Chapter 5 - In class Questions
d
A client is concerned that a power outage or disaster could impair the computer hardware's ability to function as designed. The client desires off-site backup hardware facilities that are fully configured and ready to operate within several hours. The client most likely should consider a a. cold site b. cool site c. warm site d. hot site
d
A client who recently installed a new accounts payable system assigned employees a user Id code (UIC) and a separate password. Each UIC is a person's name, and the individual's password is the same as the UIC. Users are not required to change their passwords as initial login nor do passwords expire. Which of the following statements does not reflect a limitation of the client's computer access system? a. employees can easily guess fellow employee's passwords b. employees are not required to change passwords c. employees can circumvent procedures to segregate duties d. employees are not required to take regular vacations
b
An advantage of using systems flowcharts to document information about internal control instead of using internal control questionnaires is that systems flowcharts a. identify internal control deficiencies more prominently b. provide a visual depiction of clients' activities c. indicate whether controls are operating effectively d. reduce the need to observe clients' employees performing routine tasks
b
An auditor should obtain an understanding of an entity's information system, including a. safeguards used to limit access to computer facilities b. process used to prepare significant accounting estimates c. procedures used to unsure the proper supervision of staff d. programs and controls intended to address the risks of fraud
d
An auditor uses the knowledge provided by the understanding of internal control and the assessed risks of material misstatement primarily to a. determine whether procedures and records concerning the safeguarding of assets are reliable b. determine whether the opportunities to allow any person to both perpetrate and conceal fraud are minimized c. modify the initial assessments of inherent risk and judgement about materiality levels for planning purposes d. determine the nature, timing and extent of substantive procedures for financial statement assertions
d
An auditor would most likely be concerned with controls that provide reasonable assurance about the a. efficiency of management's decision-making process b. appropriate prices the entity should charge for its produts c. decision to make expenditures for certain advertising activities d. entity's ability to initiate , authorize, record, process and report financial date
d
An auditor's flowchart of a client's accounting system is a diagrammatic representation that depicts the auditor's a. assessment of the risks of material misstatement b. identification of weaknesses in the system c. assessment of the control environment's effectiveness d. understanding of the system
d
As part of understanding internal control relevant to the audit of a non issuer, an auditors does not need to a. consider factors that affect the risks of material misstatement b. determine whether controls have been implemented c. identify the risks of material misstatement d. obtain knowledge about the operating effectiveness of internal control
d
In an audit of financial statements in accordance with generally accepted auditing standards, an auditor should a. identify specific controls relevant to management's financial statement assertions b. perform test of controls to evaluate the effectiveness of the entity's accounting system c. determine whether procedures are suitably designed to prevent, or detect and correct, material misstatement d. document the auditor's understanding of the entity's internal control
b
In an audit of financial statements, an auditor's primary consideration regarding an internal control is whether the control a. reflects management's philosophy and operating style b. affects management's financial statement assertions c. provides adequate safeguards over access to assets d. relates to operational objectives
a
In obtaining an understanding of a manufacturing entity's internal control concerning inventory balances, an auditor most likely would a. review the entity's descriptions of inventory policies and procedures b. perform test controls of inventory during the entity's physical count c. analyze inventory turnover statistics to identify slow-moving and obsolete items d. analyze monthly production reports to identify variances and unusual tranactions
a
In obtaining an understanding of controls that are relevant to audit planning, an auditor is required to obtain knowledge about the a. design of the controls included in the internal control components b. effectiveness of the controls that have been iplemented c. consistency with which the controls are currently being applied d. controls related to teach principal transaction class and account balance
d
In obtaining and understanding of internal control in a financial statement audit, an auditor is not obligated to a. determine whether the controls have been implemented b. perform procedures to understand the design of internal control c. document the understanding of the entity's internal control components d. search for significant deficiencies in the operation of internal control
d
In which of the following circumstances would an auditor expect to find that an entity implemented automated controls to reduce risks of misstatement? a. when errors are difficult to predict b. when misstatements are difficult to define c. when large, unusual, or nonrecurring transactions require judgement d. when transactions are high-volume and recurring
d
Proper segregation of duties reduces the opportunities to allow persons to be in positions both to a. journalize entries and prepare financial statements b. record cash receipts and cash disbursements c. establish internal control and authorize transactionos d. perpetrate and conceal fraud and error
b
Proper segregation of functional responsibilities to achieve effective internal control calls for separation of the functions of a. authorization, execution and payment b. authorization, recording, and custody c. custody, execution and reporting d. authorization, payment and recording
a
The primary objective of procedures performed to obtain an understanding of internal control is to provide an auditor with a. knowledge necessary for audit planning b. evidence to use in assessing inherent risk. c. a basis for modifying tests of controls d. an evaluation of the consistency of application of management's policies
b
When obtaining an understanding of an entity's internal control, an auditor should concentrate on their substance rather than their form because a. the controls may be operating effectively but may not be documented b. management may establish appropriate controls but not enforce compliance with them c. the controls may be so inappropriate that no reliance is expected by the auditor d. management may implement controls whose costs exceed their benefits
c
Which of the following are considered control environment elements? Detection Risk/Commitment to Competence a. yes/yes b. yes/no c. no/yes d. no/no
a
Which of the following characteristics distinguishes computer processing from manual processing? a. computer processing virtually eliminates the occurrence of computational error normally associated with manual processing b. error or fraud in computer processing will be detected soon after their occurance c. the potential for systematic error is ordinarily greater in manual processing than in computerized processing d. most computer systems are designed so that transaction trails useful for audit purposes do not exist
b
Which of the following controls most likely could prevent computer personnel from modifying programs to bypass programmed controls? a. periodic management review of computer utilization reports and systems documentation b. separation of duties for computer programming and computer operations c. participation of user department personnel in designing and approving new systems d. physical security of computer facilities in limiting access to computer equipment
d
Which of the following factors are included in an entity's control environment? Audit committee Participation/Integrity and Ethical Values/Organizational Structure a. yes/yes/no b. yes/no/yes c. no/yes/yes d. yes/yes/yes
c
Which of the following is a computer program that appears to be legitimate but performs some illicit activity when it is run? a. hoax virus b. web crawler c. trojan horse d. killer application
c
Which of the following is a management control method that most likely could improve management's ability to supervise company activities effectively? a. monitoring compliance with internal control requirements imposed by regulatory bodies. b. limiting direct access to assets by physical segregation an protective devices c. establishing budgets and forecasts to identify variances from expectations d. supporting employees with the resources necessary to discharge their responsibilities
a
Which of the following is not a component of internal control a. control risk b. monitoring of controls c. information system d. the control environment
a
Which of the following is the most serious password security problem? a. users are assigned passwords when accounts are created but do not change them b. users have accounts on several systems with different passwords c. users copy their passwords on note paper, which is kept in their wallets d. users select secret passwords that are not listed in any online dictionary
a
Which of the following most likely would not be considered an inherent limitation of the potential effectiveness of an entity's internal control? a. incompatible duties b. management override c. faculty judgement d. collusion among employees