Aud Test 3
Which of the following is an example of a computer operations control? A) Control totals. B) Balancing input to output. C) File backup and retention. D) Transaction logs.
C) File backup and retention.
Please number the steps in the Analytics chain in the proper order (1 = first step. 5 = last step) ___ Modeling ___ Evaluation ___ Understanding ___ Deployment ___ Cleansing
1. Understanding 2. Cleansing 3. Modeling 4. Evaluation 5. Deployment
Which of the following is not a potential explanation of an outlier identified as a result of an Audit Data Analytic (ADA)? A) All of the above are potential explanations of outliers B) The outlier is an item with elevated risk C) The outlier is a missing item in the population D) The outlier is a duplicate item in the population
A) All of the above are potential explanations of outliers
Which of the following controls most likely would ensure that an organization can reconstruct its financial records? A) Backup files are stored in a location separate from original copies. B) System flowcharts provide accurate descriptions of computer operations. C) Hardware controls are built into the computer by the computer manufacturer. D) Personnel who are independent of data input perform parallel simulations.
A) Backup files are stored in a location separate from original copies.
When processing controls within the accounting information system may not leave visible evidence that could be inspected by audit teams, the teams should A) Make corroborative inquiries. B) Observe the separation of duties of personnel. C) Review transactions submitted for processing and compare them to related output. D) Review the run manual.
C) Review transactions submitted for processing and compare them to related output.
Which of the following is a common use of ADA in performing tests of controls? A) The auditor performs an aging of accounts payable B) The auditor conducts trend analysis on inventory turnover C) The auditor performs exception testing for proper approval of purchase transactions D) All of these choices are correct.
C) The auditor performs exception testing for proper approval of purchase transactions
What is the primary objective of analytical procedures performed during the planning stages of an audit? A) All of these choices are correct. B) To uncover management fraud C) To identify unusual or unexpected relationships D) To identify existing material misstatements
C) To identify unusual or unexpected relationship
Controls used in the management of a computer center to minimize the possibility of using an incorrect file or program are A) Control totals. B) Record counts. C) Limit checks. D) External labels.
D) External labels.
Please assign the appropriate category to each ADA tool listed below. 1. Spreadsheet Tools 2. Generalized Audit Software 3. Data Preparation and Statistical Analysis Tools 4. Visualization Tools a.Microsoft Excel b.Tableau c.AlteryxData d.IDEA e.Python
a.Spreadsheet tools b.Visualization Tools c.Data Prep. & Stat. analysis tools d.Generalized Audit Software e.Data Prep & Stat. Analysis tools
In an environment that is highly automated, an auditor determines that it is not possible to reduce detection risk solely by using substantive tests of transactions. Under these circumstances, the auditor most likely would A) Perform tests of controls to support a lower level of assessed control risk. B) Increase the sample size to reduce sampling risk and detection risk. C) Adjust the materiality level and consider the effect on inherent risk. D) Apply analytical procedures and consider the effect on control risk.
A) Perform tests of controls to support a lower level of assessed control risk.
Analysis of accounts receivable collection periods by region is most likely a part of which of the following types of ADA? A) Risk assessment procedures B) Tests of controls C) Substantive analytical procedures D) Tests of details
A) Risk assessment procedures
Which of the following is not an appropriate statement with regard to computer control activities? A) The duties of application programming, computer operation, and control of data files should be separated. B) Computer programmers should be periodically rotated across different applications. C) Computer operators should maintain control of all software programs. D) Specific passwords should be required to access online files.
C) Computer operators should maintain control of all software programs.
Audit teams use the test data method to gain certain assurances with respect to A) Input data. B) Machine capacity. C) Control procedures contained within the program. D) General controls.
C) Control procedures contained within the program.
Which of the following best describes what audit data analytics are? A) Discovering and analyzing patterns in data B) Identifying anomalies in data C) Extracting useful information in data D) All of these choices are correct.
D) All of these choices are correct.
When a real-time computerized processing system is in use, the computer controls can be strengthened by A) providing for the separation of duties between data input and error listing operations. B) using a systems development life cycle for authorization, user involvement, and testing of program modifications. C) preparing batch totals to provide assurance that file updates are made for the entire group of transactions. D) performing a validity check of an identification number before a user can obtain access to the computer files.
D) performing a validity check of an identification number before a user can obtain access to the computer files.
Which of the following automated application controls would offer reasonable assurance that inventory data were completely and accurately entered? A) Sequence checking. B) Batch totals. C) Limit tests. D) Check digits.
B) Batch totals.
Each of the following automated application controls are designed to ensure that the input of individual transactions and data is accurate except for A) sequence tests. B) check digits. C) limit and reasonableness tests. D) valid sign tests.
A) sequence tests.
Computer controls that are pervasive and apply to all applications of a computerized processing system are referred to as A) computer controls. B) general controls. C) automated application controls. D) environment controls.
B) general controls.
When auditing a client in the merchandising business, an auditor became concerned that the client was recording fraudulent credit sales. Which of the following procedures would have most likely alerted them to this potential fraud? A) Observing the credit sales figure on the income statement B) Recalculating depreciation on fixed assets C) Analyzing cash receipts as a percentage of sales by month D) Analyzing gross profit percentage by class of revenue
C) Analyzing cash receipts as a percentage of sales by month
Which of the following would not be considered when planning an Audit Data Analytic (ADA)? A) Determine the overall purpose and specific objectives of the ADA B) Determine the relevant financial statement assertions C) Determine the sample of the population to be analyzed D) All of the above would be considered during the planning of an ADA
C) Determine the sample of the population to be analyzed
An auditor is assessing the reliability of data to be used in the audit. The auditor discovers that the data is controlled internally by the accounting department. After learning this information, how should the auditor proceed? A) Rely on the data and continue to perform the ADA B) Perform tests of controls over the preparation of the data C) Inquiry of management whether or not the information is reliable D) Not rely on the data and perform an alternative procedure
D) Not rely on the data and perform an alternative procedure
Which of the following is a category of general controls? A) Detective controls. B) Input controls. C) Processing controls. D) Program change controls.
D) Program change controls.
Which of the following statements is true regarding the use of Audit Data Analytics (ADA)? A) The standard of documentation sufficiency for an ADA is less than that of other audit procedures B) The auditor must exercise professional judgment during the ADA, but does not need to act with professional skepticism C) All misstatements discovered, regardless of materiality, should be included in the audit documentation D) The auditor need not document every professional judgment made
D) The auditor need not document every professional judgment made
Computer controls that are pervasive and apply to all applications of a computerized processing system are referred to as A) computer controls. B) environment controls. C) automated application controls. D) general controls.
D) general controls.
A customer intended to order 100 units of product Z96014 but incorrectly ordered product Z96015, which is not an actual product. Which of the following controls most likely would detect this error? A) Check digit verification. B) Record count. C) Hash total. D) Redundant data check.
A) Check digit verification.
Which aspect of data is not important for data used in Audit Data Analytics (ADA)? A) None of these choices are correct. B) Completeness C) Reliability D) Relevance
A) None of these choices are correct.
Which of the following is a general control that would most likely assist an organization whose systems analyst resigned during the development of a major project? A) Systems documentation. B) Grandfather-father-son file retention. C) Check digit verification. D) Input and output validation routines.
A) Systems documentation.
When documenting an Audit Data Analytic (ADA), all the following must be included in the audit documentation except: A) The underlying data used to generate graphics or visualization as part of the ADA B) The name of the specific auditor performing the work C) The date the work was finished D) Conclusions reached
A) The underlying data used to generate graphics or visualization as part of the ADA
Which of the following statements are true regarding the use of a systems generated report as audit evidence? A) The auditor should test the accuracy and completeness of the information. B) Both A and B are correct. C) Neither of the above answers are actions the auditors should take for systems generated reports. D) The auditor should evaluate whether the information is sufficiently precise and detailed for purposes of the audit.
B) Both A and B are correct.
Which of the following is not a step performed during the planning phase when conducting an Audit Data Analytic (ADA)? A) Determining the overall purpose of the ADA B) Cleansing the data C) Selecting techniques and tools D) Identifying significant accounts and assertions
B) Cleansing the data
Which of the following would reduce the effectiveness of internal control in an accounting information system? A) The computer librarian maintains custody of computer program instructions and detailed lists. B) Computer operators have access to operator instructions and detailed program lists. C) The control group is solely responsible for the distribution of all computer output. D) Computer programmers write and debug programs that perform routines designed by the systems analyst.
B) Computer operators have access to operator instructions and detailed program lists.
Which of the following is not an appropriate statement with regard to computer control activities? A) The duties of application programming, computer operation, and control of data files should be separated. B) Computer operators should maintain control of all software programs. C) Specific passwords should be required to access online files. D) Computer programmers should be periodically rotated across different applications.
B) Computer operators should maintain control of all software programs.
Which of the following are true with regard to the relevance and reliability of data used in an Audit Data Analytic (ADA)? I. The auditor must use all data with a logical connection to the ultimate purpose of the audit procedure II. The auditor must evaluate internal controls over the preparation of data being used A) I only B) II only C) Both I and II are true D) Both I and II are false
B) II only
Which of the following control procedures most likely could prevent computer personnel from modifying programs to bypass computer controls? A) Periodic management review of computer utilization reports and systems documentation. B) Separation of duties for computer programming and computer operations. C) Participation of user department personnel in designing and approving new systems. D) Physical security of computer facilities in limiting access to computer equipment.
B) Separation of duties for computer programming and computer operations.
Which of the following is not a typical problem found by auditors when cleansing client data for the purposes of performing an ADA? A) Some fields may be empty and thus cause errors during analysis. B) Some fields may not be sorted in numerical order and require sorting for identification of outliers. C) Some date fields may contain letters or be in the wrong format. D) Some fields may have country-specific differences such as currency.
B) Some fields may not be sorted in numerical order and require sorting for identification of outliers.
Which of the following organizational positions would evaluate the existing system and design new computerized processing systems and documentation? A) Data conversion operator. B) Systems analyst. C) Computer operator. D) Programmer.
B) Systems analyst.
When audit teams test a computerized processing system, which of the following is true of the test data approach? A) Several transactions of each type must be tested. B) Test data are processed by the client's computer programs under the audit team's control. C) Test data must consist of all possible valid and invalid combinations. D) The computer program used to process test data is different from the program used throughout the year by the client.
B) Test data are processed by the client's computer programs under the audit team's control.
Which of the following statements is true regarding the use of Audit Data Analytics (ADA)? A) The auditor must exercise professional judgment during the ADA, but does not need to act with professional skepticism B) The auditor need not document every professional judgment made C) The standard of documentation sufficiency for an ADA is less than that of other audit procedures D) All misstatements discovered, regardless of materiality, should be included in the audit documentation
B) The auditor need not document every professional judgment made
Which of the following is not an example of a general control? A) The organization's use of the systems development life cycle when implementing or modifying computerized processing systems. B) The organization's use of check digits to ensure accurate input of transaction data. C) Periodic and preventative maintenance performed on the computer and related equipment. D) The existence of appropriate separation of duties within the computer department.
B) The organization's use of check digits to ensure accurate input of transaction data.
The purpose of test data is to determine whether A) all possible combinations of valid data are correctly processed. B) controls operate as described in responses to internal control questionnaire items and program flowcharts C) the audit team's test data are consistent with the client's normal transactions. D) every possible error is prevented or detected by the client's computer controls.
B) controls operate as described in responses to internal control questionnaire items and program flowcharts
Computer operations controls are typically implemented for files and data used in processing. The major objectives of these controls include each of the following except for A) ensure that appropriate files are used in computerized processing. B) ensure restricted access to the computing environment. C) ensure that files are appropriately secured and protected from loss. D) ensure that files can be reconstructed from earlier versions of information used in processing.
B) ensure restricted access to the computing environment.
Computer operations controls are typically implemented for files and data used in processing. The major objectives of these controls include each of the following except for A) ensure that appropriate files are used in computerized processing. B) ensure restricted access to the computing environment. C) ensure that files can be reconstructed from earlier versions of information used in processing. D) ensure that files are appropriately secured and protected from loss.
B) ensure restricted access to the computing environment.
The effectiveness of general controls is an important consideration for audit teams when assessing control risk on an audit. Which management assertions are primarily affected by general controls? A) Completeness and Accuracy. B) Occurrence and Rights and Obligations. C) Accuracy and Occurrence. D) Completeness and Occurrence.
C) Accuracy and Occurrence.
Which of the following are key issues that the auditor faces when assessing a client's data? I. Data Completeness II. Data format III. Data Integrity IV. Data Collection V. Data Accuracy A) I and V B) I, II, and V C) I, II, III, and V D) I, III, IV, and V
C) I, II, III, and V
Why is it important that the organization establish systems development and documentation standards? A) These standards enable the organization to understand the programming logic underlying recently-developed programs. B) The absence of these standards would constitute a material weakness in internal control. C) These standards ensure that the program controls and documentation included in recently-developed programs is adequate. D) These standards ensure the appropriate separation of duties of computer personnel.
C) These standards ensure that the program controls and documentation included in recently-developed programs is adequate.
The first step of planning an ADA is: A) select techniques and tools used for performing the ADA. B) document the objective of the ADA. C) determine the overall purpose and specific objectives of the ADA. D) select the ADA that is best suited for the purpose.
C) determine the overall purpose and specific objectives of the ADA.
In end-user computing environments, the processing control procedures would ordinarily not include A) comparing input to output. B) control totals. C) online editing and sight verification. D) transaction logs.
C) online editing and sight verification.
When documenting an Audit Data Analytic (ADA), an experienced auditor with no prior connection to the engagement should be able to understand all these elements of the ADA except: A) results of procedures performed and evidence obtained. B) nature, timing, and extent of procedures performed. C) the software used in performing the ADA. D) conclusions reached and significant judgments made.
C) the software used in performing the ADA.
Which of the following best describes exception testing in internal control testing? A)A way of testing a sample of all items in a population and projecting the results onto the entire population B) A way of testing a sample of all items in a population to identify violations of a control activity C)A way of testing all items in a population to identify violations of a control activity D)A way of testing all items in a population to identify design deficiencies in internal controls
C)A way of testing all items in a population to identify violations of a control activity
When documenting an Audit Data Analytic (ADA), all the following must be included in the audit documentation except: A)Conclusions reached B)The name of the specific auditor performing the work C)The date the work was finished D)The underlying data used to generate graphics or visualization as part of the ADA
D)The underlying data used to generate graphics or visualization as part of the ADA
Please match each Audit Data Analytic (ADA) step with its purpose: 1. Plan ADA 2. Assess & Prepare Data 3. Perform ADA 4. Consider Relevance & Reliability 5. Evaluate Results Match each of the options above to the items below. Conduct planned procedures Purpose and objectives of ADA Does evidence achieve the objective of test? Are data complete and accurate? Cleanse data
Conduct planned procedures = 3 Purpose and objectives of ADA = 1 Does evidence achieve the objective of test? = 5 Are data complete and accurate? = 4 Cleanse data = 2
The effectiveness of general controls is an important consideration for audit teams when assessing control risk on an audit. Which management assertions are primarily affected by general controls? A) Completeness and Accuracy. B) Completeness and Occurrence. C) Occurrence and Rights and Obligations. D) Accuracy and Occurrence.
D) Accuracy and Occurrence.
Certain characteristics of data may affect the relevance and reliability of the data used in the ADA. The level of aggregation is one of these characteristics. Which of the following does not illustrate differing levels of aggregation? A) Number of annual transactions compared to the number of weekly transactions B) A consolidated statement compared to a single segment of a statement C) A total account balance compared to a single transaction within that balance D) All of the above illustrate differing levels of aggregation
D) All of the above illustrate differing levels of aggregation
When identifying and assessing inherent risk through the use of audit data analytics, what type of analytic would an auditor most likely perform first? A) Detail analysis of specific sales transactions. B) Dimension analysis of sales transactions by region. C) Trend analysis of sales by month. D) Comparison of sales revenue to prior period and expectations.
D) Comparison of sales revenue to prior period and expectations.
Data from which of the following sources is most likely to be unreliable? A) Data obtain through direct personal observation of the auditor B) Data obtained directly from the client with strong internal controls C)Data obtained from a third-party sent directly to the auditor D) Data obtained directly from the client with weak internal controls
D) Data obtained directly from the client with weak internal controls
Which of the following would not be considered when planning an Audit Data Analytic (ADA)? A) All of the above would be considered during the planning of an ADA B) Determine the overall purpose and specific objectives of the ADA C) Determine the relevant financial statement assertions D) Determine the sample of the population to be analyzed
D) Determine the sample of the population to be analyzed
Which of the following is true with respect to fraud risk factors in an IT environment? A) Employees in an IT environment are highly skilled. B) Audit teams cannot evaluate the accounting information system during the year. C) Higher dollar amounts are involved in an IT environment. D) Employees have increased access to information systems and computer resources in an IT environment.
D) Employees have increased access to information systems and computer resources in an IT environment
Which of the following are benefits that distributed ledger technology (DLT) can provide to auditors in the future? I. Automated Audit Procedures II. Improved Audit Trails III. Permanent Record-Keeping A) I and II B) I and III C) II and III D) I, II, and III
D) I, II, and III
Which of the following are benefits that distributed ledger technology (DLT) can provide to auditors in the future? I. Automated Audit Procedures II. Improved Audit Trails III. Permanent Record-Keeping A) I and II B) I and III C) II and III D) I, II, and III
D) I, II, and III
Select the proper order in performing Audit Data Analytics: I. Evaluate the results and conclude on whether the purpose and specific objectives of performing the ADA have been achieved II. Consider the relevance and reliability of the data used III. Plan the ADA IV. Perform the ADA V. Access and prepare the data for purposes of the ADA A) V, III, II, IV, I B) II, III, V, IV, I C) II, V, III, IV, I D) III, V, II, IV, I
D) III, V, II, IV, I
When using test data, why are audit teams required to prepare only one transaction to test each IT control? A) The speed and efficiency of the computer results in reduced sample sizes. B) The risk of misstatement is typically lower in an IT environment. C) Audit teams generally perform more extensive substantive testing in an IT environment, resulting in less need to test processing controls. D) In an IT environment, each transaction is handled in an identical manner.
D) In an IT environment, each transaction is handled in an identical manner.
Which of the following persons is responsible for controlling access to systems documentation and access to program and data files? A) Programmers. B) Data conversion operators. C) Computer operators. D) Librarians.
D) Librarians.
Which of the following is a common use of ADA in performing tests of controls? A) The auditor performs an aging of accounts receivable. B) The auditor conducts a trend analysis on inventory costs. C) The auditor runs a predictive model of interest expense. D) The auditor performs journal entry exception testing for employee entry amount limits.
D) The auditor performs journal entry exception testing for employee entry amount limits.
Which of the following is correct regarding including client data in audit documentation for an issuer? A) Auditors are required to retain their client's data in documentation for seven years. B) Auditors should always include client data in their documentation to enable an experienced auditor with no prior connection to the engagement to replicate testing. C) Client data should never be included in documentation. D) There is no specific requirement to include client data in auditing documentation.
D) There is no specific requirement to include client data in auditing documentation.