PART I: Multiple Choice Question

GENERAL CONTROLS

1. A control which relates to all parts of the CIS is called a(n)?

a. Systems control c. Application Control
b. General Control d. Universal Control

2. Which of the following is a component of general controls?

a. Processing controls c. Back-up and contingency planning
b. Output controls d. Input control

3. Which of the following is least likely to be a general control over computer activities?
a. Procedures for developing new programs and systems
b. Requirements for system documentation
c. An access control
d. A control total

4. Which of the following is an example of general control?

a. Input validation checks c. Operations manual
b. Control total d. Generalized audit software

5. Which of the following is not a general control?

a. The plan of organization and operation of CIS activity
b. Procedures for documenting, reviewing, and approving systems and programs
c. Processing controls
d. Hardware controls

6. Which of the following is a general control that would most likely assist an entity whose system
analyst left the entity in the middle of a major project?
a. Grandfather-father-son record retention
b. Data encryption
c. Systems documentation
d. Check digit verification

7. An example of an access control is a:

a. Check digit c. Test facility
b. Password d. Read only memory

8. Which of the following is not a general control?

a. Separation of duties c. Output controls
b. Systems development d. Hardware controls

9. General controls include all of the following except:

a. Systems development

Page 1 of 20
 b. Online security
c. Check digit
d. Hardware controls

10. Which of the following is not a general control?

a. Computer performed validation tests of input accuracy
b. Equipment failure causes error messages on monitor
c. Separation of duties between programmer and operators
d. Adequate program run instructions for operating the computer

Page 2 of 20
 APPLICATION CONTROLS

1. Controls which apply to a specific use of the system are called.

a. System controls c. Application controls
b. General controls d. User controls

2. Which of the following is not an input control?

a. Proper authorization of transactions
b. Control totals
c. Check digits
d. Adequate documents

3. Which of the following is the purpose of input controls?

a. To ensure the authorization of access to data files.
b. To ensure the completeness, accuracy, and validity of updating.
c. To ensure the completeness, accuracy, and validity of input.
d. To ensure the authorization of access to program files.

4. Which of the following is not an example of processing Control?

a. Manual Cross-checks
b. Processing logic Checks
c. Run-to-run Controls
d. Regulating the Distribution and Use of Printed Output

5. . The most important output control is

a. Distribution control, which assures that only authorized personnel receive the reports
generated by the system.
b. Review of the data for reasonableness by someone who knows what the output should
look like.
c. Control totals, which are used to verify that the computers result are correct.
d. Logic test, which verify that no mistakes were made in processing

6. Procedures to check data for accuracy and completeness when they enter the system, including
data conversion, and edit checks
a. Application control c. General Control
b. Input control d. Processing Control

7. CIS Application controls include; except

a. Controls over input
b. Controls over processing and computer data files
c. Controls over output

Page 3 of 20
 d. Monitoring controls

8. Which of the following controls would be correctly classified as an application controls?

a. Honestly testing to hire only honest individual.
b. Organizationally separating the data processing functions from the accounting functions.
c. A manually prepared control total to verify that all transactions are correctly processed
through the system.
d. Storing supplies in a locked room with only the supply clerk having a key to the room.

9. Establish that data are complete and accurate during updating. Example of this are run control
totals, computer matching, and programmed edit checks
a. Data access control
b. Process control
c. Output control
d. Application Control

10. The computer Is sometimes blamed for making errors. In reality, computers make very few
mechanical errors. The most likely source of errors in a fully operational computer-based system
is due to
a. Systems analysis
b. programming
c. input
d. processing

Page 4 of 20
 AUDITING AROUND THE COMPUTER

1. Which of the following procedures is an example of auditing around the computer

a. The auditor traces machine tapes of sales order batch totals to a computer printout
or the sales journal.
b. The auditor develops a set of hypothetical sales transaction and using clients
computer program, enters the transactions into the system and observes the
processing flow.
c. The auditor enters hypothetical transactions into the clients processing system during
client of data.
d. The auditor observe client personnel as they process the bi weekly payroll. The
auditor is primarily concerned with computer rejection on data that falls to meet
reasonableness limits.

2. Auditing around the computer is most likely used in the following situations, except;
a. When the managements applications are inadequate
b. When the reliance level in the managements control is high
c. When the system being used is simple
d. When the efficiency of the controls design is low

3. Which of the following statements are true?

I. Auditing around the computer is applied to EDP controls when its general controls are
said to be inadequate.
II. Auditing around the computer means scanning and auditing the system with the help of
the clients computer
III. Auditing around the computer is said to be human readable form.
a. I only c. I, II and III
b. III only d. I and II

4. When auditing around the computer, the auditor focuses solely on the source documents which
concerns
a. Clients computer program
b. Printed CBIS outputs
c. Processed written documents
d. Filing

5. The concept of auditing around the computer means?

a. The auditor will bypass computer system
b. The auditor will conduct a series of tests in the computer system
c. The auditor will focus on the General controls
d. The auditor should test both General and Application controls

Page 5 of 20
6. In auditing around the computer, which the following techniques are used to perform test of
controls?
a. Substantive testing
b. Parallel Simulation
c. Reperformance
d. Test Data

7. The primary objective of test of controls in auditing around the computer is

a. To test the compliance in its operation and reduce further the preliminary level of
control risk.
b. To test the balances of financial statements and to reduce its risk up to an acceptable
level
c. To test the adequacy of the design and its effectiveness
d. To locate the errors in the clients computer system and suggest to update them

8. In obtaining and documentation, understanding of entitys controls under auditing around the
computer involves the following, except;
a. Control environment
b. Accounting Information and Communication
c. System development and documentation
d. Risk Assessment

9. Which of the following statements are correct?

I. Auditing around the computer is also known as black box approach
II. Having a high level of control risk were both general and application controls Require
auditing around the computer
III. Both manual-based and C.B.I.S used the same technique in test of control
a. III only
b. I only
c. I and III only
d. I and II only

10. When would Auditing around the computer be appropriate?

a. When controls over the computer system are non-existence.
b. When controls over the computer system are strong.
c. When controls over the computer system are adequate.
d. It is never appropriate to audit around the computer.

Page 6 of 20
 AUDITING THROUGH THE COMPUTER
1. The auditor should audit through the computer when, except
a. The processing logic embedded within the application system is complex.
b. Significant parts of the internal control system are embodied in the computer
system.
c. The system is simple and batch oriented
d. The inherent risk associated with the application system is high.

2. Which of the following statement is true about the advantages of auditing through the
computer is true.
I. It is simple approach and can be done by the auditor who has little technical knowledge
of the computer.
II. The auditor is better able to access the systems ability to cope up with the change and
the likelihood of losses or account misstatement arising in the future.
a. Statement I
b. Statement II
c. Both I & II
d. None

3. This requires the auditor to examine the detailed processing routines of the computer to
determine whether the controls in the system are adequate to ensure complete and correct
processing of all data.
a. Auditing around the computer
b. Test Data
c. Parallel Simulation
d. Auditing through the computer

4. Tools used by auditor with the computer to aid in the effective and efficient performance of an
audit whereby the computer programs allow auditors to test computer files and data bases. (If
through the computer approach is adopted).
a. CAATs
b. Generalized Audit Software (GAS)
c. Test Data
d. Integrated Test Facility

5. Auditing through the computer must be used when

a. Outputs are in hard copy form.
b. Processing is primarily online and updating is real-time
c. Input transactions are batched and system logic is straightforward
d. Processing primarily consists of sorting the input data and updating the master file
sequentially.

Page 7 of 20
6. All are the approaches in auditing through the computer using CAAT are, except
a. validating computer programs
b. reviewing systems software
c. continuous auditing
d. testing of input & output

7. In auditing through the computer, testing both controls and transactions involves
a. Only physical input and output from automated devices
b. Actual use of computer system
c. Not concern with how processing actually occurs in the system
d. None of the above

8.
I. Auditing through the computer refers both to the study of internal control and to the use of
the computer to perform audit tasks, such as obtaining substantive monetary evidence.
II. Auditing through the computer refers to making use of the computer itself to test the
operative effectiveness of application controls in the program actually used to process
accounting data.
a. Both statement are true
b. Only statement I is true
c. Both statement are false
d. Only statement II is true

9. Which of the following characteristics distinguishes computer processing from manual

processing?
a. Computer processing virtually eliminates the occurrence of computational error
normally associated with manual processing.
b. Most computer systems are designed so that transactions trails useful for audit
purposes do not exist.
c. Errors or fraud in computer processing will e detected soon after their occurrences.
d. The potential for systematic error is ordinarily greater in manual processing than
computerized processing.

10. Which of this statement is related to auditing through the computer?

I-The computer is used to perform test of controls and substantive testing.
II-The computer is treated as black box that is ignored for auditing purposes.
a. I only
b. II only
c. I and II
d. None

Page 8 of 20
 TEST DATA
1. Which is correct about the test data technique?
a. The test data technique is based on auditors creation of input data that should be
processed by clients application
b. The test data technique is based on clients creation of input data that should be processed
by auditors application
c. The test data technique is based on clients and auditors creation of input data that should
be processed by clients application
d. None of the above

2. Test data involves auditor preparation of a series of fictitious transactions

a. The auditors program is used to process actual data
b. The auditor examines the results and determines whether the errors were detected by the
clients system
c. The auditor writes a computer program that replicates part of the clients system
d. The auditor needs built in test environments within the system

3. The following statements define test data technique , except:

a. It can be developed by the auditor to test specific controls in computer programs
b. Test data in the form of the test transactions can be selected from previously processed
transactions or can be created by the auditor to test specific programmed procedures of the
computer program
c. This approach is used primarily with the large scale, online systems serving multiple
location within the company or organization
d. Test data in the form of test transactions can be used in a live mode, where a dummy unit
is established to which test transactions are posted during normal processing.

4. Examples of errors that maybe included in test data:

a. Supplier account codes that do not exist
b. Employees earning in excess of the certain limit
c. Submitting data with incorrect batch control totals
d. All of the above

5. In conducting audit test data there are some difficulties involve, except:
a. Cost
b. Live testing is dangerous
c. No visible evidence of audit work performed
d. open and involve all the technique

6. There are main approaches to the use of test data , except:

a. Using live data

Page 9 of 20
 b. Dummy data in a normal production run
c. Online audit monitor
d. Dummy data in a special run

7. In test data, data maybe processed during:

a. a normal operational cycle ('live' test data) only
b. during a special run at a point in time outside the normal operational cycle ('dead' test data)
only
c. Both A and B
d. None of the above

8. Test data allow the auditor to:

a. Independently access the data stored on a computer system without dependence on the
client;
b. Test the reliability of client software, i.e. the IT application controls (the results of which can
then be used to assess control risk and design further audit procedures);
c. Increase the accuracy of audit tests; and Perform audit tests more efficiently, which in the
long-term will result in a more cost effective audit.
d. All of the above

9. Test data could be held in the form of a batch of documents that is captured into the system to:
a. Test both the manual and computer controls (applications and programmed controls).
b. Assist an auditor in the collection of audit evidence from computerized systems.
c. used to process actual client data
d. possibility of accidental integration of fictitious and actual data

10. Which of the following (is) characteristic are of test data?

I. Audit test data is data submitted by the auditor for processing by the clients
computer based accounting system in order to test the operation of the enterprises
computer programs.
II. It may be processed during a normal production run or during a special run at a point
in time outside the normal cycle.
III. The results from the auditors program and that of the clients routine processing are
compared

a. I only c. II and III

b. I and II d. III only

Page 10 of 20
 PARALLEL SIMULATION
1. Which of the following is/ are characteristic/s of parallel testing?
I. Ensures that the new version of the application performs correctly
II. Ensures consistencies and inconsistencies are the same between the old and the new version.
III. Ensures that the systems are running effectively
IV. Verifies if the data format between the two versions have changed

a. I only c. I, II, & IV only

b. I & II d. I, II, II, & IV
2. I. Parallel testing is a testing technique in which the same inputs are entered in two different
versions of the application and reporting the anomalies.
II. It provides evidence of the validity of processing if the second processing system yields the same
results as the first.

a. Only statement one is correct

b. Both statements are correct.
c. Neither of the two is correct
d. Only statement two is correct

3. Which of the following is true about parallel testing?

a. It consists of two or more parts that check different parts or functional characteristics of an
application.
b. It is executed on individual computers one by one.
c. The ability to test more than one application part "in parallel" allows you to significantly reduce
the test time and test your applications more efficiently.
d. A and C

4. I. the auditor processes simulated client data on an audit program similar to some aspect of the
clients program
II.The auditor compares the result of this processing with the results of the processing done by the
clients program
a. Statement 1 is true, statement 2 is false
b. Statement 1 is false, statement 2 is true
c. Both statements are true
d. Both statements are false

5. all the following statements are true except

a. the auditor writes a computer program that replicates part of the clients system
b. the auditors program is used to process fictitious client data
c. the results from the auditors program and that of the clients routine processing are compared
d. none of the above

6. parallel simulation is the best technique for verification of following calculations

a. depreciation
b. payroll
c. taxes
d. all of the above

Page 11 of 20
7. Parallel simulation is an audit technique employed to verify processing logic by making use of audit
test program. This audit test program review which statement indicates the use of parallel
simulation audit technique
a. live transactions or process using live program
b. live transactions or process using test ,aster files
c. test transactions are processed using test program
d. live transactions or process using test program

8. The output of a parallel simulation should always be

a. Printed on a report
b. Compared with actual results manually
c. Compared with actual results using a comparison program.
d. Reconciled to actual processing output

9. Test data, integrated test data and parallel simulation each require an auditor to prepare data and
computer program. CPAs who lack either the technical expertise or time to prepare programs should
request from the manufacturers of EDP consultants for

a. The program code

b. Flowchart checks
c. Generalized audit software
d. Application controls

10. Which of the following computer-assisted auditing techniques processes client input data on a
controlled program under the auditors control to test controls in the computer system?
a. Test data
b. Review of program logic
c. Integrated test facility
d. Parallel simulation

Page 12 of 20
 INTEGRATED TEST FACILITY

1. Which of the following CAATs allows fictitious and real transactions to be processed together
without the knowledge of client operating personnel?

a. Data entry monitor c. Parallel simulation

b. Integrated test facility (ITF) d. Input control matrix

2. All of the following are advantages of using ITF, except:

a. It allows regular comprehensive testing of the live system

b. Testing can be scheduled and known to other staff
c. Small operational costs are involved once it is set up
d. It provides prima facie evidence of correct program functions

3. In Integrated Test Facility technique,

I. Transactions can be randomly entered by the auditor and these test transactions are
processed along with real transactions.
II. Distinguishing test transactions from real transactions can be easily determined and
requires in extensive computer related knowledge

a. Statement I is true, Statement II is false

b. Statement I is false, Statement II is true
c. Both statements are true
d. Both statements are false

4. Computer assisted audit techniques that auditors may employ to test computer programs, except:
a. Test data c. Access controls
b. Parallel simulation d. Integrated test facility

5. Which of the following is a benefit of an Integrated test facility?

a. It affirms application systems and tests the ongoing operation of the system
b. It uses actual master files or dummies and the IS auditor does not need to assess the source of
the transactions.
c. Periodic testing does not require separate test processes.
d. The requirement to prepare test data is eliminated.

6. All of the followng statements are true about the Integrated Test Facility (ITF), except:

a. Production reports are affected by Integrated Test Facility transactions.

b. ITF databases contain dummy records integrate with legitimate records.

Page 13 of 20
 c. ITF permits ongoing application auditing.
d. ITF does not disrupt operations or require the intervention of computer service personnel.

7. Integrated Test Facility technique is referred to as:

a. Embedded audit module c. Penetration test

b. Continuous auditing technique d. Information system risk
assessment
8. All of the following statements are true regarding Integrated Test Facility, except:

a. It may represent a fictitious division, department, office, customer,or supplier.

b. Processing these test transactions to update these dummy records will not affect
actual records.
c. Because real and fictitious transwcations are process together, company
employees are aware that testing is taking place.
d. None of the above.

9. One of the computer assisted audit techniques that makes up false data and puts it through with
actual client transactions at the beginning of the system and runs it through till the end.

a. Test data c. Integrated test facility

b. Parallel simulation d. Snapshot technique

10. Integrated Test Facility

I. Simulated data is assigned a specila code to distinguish it from real data.
II. Simulated data is integrated with real data and processed in normal course of business.

a. Statement I is true, Statement II is false

b. Statement I is false, Statement II is true
c. Both statements are true
d. Both statements are false

Page 14 of 20
 CAPITAL ACQUISITION AND REPAYMENT CYCLE
1. The primary focuses of the audit of debt are:
a. Accuracy and completeness c. Completeness and valuation
b. Accuracy and existence d. Accuracy and valuation

2. Which of the following accounts is not audited within capital acquisition and repayment cycle?
a. Note payable c. Account payable
b. Interest expense d. Bond payable

3. Which of the following is an auditor least likely to consider in determining the appropriate tests
of details of balances for notes payable?
a. Business risk. c. Results of analytical procedures.
b. Inherent risk. d. Acceptable audit risk.

4. All are controls of the auditor about the audit of Notes Payable, except

a. Adequate controls over the repayment of principal and interest.

b. Proper independent verification
c. Independent registrar and stock transfer agent.
d. Proper authorization for the issue of new notes.

5. I- Independent registrar commonly disburse cash dividend to shareholders.

II- Public companies whose stock is listed on a stock exchange must have stock transfer agent.
a. Both statements are true. c. Only statement I is true.
b. Both statements are false d. Only statement II is true.

6. All are internal controls related to owners equity that are concern to the auditor, except
a. Proper independent verification.
b. Proper authorization of transactions.
c. Proper record keeping and segregation of duties.
d. Independent registrar and stock transfer agent.

7. The audit of owners equity of public and private companies is very different. Which of the
following is not one of these differences?
a. The number of transactions (private companies have fewer transactions)
b. Payment of dividends (public companies rarely pay dividends)
c. Complexity of transactions (public companies have more complex transactions)
d. Type of noncurrent debt(public companies issue more bonds)

8. What are the audit objectives for capital stock?

I- Recorded capital stock transaction occurred.
II- Existing capital stock transactions are recorded.
III- Capital stock is accurately recorded.

Page 15 of 20
 IV- Capital stock are properly presented and disclosed.
a. I, II, III c. I, III, IV
b. II, IV d. I, II, III, IV

9. Which of the following accounts is associated with a transaction cycle other than acquisition and
payment?
a. Common stock c. Accrued property taxes
b. Property, plant and equipment d. Income tax expense

10. Responsibility for the issuance of new notes payable should be vested in the:
a. Board of directors.
b. Purchasing department.
c. Accounting department.
d. Accounts payable department.

Page 16 of 20
 BATCH PROCESSING

1. Which of the following statements is false about batch processing?

a. Batch processing provides as much of an audit trail as any computerized operation.
b. Batch processing is suitable for applications that can be processed against the master file at
intervals and involve large volumes of similar items.
c. Batch processing allows users to inquire about groups of information contained in the system.
d. Batch processing is the accumulation and grouping of transactions for processing on a delayed
basis.

2. Which of the following is not a characteristic of a batch processed computer system?

a. The collection of like transactions which are sorted and processed sequentially against a master
file.
b. Keypunching of transactions, followed by machine processing.
c. The production of numerous printouts.
d. The posting of a transaction, as it occurs, to several files, without immediate printouts.

3. Misstatements in a batch computer system caused by incorrect programs or data may not be
detected immediately because
a. Errors in some transactions may cause rejection of other transactions in the batch.
b. The identification of errors in input data typically is not part of the program.
c. There are time delays in processing transactions in a batch system.
d. The processing of transactions in a batch system is not uniform.

4. Mill Co. uses a batch processing method to process its sales transactions. Data on Mills sales
transaction tape are electronically sorted by customer number and are subject to programmed edit
checks in preparing its invoices, sales journals, and updated customer account balances. One of the
direct outputs of the creation of this tape most likely would be a
a. Report showing exceptions and control totals.
b. Printout of the updated inventory records.
c. Report showing overdue accounts receivable.
d. Printout of the sales price master file.

5. The batch processing of business transactions can be appropriate mode when

a. The sequence of master file records is not relevant
b. Unique hardware features are available
c. Timeliness is a major issue
d. Economy scale can be gained because of high volumes of transactions

6. The importance of batch processing method is

a. Examine the physical system
b. Lessen the delay of the transactions
c. Updates the quantity on hand field in the inventory record.
d. Make the system secure

Page 17 of 20
7. Batch processing system might be appropriate for all the following except:
a. Maintain inventory control
b. To meet expected sales discount
c. Perform production operations
d. Plan and control productions

8. The batch processing of business transactions can be appropriate mode when

a. The sequence of master file records is not relevant
b. Unique hardware features are available
c. Timeliness is a major issue
d. Economy scale can be gained because of high volumes of transactions.

9. Errors in data processed in a batch computer system may not be detected immediately because
a. Transaction trails in a batch system are available only for a limited period of time.
b. There are time delays in processing transactions in a batch system.
c. Errors in some transactions cause rejections of other transaction in a batch.
d. Random errors are more likely in a batch system than in a on-line system.

10. When source documents, such as payroll time cards or sales orders , are accumulated daily, weekly,
or monthly and the input is validated to create a transaction file, this is called
a. On- line input with real-time processing
b. On-line input with batch processing
c. Batch input and processing
d. Batch input with real-time processing

Page 18 of 20
 ON-LINE REAL TIME
(OL-RT)
1. The computer process whereby data processing is performed concurrently with a particular
activity and the results are available soon enough to influence the course of action being taken
or the decision being made is called:
a. Random access sampling
b. Integrated data processing
c. On-line, real-time system
d. Batch processing system

2. In an online real time processing system:

a. Individual transactions are entered at workstations, validated and used to update related
computer files immediately
b. Individual transactions are entered at a workstation, subjected to certain validation checks
and added to a transaction file that contains other transactions entered during the period.
c. Individual transactions immediately update a memo file containing information which has
been extracted from the most recent version of the master file.
d. The master files are updated by other systems.

3. It combines on-line real time processing and on-line batch processing.

a. On-Line/Memo Update (and Subsequent Processing)
b. On-Line Downloading/Uploading Processing
c. On-Line/Inquiry
d. On-Line/Combined Processing

4. The following are sub processes of Online Real-time system. Which one does not belong?
a. Business Events and Data
b. Master Data
c. Generated Reports
d. None of these

5. All of the following are factors to consider in designing an online real-time system, which one
does not belong?
a. Interrupts
b. Queues
c. Priority Allocation
d. None of the above

6. What type of online computer system is characterized by data that are assembled from
more than one location and records that are updated immediately?

a. Online, batch processingsystem c. Online, inquiry system

b. Online, real-time processing system d. Online, downloading system

Page 19 of 20
7. Express Padala, Inc. stated in one of its mission statements that positive control of each
package will be maintained by utilizingelectronic tracking and tracing sytems, Express
Padala uses what type of IT system?
a. Batch processing which features immediate updating as to the location of packages.
b. Real-time processing which features updating at fixed time periods.
c. Batch processing which features updating at fixed time periods.
d. Real-time processing features immediate updating as to the location of packages.

8. An entity has recently converted its revenue/receipt cycle from a manual processing to
an online, real-time processing system. Which is the most probable result associated
with conversion to the new computerized processing system?
a. Less segregation of traditional duties
b. Significant increase in processing time
c. Reduction in the entitys risk exposures
d. Increase in processing errors

9. Which of the following is not an attribute of an online real-time system?

a. Timeliness
b. Confidentiality
c. Relevance
d. None of the above

10. This type of application in an OLRT continuously process feedback data to adjust one or more
outputs.
a. General purpose OS
b. Event response
c. Closed loop control
d. None of the above

Page 20 of 20