Professional Documents
Culture Documents
Unof Cis Chapter1 Test Prelim
Unof Cis Chapter1 Test Prelim
1.The concept of reasonable assurance suggests that? 8. Which of the following is not an element of the internal
control environment?
a. the cost of an internal control should be less
than the benefit it provides a. management philosophy and operating style
6. A physical inventory count is an example of a a. to avoid collusion between the programmer and
the computer operator
a. preventive control
b. to ensure that supervision is not required
b. detective control
c. to prevent the record keeper from authorizing
c. corrective control transactions
d. Feed-forward control d. to enable the firm to function more efficiently
7. The bank reconciliation uncovered a transposition error 13.Which of the following is not an internal control
in the books. This is an example of a? procedure?
a.preventive control a. authorization
b.detective control b. management’s operating style
c.corrective control c. independent verification
2|Page
d. accounting records b. physical controls, preventative controls, and
corrective controls.
14. The decision to extend credit beyond the normal credit
limit is an example of? c. general controls, application controls, and
physical controls.
a.independent verification
d. transaction authorizations, segregation of duties,
b. authorization
and risk assessment
c.segregation of functions
21. Internal control systems have limitations. These include
d.supervision all of the following except?
15.When duties cannot be segregated, the most important a. possibility of honest error
internal control procedure is?
b. circumvention
a. supervision
c. management override
b. independent verification
d. stability of systems
c. access controls
22. Management can expect various benefits to follow
d. accounting records from implementing a system of strong internal control.
Which of the following benefits is least likely to occur?
b. management will not override the company’s a. The treasurer has the authority to sign checks but
internal controls gives the signature block to the assistant treasurer
to run the check-signing machine.
c. management are required to certify their internal
control system b. The warehouse clerk, who has the custodial
responsibility over inventory in the warehouse,
d. firms will not be exposed to lawsuits selects the vendor and authorizes purchases when
18. The board of directors consists entirely of personal inventories are low.
friends of the chief executive officer. This indicates a c. The sales manager has the responsibility to
weakness in? approve credit and the authority to write off
a. the accounting system accounts.
3|Page
25. Which statement is not true? 31. When planning the audit, information is gathered by all
of the following methods except?
a. Auditors must maintain independence.
a. completing questionnaires
b.IT auditors attest to the integrity of the computer
system. b. interviewing management
b. internal auditors perform IT audits and external 34. All of the following are components of audit risk
auditors perform financial statement audits. except?
28. Internal auditors assist external auditors with financial 35. Control risk is?
audits to? a. the probability that the auditor will render an
a. reduce audit fees unqualified opinion on financial statements that are
materially misstated
b. ensure independence
b. associated with the unique characteristics of the
c. represent the interests of management business or industry of the client
d. the statement is not true; internal auditors are c. the likelihood that the control structure is flawed
not permitted to assist external auditors with because controls are either absent or inadequate
financial audits. to prevent or detect errors in the accounts
29. Which statement is not correct? d. the risk that auditors are willing to take that
a. Auditors gather evidence using tests of controls errors not detected or prevented by the control
and substantive tests. structure will also not be detected by the auditor.
b. The most important element in determining the 36. Which of the following is true?
level of materiality is the mathematical formula. a. In the CBIS environment, auditors gather evidence
c. Auditors express an opinion in their audit report. relating only to the contents of databases, not the
reliability of the computer system.
d. Auditors compare evidence to established criteria.
b. Conducting an audit is a systematic and logical
30. All of the following are steps in an IT audit except? process that applies to all forms of information
systems.
a. substantive testing
c. Substantive tests establish whether internal
b. tests of controls
controls are functioning properly.
c. post-audit testing
d. IT auditors prepare the audit report if the system
d. audit planning is computerized.
4|Page
37. Inherent risk? promote organizational efficiency,
comply with management’s policies and procedures
a. exists because all control structures are flawed in
some ways. 2. Explain the purpose of the PCAOBANS:
b. is the likelihood that material misstatements exist The PCAOB is empowered to set auditing, quality
in the financial statements of the firm. control, and ethics standards; to inspect registered
accounting firms; to conduct investigations; and to
c. is associated with the unique characteristics of
take disciplinary actions.
the business or industry of the client.
3. What are the five internal control components described
d. is the likelihood that the auditor will not find
in the COSO framework?
material misstatements.
the control environment,
38. Attestation services require all of the following except?
risk assessment, information and communication,
a. written assertions and a practitioner’s written monitoring, and
report control activities
b. the engagement is designed to conduct risk 4. What are management responsibilities under section
assessment of the client’s systems to verify their 302 and 404?
degree of SOX compliance
Section 302 requires that corporate management
c. the formal establishment of measurements (including the CEO) certify their organization’s
criteria internal controls on a quarterly and annual basis.
Section 404 requires the management of public
d. the engagement is limited to examination, review,
companies to assess and formally report on the
and application of agreed-upon procedures.
effectiveness of their organization’s internal
39.The financial statements of an organization reflect a set controls.
of management assertions about the financial health of the
5.Indicate whether each procedure is a preventive or
business. All of the following describe types of assertions
detective control.
except?
a. authorizing a credit sale
a. that all of the assets and equities on the balance
Preventive Detective
sheet exist
b. preparing a bank reconciliation
b. that all employees are properly trained to carry
Preventive Detective
out their assigned duties
c. locking the warehouse
c. that all transactions on the income statement
Preventive Detective
actually occurred
d. preparing a trial balance
d. that all allocated amounts such as depreciation
Preventive Detective
are calculated on a systematic and rational basis
e. counting inventory
40.Which of the following is NOT an implication of section
Preventive Detective
302 of the Sarbanes-Oxley Act?
6. A clerk reorders 250 items when the inventory falls
a. Auditors must determine, whether changes in
below 25 items. This is an example of?
internal control has, or is likely to, materiallyaffect
internal control over financial reporting. General authorization
b. Auditors must interview management regarding 7. The internal audit department recalculates payroll for
significant changes in the design or operation of several employees each pay period. This is an example of?
internal control that occurred since the last audit.
Independent verification
c. Corporate management (including the CEO) must
certify monthly and annually their organization’s 8. Locking petty cash in a safe is an example of?
internal controls over financial reporting. Access controls
d. Management must disclose any material changes 19.Approving a price reduction because goods are
in the company’s internal controls that have damaged is an example of ?
occurred during the most recent fiscal quarter.
Specific authorization
SHORT ANSWER/ENUMERATION
10.Using cameras to monitor the activities of cashiers is an
1. List the four broad objectives of the internal control example of ?
system?
Supervision
safeguard assets,
ensure the accuracy and reliability of accounting 11.Not permitting the computer programmer to enter the
records, computer room is an example of?
5|Page
Segregation of duties perpetrate a fraud or mislead the users of financial
statements.
12.Sequentially numbering all sales invoices is an example
Errors are a concern if they are numerous or sizable
of?
enough to cause the financial statements to be
Accounting records materially misstated. Processes which involve
human actions will contain some amount of human
13. Both the SEC and the PCAOB have expressed an opinion error. Computer processes should only contain
as which internal control framework an organization should errors if the programs are erroneous, or if systems
use to comply with SOX legislation. Explain. operating procedures are not being closely and
Both the SEC and PCAOB endorse the COSO competently followed.
framework but any framework can be used that Errors are typically much easier to uncover than
encompasses all of the COSO’s general themes. misrepresentations, thus auditors typically are more
concerned whether they have uncovered any and all
14. COSO identifies two broad groupings of information irregularities.
system controls. What are they?
21.Distinguish between inherent risk and control risk. How
General; Application do internal controls and detection risk fit in?
15. The Sarbanes-Oxley Act contains many sections. Which Inherent risk is associated with the unique
sections are the focus of this chapter? characteristics of the business or industry of the
The chapter concentrates on internal control and client. Firms in declining industries are considered to
audit responsibilities pursuant to Sections 302 and have more inherent risk than firms in stable or
404. thriving industries.
Control risk is the likelihood that the control
16. What are the objectives of application controls? structure is flawed because internal controls are
either absent or inadequate to prevent or detect
The objectives of application controls are to ensure
errors in the accounts.
the validity, completeness, and accuracy financial
Internal controls may be present in firms with
transactions.
inherent risk, yet the financial statements may be
17.Define general controls. materially misstated due to circumstances outside
the control of the firm, such as a customer with
General controls apply to all systems. They are not
unpaid bills on the verge of bankruptcy.
application specific. General controls include
Detection risk is the risk that auditors are willing to
controls over IT governance, the IT infrastructure,
accept that errors are not detected or prevented by
security and access to operating systems and
the control structure. Typically, detection risk will be
databases, application acquisition and development,
lower for firms with higher inherent risk and control
and program changes.
risk.
18. Discuss the key features of Section 302 of the Sarbanes-
Oxley Act.
6|Page