Information on automated systems is secured from improper access and kept up-to-date
    3. Both A&B
    4. None

  1. Identify the examples of control procedures:
    1. Strategy and direction
    2. General organization and management
    3. Access to data and programs
    4. System development and change control
    5. All of the above
  1. The actions that can be taken to protect against physical threats can be categorized as:
    1. Preventative measures
    2. Detective measures
    3. Corrective measures
    4. All of the above
  1. In operational audit a risk-based approach should be used that:
    1. Identifies the principal business risks involved which may prevent the organization achieving its objectives
    2. Assesses the extent to which controls are in place and are operating effectively in order to manage these risks
    3. Both A&B
    4. None
  1. The purpose of a Risk analysis may include:
    1. It helps the auditor in evaluation of controls in audit planning
    2. It assists the auditor in determining audit objectives
    3. It supports risk-based audit decisions
    4. All of the above
  1. Advantages of CAATs include:
    1. Greater productivity
    2. Simplified project documentation due to automation
    3. Improved the planning process
    4. All of the above
  1. The personal benefits of CAATs to auditor include:
    1. Independence, Greater creativity
    2. Reduced audit risk
    3. Elimination of respective work
    4. All of the above
  1. Disadvantages of CAATs include:
    1. Training requirements of most of the CAATs are extensive and therefore can be cumbersome
    2. They are so general that customizing them for specific use might be difficult process
    3. Both A&B
    4. None

  1. Which documentation should be retained when developing CAATs?
    1. Commented program listings
    2. Flowcharts both detailed and overview
    3. Sample reports, Record and file layouts
    4. All of the above
  1. The consideration for selection of CAATs are:
    1. Ease of Use
    2. Capacity to handle the data
    3. Efficiency of analysis
    4. Effectiveness in preventing and detecting frauds
    5. All of the above
  1. With the help of CAATs various tasks in audit of bank branches, which are handled manually can be automated. Illustrative areas that can be covered in the audit are:
    1. Interest earned on advances
    2. Interest paid on deposits
    3. Recovery of commission and income from non-fund business
    4. All of the above
  1. The principles used by SysTrust to evaluate whether a system is reliable include:
    1. Availability
    2. Security
    3. Integrity
    4. Maintainability
    5. All of the above
  1. The Audit strengths may include:
    1. An audit may reduce the risk of management bias, fraud and error by acting as a deterrent
    2. An audit enhances the credibility of the financial statements
    3. Assurance may be obtained from the operating effectiveness of internal controls
    4. A&B only
  1. The Limitations of audit may include:
    1. Representations from management may have to be relied upon as the only source of evidence in some areas
    2. Auditors do not test all transactions and balances they test on a sample basis
    3. Deficiencies in the internal control systems may be highlighted by the auditor
    4. A&B only
  1. The types of Control Self-Assessment (CSA) processes are:
    1. Management Risk Assessment (MRA)
    2. Process Risk Assessment (PRA)
    3. Both A&B
    4. None

—More to come soon—

Read more
Read more
Read more
Read more

Leave a Reply

Sign up for Free MCQs

Success is awaiting for you

JOIN US

MCQsClub login

Welcome to the Club

Log in to continue. IT'S FREE

OR