Aud Test 3 part 2
Which of the following are NOT processing controls? Run-to-run totals Control total reports Master file changes Missing data tests
Master file changes Missing data tests
Unless there is proof in the workpapers that auditors have considered disconfirming evidence, it is possible or likely that inspection teams from the PCAOB would have questions about whether ______ was properly exercised when completing the ADA.
PROFESSIONAL SKEPTICISM
The objectives of ________ _______controls parallel are to provide reasonable assurances regarding modifications to existing programs.
PROGRAM CHANGE
When an auditor chooses among different ways to use ADA to conduct substantive analytical procedures, the professional standards state that more ______ relationships among the data allow the auditor to take much more substantive comfort from the test.
Predictable
Having reasonable assurance that appropriate users participate in the software acquisition process is an objective of ________ _________ controls.
Program Development
Heat Map
A heat map is a data visualization that illustrates the magnitude of each risk (low, medium, or high) and the likelihood (low, medium or high) of each risk in a manner that improves understandability.
A customer intended to order 100 units of product Z96014 but incorrectly ordered product Z96015, which is not an actual product. Which of the following controls most likely would detect this error? A) Check digit verification. B) Record count. C) Hash total. D) Redundant data check.
A) Check digit verification.
In an environment that is highly automated, an auditor determines that it is not possible to reduce detection risk solely by using substantive tests of transactions. Under these circumstances, the auditor most likely would A) Perform tests of controls to support a lower level of assessed control risk. B) Increase the sample size to reduce sampling risk and detection risk. C) Adjust the materiality level and consider the effect on inherent risk. D) Apply analytical procedures and consider the effect on control risk.
A) Perform tests of controls to support a lower level of assessed control risk.
A client's accounts receivable consists of 200,000 accounts. The auditor has concluded that all but 75 of the accounts have an extremely low likelihood of being misstated. As a result, the auditor decides to perform a positive confirmation procedure with those 75 accounts. In regards to the other 199,275 accounts, the professional standards currently ______. A) provide no guidance in determining the level of evidence this confirmation procedure will provide B) conclude that no additional evidence testing is needed for these accounts C) require that the auditor perform additional testing on a sample of these accounts
A) provide no guidance in determining the level of evidence this confirmation procedure will provide
The systematic computational analysis of data in a manner that yields insight in the audit process is, at a basis level, the meaning of _______.
Analytics
Which of the following automated application controls would offer reasonable assurance that inventory data were completely and accurately entered? A) Sequence checking. B) Batch totals. C) Limit tests. D) Check digits.
B) Batch totals.
Which of the following would reduce the effectiveness of internal control in an accounting information system? A) The computer librarian maintains custody of computer program instructions and detailed lists. B) Computer operators have access to operator instructions and detailed program lists. C) The control group is solely responsible for the distribution of all computer output. D) Computer programmers write and debug programs that perform routines designed by the systems analyst.
B) Computer operators have access to operator instructions and detailed program lists.
A log that records time and use statistics for specific computer applications is an example of a(n) ______ control. A) limit and reasonableness B) file and operator C) authorization and approval D) data entry and formatting
B) file and operator
When scoping the IT audit procedures that need to be completed, auditors need to be concerned with ______ A) the full range of control activities implemented by management B) key control activities being relied on the mitigate the RMM C) only those control activities deemed important by the IT auditors
B) key control activities being relied on the mitigate the RMM
In order for auditors to be able to achieve a high level of substantive comfort, when designing a test, auditors need to think carefully about ______ when finalizing the audit plan. A) reliability B) predictability C) relevance D) understandability
B) predictability
There is little doubt that the development of new audit techniques that take full advantage of ______ ______, advanced analytical tools, artificial intelligence, and robotic process automation offer the potential to improve audit efficiency and effectiveness.
Big Data
IPE (Information Produced by the Entity)
Broadly defined, information provided by the entity is any information that is produced by the company's information systems that is being used by the auditor for substantive testing procedures or used by the audit client to execute a control activity.
When auditing a client in the merchandising business, an auditor became concerned that the client was recording fraudulent credit sales. Which of the following procedures would have most likely alerted them to this potential fraud? A) Observing the credit sales figure on the income statement B) Recalculating depreciation on fixed assets C) Analyzing cash receipts as a percentage of sales by month D) Analyzing gross profit percentage by class of revenue
C) Analyzing cash receipts as a percentage of sales by month
Audit teams use the test data method to gain certain assurances with respect to A) Input data. B) Machine capacity. C) Control procedures contained within the program. D) General controls.
C) Control procedures contained within the program.
When processing controls within the accounting information system may not leave visible evidence that could be inspected by audit teams, the teams should A) Make corroborative inquiries. B) Observe the separation of duties of personnel. C) Review transactions submitted for processing and compare them to related output. D) Review the run manual.
C) Review transactions submitted for processing and compare them to related output.
When the execution of the ADA results in the identification of outliers, matters of audit interest, or notable items, the auditor ______ to gather additional evidence to help reduce the risk. A) does not necessary need B) should consider C) is required
C) is required
When an auditor performs an ADA and the objectives of the test were not achieved the auditor ______. A) should always run a different ADA B) should also repeat the same ADA to test the validity of the results C) may abandon ADA and conduct a substantive test of detail
C) may abandon ADA and conduct a substantive test of detail
When documenting an Audit Data Analytic (ADA), an experienced auditor with no prior connection to the engagement should be able to understand all these elements of the ADA except: A) results of procedures performed and evidence obtained. B) nature, timing, and extent of procedures performed. C) the software used in performing the ADA. D) conclusions reached and significant judgments made.
C) the software used in performing the ADA.
Extra numbers tagged onto the end of basic ID numbers designed to detect coding or keying errors are called ______ _______.
Check Digits
Record counts, batch totals, hash totals and run-to-run totals should be calculated during processing operations and summarized in a(n) ______ _______report.
Control totals
Which of the following is both an input and a processing control? A) Valid character tests B) Run-to-run totals C) Data entry and formatting controls D) Limit and reasonableness tests
D) Limit and reasonableness tests
Which of the following is true with respect to fraud risk factors in an IT environment? A) Employees in an IT environment are highly skilled. B) Audit teams cannot evaluate the accounting information system during the year. C) Higher dollar amounts are involved in an IT environment. D) Employees have increased access to information systems and computer resources in an IT environment.
D) Employees have increased access to information systems and computer resources in an IT environment.
Controls used in the management of a computer center to minimize the possibility of using an incorrect file or program are A) Control totals. B) Record counts. C) Limit checks. D) External labels.
D) External labels.
When using test data, why are audit teams required to prepare only one transaction to test each IT control? A) The speed and efficiency of the computer results in reduced sample sizes. B) The risk of misstatement is typically lower in an IT environment. C) Audit teams generally perform more extensive substantive testing in an IT environment, resulting in less need to test processing controls. D) In an IT environment, each transaction is handled in an identical manner.
D) In an IT environment, each transaction is handled in an identical manner.
Which of the following persons is responsible for controlling access to systems documentation and access to program and data files? A) Programmers. B) Data conversion operators. C) Computer operators. D) Librarians.
D) Librarians.
Which of the following is correct regarding including client data in audit documentation for an issuer? A) Auditors are required to retain their client's data in documentation for seven years. B) Auditors should always include client data in their documentation to enable an experienced auditor with no prior connection to the engagement to replicate testing. C) Client data should never be included in documentation. D) There is no specific requirement to include client data in auditing documentation.
D) There is no specific requirement to include client data in auditing documentation.
As a general concept, the term _______implies an elemental level of numbers and/or characters within an organization.
Data
Facts and/or statistics that are collected together for some type of reference point or analysis, ultimately within a context is _______.
Data
Recalculations of depreciation expense using the entire database and exact purchase dates to improve the precision of testing is an example of a test of ________.
Details
Low-cost tracking and dissemination of information through a network of interconnected peer-to-peer ledger systems sharing identical accounts and balances in real-time is possible due to the technology behind ______ ______ technology.
Distributed Ledger
Within a client's IT environment, there are essential, general IT controls that apply to all applications that are called ____ level controls.
ENTITY
One way to test all items in a population of occurrences for a particular control activity is to use _________testing, which is now possible due to the emergence of ADA.
Exception
Totals that allow input errors to be detected prior to submission for processing but are not meaningful for accounting records are called _______ totals.
Hash
One way to prioritize the ideas generated during the brainstorming session is with a(n) ______ ______ visualization.
Heat map
True or false: Before performing analytics, it is essential to understand the nature of the data and make sure it is properly modeled for use on the audit.
True Reason: Modeling is a component, but it must first be properly cleansed.
Important considerations that needs to be made by the auditor regarding the data being considered to be used are _______. Select all that apply a) the reliability of the data source B) whether the client properly formatted the data before providing it c) the internal controls over the preparation of the data D) whether it is the most relevant data available
a) the reliability of the data source c) the internal controls over the preparation of the data d) whether it is the most relevant data available
A form of cognitive technology that is capable of learning as it absorbs informational cues in a task setting is called _______ _________.
artificial intelligence
In an IT environment, a chain of evidence and documentation known as a(n) ______ _______does not exist.
audit trail
Which of the following is NOT an input control? a) Check digits b) Run-to-run totals c) Batch totals d) Data entry and formatting controls
b) Run-to-run totals Reason: This is a processing control
For purposes of the financial statement audit, the concept of IPE is quite ______. narrow broad
broad
Rotation of assigned tasks, proper supervision, and required vacations are all important ________ controls when there is inadequate separation of duties.
compensating
Audit professionals generally categorize ________level controls as either general controls or application controls.
entity
A safe and secure computing environment that allows the operating controls to operate effectively is provided by the _______ IT controls.
general
When gathering evidence using ADA, the auditor must make sure that the evidence is _________ given the facts and circumstances of the situation.
sufficient
ADA has a major impact on transaction level control testing by enabling the auditor to more easily ______. select an appropriate sample test the entire population
test the entire population
The identification of IT applications and systems typically occurs during the ____ of each financial reporting process.
walkthrough