Auditing Exam 2

What is Audit Risk?

The possibility that the auditors may unknowingly fail to appropriately modify their opinion on financial statements that are materially misstated.

What must auditors due to reduce audit risk?

Auditors must obtain sufficient appropriate audit evidence to reduce audit risk to a low level in every audit.

What are relevant financial assertions?

Relevant assertions are those that, without regard for controls, have a reasonable possibility of containing a material misstatement.

Types of Financial Statement Assertions

- Assertions about account balances (accounts)
- Assertions about classes of transactions and events (transactions)
- Assertions about presentation and disclosure (Disclosures)

Definition: Existence or Occurrence

Assets, liabilities, and equity interests exist and recorded transactions have occurred.

Definition: Rights and Obligations

The company holds rights to the assets, and liability are the obligations of the company

Definition: Completeness

All assets, liabilities, equity interests, and transactions that should have been recorded have been recorded

Definition: Valuation, Allocation and Accuracy

All transactions, assets, liabilities and equity interests are included in the financial statements at proper amounts.

Definition: Cutoff

Transactions and events have been recorded int he correct accounting period.

Definition: Presentation and Disclosure

Accounts are described and classified in accordance with generally accepted accounting principles, and financial statement disclosures are complete, appropriate, and clearly expressed.

Definition: Inherent Risk

Risk of a material misstatement occurring in an assertion assuming no related internal controls.

Definition: Control Risk

Risk that a material misstatement in an assertion will not be prevented or detected on a timely basis by the company's internal control.

Definition: Detection Risk

Risk that the auditors' procedures will lead them to conclude that a material misstatement does not exist in an assertion when in fact such misstatement does exist.

What are the factors that affect inherent risk?

- Nature of the client and its environment
- Nature of the particular financial statement element

What are the business characteristics indicative of high inherent risk?

- Inconsistent profitability of client
- Operating results highly sensitive to economic factors
- Going concern problems
- Large known and likely misstatements detected in prior audits
- Substantial turnover, questionable reputation, or inadequate account

What do the assertions with high inherent risk involve?

- Difficult to audit transactions or balances
- Complex calculations
- Difficult accounting issues
- Significant judgment by management
- Valuations that vary significantly based on economic factors

What are the types of transactions?

- Routine
- Non Routine
- Estimation transactions

What are routine transactions?

- Recurring financial statement activities recorded in the accounting records in the normal course of business
- Lower inherent risk

What are nonroutine transactions?

- Involve activities that occur only periodically such as the taking of physical inventories
- High inherent risk

What are estimation transactions?

- Activities that create accounting estimates
- Higher Inherent risk

What is appropriate audit evidence?

Must be
- Relevant
- Reliable

When is audit evidence ordinarily more reliable?

When it is:
- Obtained from knowledgeable independent sources outside the company rather than nonindependent sources
- Generated internally through a system of effective controls rather than ineffective controls.
- Obtained directly by the auditor rather

What are the types of audit evidence?

1. Accounting information system
2. Documentary evidence
3. Third-party representations
4. Physical evidence
5. Computations
6. Data interrelationships
7. Client representations

What are common audit procedures?

- Inquiry
- Inspection of records or documents
- Inspection of tangible assets
- Observation
- External confirmation
- Recalculation
- Reperformance
- Analytical procedures

What are the types of audit procedures?

- Risk assessment procedures
- Further Audit Procedures: Test of controls & Substantive Procedures

What are risk assessment procedures?

To obtain an understanding of the client and its environment, including its internal controls, to assess the risks of materials misstatement

What are tests of controls?

When appropriate, to test the operating effectiveness of controls in preventing material misstatements

What are substantive procedures?

To detect material misstatements at relevant assertion level. Substantive procedures include (a) analytical procedures, (b) tests of details of account balances, transactions and disclosures

What are tests of details?

- Tests of account balances
- Tests of classes of transactions
- Tests of disclosures
- One may change the scope of audit procedures by changing the Nature, Timing and Extent.

Holding the extent of procedures constant, one may increase the scope of procedures (make them more effective) by either changing the _____ or ______.

Nature - Obtain more reliable evidence
Timing - wait until year-end to obtain evidence from entire set of transactions as contrasted to performing interim testing, say two months prior to year-end and simply updating those procedures.

What happens when you hold other factors such as the nature and timing of procedures constant?

- The greater the risk of material misstatement, the greater the needed extent of substantive procedures
- The main way to increase the extent of audit procedures is to examine more items
- Sample sizes should reduce detection risk so as to restrict audit

What is the timing of analytical procedures?

Risk assessment
Substantative procedures
Final Review

What are the steps involved with analytical procedures?

- Develop expectation of account (or ratio) balance
- Determine amount of difference that can be accepted without investigation
- Compare the company's account (ratio) with the expectation
- Investigate and evaluate significant differences

How do you develop an expectation?

- Prior period information
- Anticipated results
- Relationships among elements of financial information within a period
- Industry information
- Relationships between financial information and relevant nonfinancial data

What are the types of expectations?

- Trend analysis - analyze change in accounts of a company over time
- Ratio analysis - compare relationships between two or more financial statement accounts or comparisons of account balances to nonfinancial data
- Liquidity
- Leverage
- Profitability
-

What are the approaches to ratio analysis?

- Horizontal analysis
- Cross sectional analysis
- Vertical analysis
- Other (Regression analysis, reasonableness test)

What is Horizontal analysis?

Reviews ratios over time

What is cross sectional analysis?

Analyze ratios of similar firms at a point in time

What is Vertical analysis?

Analyze relationships within a period
"Common size" statements prepared

What are the basic approaches to auditing accounting estimates?

- Review and test managements process for developing the estimate
- Independently develop an estimate to compare to management's estimate.
- Review subsequent events or transactions bearing on the estimate

What are the inputs to use in applying valuation techniques?

- Level 1 - inputs of observable quoted prices in active markets for identical assets or liabilities
- Level 2 - inputs of observable quoted prices, generally for similar assets or liabilities in active markets
- Level 3 - inputs that are unobservable for

What are the primary functions of audit documentation?

Support the auditors' compliance with auditing standards
Support the auditors' opinon

What are the secondary functions of audit documentation?

- Assist continuing and new audit team members in planning and performing the audit
- Serves as a record of matters of continuing audit interest
- Assists in supervision and review of the audit
- Demonstrates the accountability of team members
- Assists i

Audit documentation should be sufficient to:

- Enable an experienced auditor to understand the work performed and the significant conclusions reached
- Identify who performed and reviewed the work
- Show that the accounting agree or reconcile to the financial statements

Audit documentation should include:

All significant audit findings and the actions taken to address them

Types of working papers

- Audit administrative working papers
- Working trial balance
- Lead schedules
- Adjusting journal entries and reclassification entries
- Supporting schedules
- Analysis of a ledger account
- Reconciliations
- Computational working papers
- Corroborating

Which of the following is not a component of audit risk?
a) Control Risk
b) Detection Risk
c) Sufficiency Risk
d) Inherent Risk

c) Sufficiency Risk

Which type of risk does an auditor have control over through substantive auditing procedures?
a) Control Risk
b) detection risk
c) sufficiency risk
d) inherent risk

b) detection risk

Which type of risk does the management of a company have the most control over in the short term?
a) Control risk
b) detection risk
c) sufficiency risk
d) inherent risk

a) Control risk

Which of the following descriptions best describes inherent risk?
a) Auditors fail to discover a material misstatement in the course of their audit and do not modify their audit opinion
b) A company's internal control fails to identify a material misstate

d) The possibility that a material misstatement will occur in any given account before considering internal control.

Further audit procedures include:
a) Risk assessment procedures
b) Audit planning
c) Tests of controls
d) Diagrams of transaction cycles

c) Tests of controls

Which of the following is a basic procedures used in an audit?
a) Tests of cycles
b) risk analytic testing
c) substantive procedures
d) test of evidential directionality

c) substantive procedures

Auditors must gather "sufficient appropriate audit evidence" to support their audit opinion. Which of the following is least likely to serve as a substitute for performing other audit procedures?
a) the physical observation of the counting of company inve

d) Obtaining a representation letter signed by top management

The type of transactions that ordinarily have a high inherent risk because they involve management judgments or assumptions are referred to as:
a) Estimation transactions
b) Nonroutine transactions
c) routine transactions
d) substantive transactions

a) Estimation transactions

Which of the following ordinarily is considered the weakest form of evidence?
a) Actual physical evidence
b) Documentary evidence obtained form outside the company
c) Documentary evidence obtained from inside the company
d) Replies to company employees to

d) Replies to company employees to auditor oral inquiries

Which method of analytical procedure analysis is most useful because many expenses, such as cost of goods sold, might be expected to bear a predictable relationship to net sales?
a) horizontal analysis
b) reasonableness analysis
c) trend analysis
d) verti

d) vertical analysis

One type of analytical procedure is trend analysis. Which of the following is the best example of trend analysis?
a) Comparison of company financial ratios to that of its competitors
b) Comparison of accounting records to budgeted amounts
c) Comparison of

c) Comparison of inventory levels over the past 3 years

Which of the following is not one of the primary approaches auditors use when evaluating the reasonableness of accounting estimates?
a) Review and test management's process of developing estimates
b) Confirm estimates directly with outsiders
c) Independen

b) Confirm estimates directly with outsiders

Audit documentation relating to the A company audit should be sufficient to allow which type of auditor to understand the audit work performed?
a) any auditor
b) any auditor that works on A Company's audit
c) an experienced auditor
d) an experienced audit

c) an experienced auditor

Documentation may not be deleted from the working papers after the:
a) Audit report delivery date
b) Date of the audit report
c) Documentation completion date
d) Final day of fieldwork

c) Documentation completion date

What are the steps for an audit process?

1. Plan the audit
2. Obtain an understanding of the client and its environment, including internal control
3. Assess the risks of material misstatement and design further audit procedures
4. Perform further audit procedures
5. Complete the audit
6. Form a

How do you establish an understanding with the client?

This is ordinarily accomplished through the use of an engagement letter.
Related, determine that
- The firm meets professional independence requirements
- There are no issues relating to management integrity
- The client understands the terms of the engag

What items need to be included in the engagement letter?

- Name of entity
- Management responsibilities
- Auditor responsibilities

What are the management responsibilities to be included in an engagement letter?

- Financial Statements
- Establishing effective internal control over financial reporting
- Compliance with laws and regulations
- Making records available to the auditors
- Providing written representations at the end of the audit, including that adjustm

What are the Auditor responsibilities to be included in an engagement letter?

-Conducting an audit in accordance with GAAS
- Obtaining an understanding of internal control to plan audit and to determine the nature, timing and extent of procedures
- Making communications required by GAAS

What are the risk assessment procedures?

- Inquiries of management and others within the entity
- Analytical procedures
- Observation and inspection relating to client activities, operations, documents, reports and premises
- Other procedures, such as inquiries of others outside the company and

How do you determine materiality?

- Use professional judgment and based on reasonable person
- Consider both quantitative and qualitative factors

What is materiality used in?

Planning the audit
- at the overall financial statement level
- Allocate to individual accounts
Evaluating audit findings

What are the two types of fraud?

- Fraudulent financial reporting
- Misappropriation of assets

What are the procedures to assess fraud risk

- Discussion among engagement team
- Inquiries of management and other personnel
- Risk assessment analytical procedures (to aid in planning the audit)
- Considering fraud risk factors
- Incentives
- Opportunity
- Attitude

What are some considerations for identifying fraud risk?

- Type
- Significance
- Likelihood that it will result in a material misstatement
- Pervasiveness

What are the steps if you discover fraud?

- Communication to appropriate level of management
- If fraud involves senior management or material misstatement communicate to audit committee

What should further audit procedures include?

- Substantive procedures for all relevant assertions
- Tests of controls when the auditors' risk assessment includes an expectation that controls are operating effectively, or when substantive procedures alone are not sufficient

What are the overall responses when assessed risks of material misstatement are high?

- Heightened professional skepticism
- Assigning more experienced staff
- Assigning staff with specialized skills
- Providing more supervision

What is an audit trail?

A trail of evidence that links source documents, journal entries and ledger entries

What directions may an auditor follow the audit trail related to the direction of testing?

- Test for existence or occurrence
- Test for completeness

What is the systems portion of an Audit program?

- Deals with client's internal control
- Evidence of test of controls and assessing control risk

What is the Substantive test portion of an audit program?

- Deals with financial statement account balances
- Indirect and direct verification of income statement accounts

What are the objectives of substantive programs for asset accounts?

- Establish the existence of assets
- Establish that the company has rights to the assets
- Establish the completeness of recorded assets
- Verify the cutoff of transactions
- Determine the appropriate valuation of the assets and accuracy of related trans

Adequate planning and design of an audit is necessary for an auditor to restrict which type of audit risk?
A) Control Risk
B) Detection Risk
C) Sufficiency Risk
D) Inherent Risk

Detection Risk

B&M auditors have been accepted as the auditors of World Wide Widgets (3W). What are B&M's responsibilities with regard to contacting 3W's predecessor auditors?
A) If 3W had a disagreement with its predecessor auditors, B&M should not contact the predeces

B&M should attempt communications with the predecessor auditors and ask if they had any accounting policy disagreements with 3W.

An engagement letter is best described as which of the following?
A) A letter from company management to the auditors specifying management's expectations for completion of the audit on a timely basis and the fees.
B) A letter from the auditors to company

A letter from the auditors to company management that specifies the responsibilities of both the company and the auditors in completing the audit and the timing for its completion.

Materiality can best be described as which of the following?
A) Materiality is typically measured as a fixed percentage of assets.
B) Materiality is typically measured as a fixed percentage of net income.
C) Materiality does not depend on the company bein

Materiality is the amount at which judgments based on the financial statements may be altered.

Which of the following is least likely to be required on an audit?
A) Test appropriateness of journal entries and adjustment
B) Review accounting estimates for biases
C) Evaluate the business rationale for significant, unusual transactions
D) Make a legal

Make a legal determination of whether fraud has occurred

Which of the following is most likely to be an overall response to fraud risks identified in an audit?
A) Supervise members of the audit team less closely and rely more upon judgment.
B) Use less predictable audit procedures.
C) Only use certified public

Use less predictable audit procedures.

Which of the following is most likely to be presumed to represent a fraud risk on an audit?
A) Capitalization of repairs and maintenance expense into the property, plant and equipment asset account
B) Improper revenue recognition
C) Improper interest expe

Improper revenue recognition

Which of the following is least likely to be included in an auditor's inquiry of management while obtaining information to identify the risks of material misstatement due to fraud?
A) Are financial reporting operations controlled by and limited to one loc

Are financial reporting operations controlled by and limited to one location?

An audit plan is a:
A) Detailed plan of analytical procedures and all substantive tests to be performed in the course of the audit.
B) Document that provides an overview of the company and a general plan for the audit work to be accomplished, timing of th

Document that provides an overview of the company and a general plan for the audit work to be accomplished, timing of the work, and other matters of concern to the audit.

An audit program is:
A) The detailed plan of audit procedures to be performed in the course of the audit.
B) An overview of the company and a general plan for the audit work to be accomplished.
C) A generic document that auditing firms have developed to l

The detailed plan of audit procedures to be performed in the course of the audit.

Which statement best describes the interaction of the systems and substantive approaches in the audit plan?
A) The systems approach focuses on testing controls to make sure they are effective, while the substantive approach is the detailed testing of spec

The systems approach focuses on testing controls to make sure they are effective, while the substantive approach is the detailed testing of specific accounts for accuracy.

Tracing from source documents to journals most directly addresses which financial statement assertion?
A) Completeness
B) Existence
C) Valuation
D) Rights

Completeness

Definition of Internal Control

A process, effected by the entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding, achievement of (the entity's) objectives on:
- Effectiveness and efficiency of operations
- Reliability of financi

What is the Foreign Corrupt Practices Act?

Passed in 1977 in response to American corporation practice of paying bribes and kickbacks to officials in foreign countries to obtain business.
The Act requires an effective system of internal control and makes illegal payment of bribes to foreign offici

What are preventive controls?

Aimed at avoiding the occurrence of misstatements in the financial statements.

What are detective controls

Designed to discover misstatements after they have occurred.

What are corrective controls?

Needed to remedy the situation uncovered by detective controls.

What are the components of internal control?

- The control environment
- Risk assessment
- The Accounting Information and Communication system
- Control Activities
- Monitoring

What are control environment factors?

- Integrity and ethical values
- Commitment to competence
- Board of directors or audit committee
- Management philosophy and operating style
- Organizational structure
- Human resource policies and practices
- Assignment of authority and responsibility

What are the factors indicative of increased financial reporting risk?

- Changes in regulatory or operating environment
- Changes in personnel
- Implementation of a new or modified information system
- Rapid growth of the organization
- Changes in technology affecting production processes or information systems
- Introductio

What are internal control activities?

- Performance reviews
- Information processing
- General control activities
- Application control activities
- Physical controls
- Segregation of duties
- Segregate authorization, recording and custody of assets

What are the objectives of an accounting system?

- Identify and record valid transactions
- Describe on a timely basis the transactions in sufficient detail to permit proper classification of transactions
- Measure the value of transactions appropriately
- Determine the time period in which the transact

What are ongoing monitoring activiities

Regularly performed supervisory and management activities

What are separate evaluations?

Performed on a nonroutine basis

What are the limitations of internal control?

- Errors may arise from misunderstandings of instructions, mistakes of judgment, fatigue, etc.
- Controls that depend on the segregation of duties may be circumvented by collusion
- Management may override the structure
- Compliance may deteriorate over t

What are Auditors' Overall Approach with Internal Control?

1. Plan the audit
2. Obtain an understanding of the client and its environment, including internal control
3. Assess the risks of material misstatement and design further audit procedures
4. Perform further audit procedures
5. Complete the audit
6. Form a

Understanding of internal control is used to help the auditor to:

- Identify types of potential misstatements
- Consider factors that affect the risks of material misstatement
- Design tests of controls (when applicable) and substantive procedures.

What are the five internal control components that auditors must consider?

- Control environment
- Accounting information system
- Risk assessment
- Control activities
- Monitoring

How do auditors obtain understanding of internal control?

- Inquiring of entity personnel
- Observing the application of specific controls
- Inspecting documents and reports
- Tracing transactions through the information system relevant to financial reporting

How do they document the understanding of internal control?

Questionnaires
Written Narratives
Flowcharts
Walk-through

How do auditors assess the risks of material misstatement?

- Identify risks while obtaining an understanding of the client and its environment, including its internal control
- Relate the identified risks to what can go wrong at the relevant assertion level
- Consider whether the risks are of a magnitude that cou

What are the responses to high risks at the financial statement level?

- Assigning more experience staff or those with specialized skills
- Providing more supervision and emphasizing the need to maintain professional skepticism
- Incorporating additional elements of unpredictability in the selection of further audit procedur

What is test of controls?

- Identifies controls likely to prevent or detect material misstatements
- Perform tests of controls to determine whether they are operating efficiently

What do test of controls address?

- How controls were applied
- The consistency with which controls were applied
- By whom or by what means the controls were applied

What is included in the test of controls?

- Inquiries of appropriate client personnel
- Inspection of documents and reports
- Observation of the application of controls
- Reperformance of the controls

What are the results of the test of controls used for?

Determining the nature, timing and extent of substantive procedures.

What is included in Management's Report on Internal Control under section 404a?

- Acknowledgment of responsibility for internal control
- An assessment of internal control effectiveness as of the last day of the company's fiscal year using suitable criteria
- Support the evaluation with sufficient evidence

What is batch processing?

- Input data gathered and processed periodically in groups
- Often more efficient than other types of systems but does not provide up-to-minute information

What are the two types of online systems used?

- Online transaction processing
- Online analytical prcoessing

What is Online transaction processing (OLTP)?

Individual transactions entered from remote locations
Example: Bank balance at ATM

What is online analytical processing (OLAP)?

Enables user to query a system for analysis

Internal Control in IT

- Separation of duties
- Clearly defined responsibility
- Augmented by controls written into computer programs

What is the audit train impact of IT Accounting systems?

- In a traditional manual system, hard-copy documentation available for accounting cycle
- In computerized environment, audit train ordinarily still exists, but often not in printed form
- Can affect audit procedures
- Consulting auditors during design st

What are the responsibilities in an IT System?

Information systems management
- Supervise the operation of the department and report to vice president of finance
Systems analysis
- Responsible for designing the system
Application programming
- Design flowcharts and write programming code
Database admi

What are the IT Control Activities?

- Developing new programs and systems
- Changing existing programs and systems
- Access to programs and data
- IT operations controls

What are the user control activities in an IT System?

- Designed to test the completeness and accuracy of IT-processed transactions
- Designed to ensure reliability
- Reconciliation of control totals generated by system to totals developed at input phase

What are the techniques for testing application controls?

Auditing around the computer - Manually processing selected transactions and comparing results to computer output
Manual Tests of Computer Controls - Inspection of computer control reports and evidence of manual follow-up on exceptions
Auditing through th

Internal control is primarily established within a company to do which of the following?
A) Prevent fraud.
B) Provide reasonable assurance that the company's objectives will be achieved.
C) Catch all errors that may occur in the company.
D) Aid in the eff

Provide reasonable assurance that the company's objectives will be achieved.

Providing reasonable assurance with respect to which of the following is not required under the internal control provisions of the Foreign Corrupt Practices Act?
A) Management is responsibility for knowledge and authorization of transactions.
B) Transacti

Access to assets is limited to members of management.

Which of the following is considered a control environment factor by the COSO definition of internal control?
A) Control objectives
B) Integrity and ethical values
C) Reasonable assurance
D) Risk assessment

Integrity and ethical values

Billy Jo is responsible for custody of the finished goods in the warehouse. If his company wishes to maintain strong internal control, which of the following responsibilities are incompatible with his primary job?
A) He is also responsible for the company

He is responsible for the accounting records for all receipts and shipments of goods from the warehouse.

Which of the following is least likely when an auditor performs an integrated audit of a public company's financial statements?
A) Issuing an audit report on internal control over financial reporting.
B) Issuing an audit report on the financial statements

Omitting tests of controls for several major accounts.

Which of the following describes the function of a fidelity bond?
A) An insurance policy that covers theft by a bonded employee.
B) A short term investment that is secured by a bank.
C) It is a procedure to separate the duties of employees.
D) A contract

An insurance policy that covers theft by a bonded employee.

Tests of controls are used to test whether controls are:
A) Operating effectively.
B) Implemented (placed in operation).
C) Properly accumulated into balance sheet totals.
D) Properly documented by the client.

Operating effectively.

Tests of controls are least likely to include:
A) Inquiries of appropriate client vendors.
B) Reperformance of a control.
C) Observation of the application of an accounting procedure.
D) Inspection of documents.

Inquiries of appropriate client vendors.

Which of the following is most likely to be considered an inherent limitation of a client's internal control?
A) Complexity of the information system.
B) Human errors.
C) Management's interest in a profitable enterprise.
D) An ineffective audit committee.

Human errors.

Which of the following is one of the most fundamental and effective controls?
A) Increased use of computers for recording accounting transactions.
B) Increased reliance on internal auditors to monitor accounting systems.
C) Segregation of incompatible dut

Segregation of incompatible duties across several people.

Control risk is most likely to be assessed at a level below the maximum when?
A) No tests of controls have been performed.
B) Tests of controls have been performed.
C) Externally generated evidence supports management's contentions relating to internal co

Tests of controls have been performed.

The results of the consideration of internal control are least likely to affect the auditors' decisions pertaining to:
A) The use of analytical procedures.
B) The assessment of control risk.
C) The assessment of inherent risk.
D) Detailed tests of ending

The assessment of inherent risk.

Which of the following is not an advantage of a computerized accounting system?
A) Computers process transactions uniformly.
B) Computers help alleviate human errors.
C) Computers can process many transactions quickly.
D) Computers leave a thorough audit

Computers leave a thorough audit trail which can be easily followed.

One of the greatest difficulties in auditing a computerized accounting system is:
A) Data can be erased from the computer with no visible evidence.
B) Because of the lack of an audit trail, computer systems have weaker controls and more substantive testin

Data can be erased from the computer with no visible evidence.

How have electronic data interchange (EDI) systems affected audits?
A) Since orders and billing transactions are done over the computer, source documents cannot be obtained.
B) Auditors often need to plan ahead to capture information about selected transa

Auditors often need to plan ahead to capture information about selected transactions over the EDI.

Since the computer can do many jobs simultaneously, segregation is not as defined as it is in a manual system. How can a computer system be modified to compensate for the lack of segregation of duties?
A) The computer system should be under the direction

Strong controls should be built into both the computer software and hardware to limit access and manipulation.

One key control in the organization of the information systems department is the:
A) Separation of the systems development group and the operations (data processing) group.
B) Operating personnel should strictly control access to the client's database.
C)

Separation of the systems development group and the operations (data processing) group.

Which of the following represent examples of general, application and user control activities, respectively, in the computer environment?
A) Control over access to programs, computer exception reports, and manual checks of computer output.
B) Manual check

Control over access to programs, computer exception reports, and manual checks of computer output.

When would an auditor typically not perform additional tests of a computer systems controls?
A) When the assessed level of control risk is at a minimum.
B) When computer controls appear to be strong and risk is at a minimum.
C) When controls appear to be

When controls appear to be weak.

When would "auditing around the computer" be appropriate?
A) When controls over the computer system are strong.
B) When controls over the computer system are non-existent.
C) When controls over the computer system are adequate.
D) It is never appropriate

When controls over the computer system are non-existent.

Which of the following would not be an appropriate procedure for testing the general control activities of an information system?
A) Inquiries of client personnel.
B) Inspecting computer logs.
C) Testing for the serial sequence of source documents.
D) Exa

Testing for the serial sequence of source documents.

If an auditor is using test data in a client's computer system to test the integrity of the systems output, which of the following type of controls is the auditor testing:
A) General controls.
B) User controls.
C) Quantitative test controls.
D) Applicatio

Application controls.

Which of the following is not a function of generalized audit software?
A) To aid in the random selection of transactions for substantive testing
B) To run in parallel with the client's application software and compare the output
C) To test the mathematic

To keep an independent log of access to the computer application software

Which of the following is not a computer-assisted audit technique?
A) Test data
B) Tagging and lagging
C) Integrated test facility
D) Program analysis

Tagging and lagging