1-When using the test data approach,

Select one:

a. the test data must remain in the client's records.

b. auditors often obtain assistance from a computer audit specialist.

c. auditors process test data supplied by the client.

d. the tests must be performed at the end of the year.

2.Which of the following is a component of general controls?

Select one:

a. input controls

b. output controls

c. processing controls

d. back-up and contingency planning

3. If the results of tests of controls support the design and operations of controls as expected, the auditor uses ________ control risk as the preliminary assessment.

Select one:

a. a higher

b. either a lower or higher

c. a lower

d. the same

4. Tests of controls

Select one:

a. are performed at the end of the audit.

b. are used to support the ending balances in the balance sheet and income statement accounts.

c. are designed to detect fraud.

d. are the procedures used to test the effectiveness of controls in support of a reduced assessed control risk.

5.Which of the following is the correct definition of "control deficiency"?

Select one:

a. A control deficiency exists if the design or operation of controls results in a more than probable likelihood that controls will prevent or detect misstatements.

b. A control deficiency exists if one or more deficiencies exist that adversely affect a company's ability to prepare external financial statements reliably.

c. A control deficiency exists if the design or operation of controls results in a more than remote likelihood that controls will not prevent or detect misstatements.

d. A control deficiency exists if the design or operation of controls does not permit company personnel to prevent or detect misstatements on a timely basis.

6.How must significant deficiencies and material weaknesses be communicated to those charged with governance?

Select one:

a. Written communication is required.

b. Written communication is required for material weaknesses, but oral communication is allowed for significant deficiencies.

c. Either oral or written communication is acceptable.

d. Oral communication is required.

7. he ________ is helpful in preventing classification errors if it accurately describes which type of transaction should be in each account.

Select one:

a. general journal

b. trial balance

c. chart of accounts

d. general ledger

8.When dealing with the administration of the IT function and the segregation of IT duties

Select one:

a. in complex environments, management may establish IT steering committees.

b. the board of directors should not get involved in IT decisions since it is a routine function handled by middle management.

c. in large organizations, management should assign technology issues to outside consultants.

d. programmers should investigate all security breaches.

9. Sarbanes-Oxley requires management to issue an internal control report that includes two specific items. Which of the following is one of these two requirements?

Select one:

a. a statement that management is responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting

b. a statement that management and the board of directors are jointly responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting

c. a statement that the external auditors are solely responsible for establishing and maintaining an adequate system of internal control

d. a statement that management, the board of directors, and the external auditors are jointly responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting

10.Controls that are designed for each software application and are intended to help a company satisfy the transaction-related audit objectives are

Select one:

a. general controls.

b. audit controls.

c. user controls.

d. application controls.

11.Which of the following computer-assisted auditing techniques inserts an audit module in the client's application system to identify specific types of transactions?

Select one:

a. embedded audit module

b. test data approach

c. parallel simulation testing

d. generalized audit software testing

12.Which of the following may represent the biggest challenge smaller public companies and nonpublic companies face in implementing effective internal control?

Select one:

a. a lack of adequate documents and records

b. no clear lines of authority

c. no adequate separation of duties

d. a lack of competent, trustworthy personnel

13.Reasonable assurance allows for

Select one:

a. low likelihood that material misstatements will not be prevented or detected by internal controls.

b. no likelihood that material misstatements will not be prevented or detected by internal control.

c. high likelihood that material misstatements will not be prevented or detected by internal control.

d. moderate likelihood that material misstatements will not be prevented or detected by internal control.

14.Without an effective ________, the other components of the COSO framework are unlikely to result in effective internal control, regardless of their quality.

Select one:

a. system of control activities

b. control environment

c. monitoring policy

d. risk assessment policy

15.Which of the following best describes the purpose of control activities?

Select one:

a. activities that deal with the ongoing assessment of the quality of internal control by management

b. the actions, policies and procedures that reflect the overall attitudes of management

c. the policies and procedures that help ensure that necessary actions are taken to address risks to the achievement of the entity's objectives

d. the identification and analysis of risks relevant to the preparation of financial statements

16.Internal controls can never be regarded as completely effective. Even if company personnel could design an ideal system, its effectiveness depends on the

Select one:

a. ability of the internal audit staff to maintain it.

b. proper implementation by management.

c. adequacy of the computer system.

d. competency and dependability of the people using it.

17.The auditor should identify and include only ________ controls since they will be sufficient to achieve the transaction-related audit objectives and will also provide audit efficiency.

Select one:

a. compensating

b. material

c. key

d. significant

18.Which of the following is not one of the subcomponents of the control environment?

Select one:

a. organizational structure

b. commitment to competence

c. management's philosophy and operating style

d. adequate separation of duties

19.Which of the following statements related to application controls is correct?

Select one:

a. Application controls relate to the processing of individual transactions.

b. Application controls relate to all aspects of the IT function.

c. Application controls relate to various aspects of the IT function including physical security and the processing of transactions in various cycles.

d. Application controls relate to various aspects of the IT function including software acquisition and the processing of transactions.

20. A database management system

Select one:

a. stores data on different files for different purposes, but always knows where they are and how to retrieve them.

b. allows quick retrieval of data, but at a cost of inefficient use of file space.

c. allows quick retrieval of data, but it needs to update files continually.

d. allows clients to create databases that include information that can be shared across multiple applications.