Department of Accounting, Law and Taxation

University of the-East Caloocan

Final Quiz 1

Name: _________________________________ Subject and Section: ______________________

Professor:______________________________ Date:____________________

I – MATCHING TYPE:
Listed below are items that relate / refer to the descriptions presented. Match each terminology / concept
to the statements given. Write in CAPITAL LETTER the appropriate answer for each item:
A. Detailed System Design Report H. Parallel Operation Cutover
B. Program Flowchart I. Turnkey System
C. Systems Selection Report J. Control Risk
D. Systems Analysis Report K. Attestation Services
E. System Flowchart L. Operational Feasibility Study
F. Mutual Aid Pact M. Economic Feasibility Study
G. Cold Turkey Cutover N. Legal Feasibility Study

1. Protection from inadvertent disclosures of confidential information is part of the detailed of

what type of feasibility study?
2. A cost-benefit analysis is a part of the detailed of what type of feasibility study?
3. The formal product of the systems evaluation and selection phase of the Systems Development
Life Cycle is _____________________________.
4. The degree of compatibility between the firm’s existing procedures and personnel skills and
the requirements of the new system is called _____________________________.
5. A second site backup agreement between two or more firms with compatible computer facilities
to assist each other with data processing needs in an emergency is called _________.
6. A type of engagement wherein limited to examination, review, and application of agreed-upon
procedures.
7. Kind of risks -the likelihood that the control structure is flawed because controls are either
absent or inadequate to prevent or detect errors in the accounts ___________.
8. When converting to a new system, which cutover method is the most conservative?
9. Which type of documentation shows the detailed relationship of input files, programs, and
output files? _________.
10. The output of the detailed design phase of the Systems Development Life Cycle (SDLC) is a
_______________.

II – TRUE OR FALSE:
Evaluated the following sentences and write before the number whether it is True or False.

1. To fulfill the segregation of duties control objective, computer processing functions (like
authorization of credit and billing) are separated.
2. A qualified opinion on management’s assessment of internal controls over the financial reporting
system necessitates a qualified opinion on the financial statements.
3. A disaster recovery plan is a comprehensive statement of all actions to be taken after a disaster.
4. Use of the integrated test facility poses no threat to organizational data files.
5. A recovery module suspends all data processing while the system reconciles its journal files
against the database.

1
MRMD
 6. Operating system controls are of interest to system professionals but should not concern
accountants and auditors.
7. Application controls apply to a wide range of exposures that threaten the integrity of all programs
processed within the computer environment.
8. Assurance services is an emerging field that goes beyond the auditor’s traditional attestation
function.
9. Substantive testing techniques provide information about the accuracy and completeness of an
application's processes.
10. In the object-oriented approach to systems design, an instance is a logical grouping of individual
objects which share the same attributes and operations.

III – MULTIPLE CHOICE:

Evaluate the following statements and encircle the letter of your choice corresponding to the best answer.

1. Which statement is incorrect when auditing in a CIS environment?

a. A CIS environment exists when a computer of any type or size is involved in the processing
by the entity of financial information of significance to the audit, whether that computer is
operated by the entity or by a third party.
b. The auditor should consider how a CIS environment affects the audit.
c. The use of a computer changes the processing, storage and communication of financial
information and may affect the accounting and internal control systems employed by the
entity.
d. A CIS environment changes the overall objective and scope of an audit.
2. Which of the following CAATs allows fictitious and real transactions to be processed together without
the knowledge of client operating personnel?
a. Data entry monitor
b. Integrated test facility (ITF)
c. Parallel Simulation
d. Input control matrix.
3. Auditing through the computer must be used when
a. Generalized audit software is not available.
b. Processing is primarily online and updating is real-time.
c. Input transactions are batched and system logic is straightforward.
d. Processing primarily consists of sorting the input data and updating the master file sequentially.
4. The following statements relate to the auditor’s assessment of control risk in an entity’s computer
environment. Which is correct?
a. The auditor usually can ignore the computer system if he/she can obtain an understanding of the
controls outside the computer information system.
b. If the general controls are ineffective, the auditor ordinarily can assess control risk at a low level if the
application controls are effective.
c. The auditor’s objectives with respect to the assessment of control risk are the same as in manual
system.
d. The auditor must obtain an understanding of the internal control and test controls in computer
environments.
5. If a payroll system continues to pay employees who have been terminated, control weaknesses most
likely exist because
a. Input file label checking routines built into program were ignored by the operator.
b. Programmed controls such as limit checks should have been built into the system.

2
MRMD
c. Procedure were not implemented to verify and control the receipt by the computer processing
department of all transactions prior to processing.
d. There were inadequate manual controls maintained outside the computer system.
6. Many customers, managers, employees and suppliers have blamed the computer for making errors. In
reality, computers make very few mechanical errors. Which of the following is the most likely source of
errors in a fully operational computer based system?
a. Systems analysis and programming
b. Operator error
c. Processing
d. Input
7. Which of the following assurances is not provided by an application control?
a. Review and approval procedures for new systems are set by policy and adhered to.
b. Authorized transactions are completely processed once and only once.
c. Transaction data are complete and accurate.
d. Processing results are received by the intended user. \
8. All administrative and professional staff in an entity’s legal department prepare documents on terminals
connected to a host LAN file server. Which of the following is the best control over unauthorized access to
sensitive documents in the system?
a. Required entry of passwords for access to the system.
b. Required entry of passwords for access to individual documents.
c. Physical security for all containing document files.
d. Periodic server backup and storage in a secure area.
9. Which of the following would represent an internal control weakness in a CIS environment?
a. The computer librarian maintains custody of computer application programs and files.
b. The data control group is solely responsible for distributing computer-generated reports.
c. Computer operators have access to operator instructions and have the authority to modify application
programs.
d. Computer programmers write and modify programs designed by system analysts.
10. Which step is not used to evaluate a systems proposal? An analysis of the project’s
a. feasibility factors
b. ability to eliminate nonessential activities and costs
c. ability to provide a competitive advantage to the firm
d. use of Computer Aided Software Engineering (CASE) tools in developing the system
proposal

3
MRMD