7A. Computer Auditing.pdf

8 Pages
Unlock Document

Business Administration
BUS 426
Brad Bart

Module 7 Solutions Do Not Print Chapter 7 MC2 a. Incorrect. If business processes are not changed to make use of the new technology and address new control issues, it may increase business risk b. Incorrect. e-commerce activities expose a company to different kinds of events like security and inability to collect or deliver goods, that increases business risk c. Incorrect. Systems complexity and integration can increase the kinds of errors that occur in the system and how widely they spread to different part of the system d. Correct. Chapter 9 MC5 a. Incorrect. The programmer creates the code. b. Incorrect. The DP manager is the executive. c. Correct. The systems analyst designs systems. d. Incorrect. The internal auditor monitors systems. MC6 a. Correct. The control group monitors error reports. b. Incorrect. Systems analyst designs systems. c. Incorrect. Supervisor of operations is a computer room employee. d. Incorrect. Programmer writes code. MC7 a. Incorrect. Record totals suggest dollar amounts. b. Correct. Hash totals involve nondollar totals. 1 c. Incorrect. Data totals suggest dollar amounts. d. Incorrect. Field totals suggest dollar amounts. MC8 a. Incorrect. Wrong arithmetic, see d. b. Incorrect. Wrong arithmetic, see d. c. Incorrect. Wrong arithmetic, see d. d. Correct. Cash deposits + discounts = payments credit to receivables. MC13 a. Incorrect. This is a software function. b. Incorrect. This is a programmer function. c. Incorrect. This is an input control function. d. Correct. This is an automated hardware function. MC14 a. Correct. A payroll processing program is "user" software. b. Incorrect. The operating system program is a "system" program. c. Incorrect. Data management system software is a "system" program. d. Incorrect. Utility programs are "system" programs. MC20 a. Incorrect. Compilers convert the programmers' source code to machine readable code. b. Incorrect. Supervisory programs police the use of hardware. c. Correct. Utility programs are general-purpose programs. d. Incorrect. User programs are the application programs. 2 EP4 Online sales, audit procedures a) The question requires one to consider how data entry controls can be designed in a setting where customers input their own order data. Some examples of controls include: Ranges of entry amount limits Playback of data entry for check by data entry customer and confirmation before updating the order system Valid data checks, e.g. credit cards start with certain numbers and have a certain number of digits, phone numbers and email addresses have certain features, etc. b) As the controls probably leave no documentary evidence observation and enquiry would be used to establish that effective control exist. CAATs would be used to test other control procedures that are performed by the IT itself. EP9 Testing computer processing a) The statement is reasonable as long as the auditor can obtain reasonable assurance that all invoices in the audit period are produced under exactly the same conditi ons. The possibility for errors always exists even if a process is computerized, for example the data entered for processing could be such that the program does not process it properly (e.g. a 5 digit entry is made but the computer is only programmed to read four digits and ignores the fifth one, or the ‘Y2K’ type of problem). So, while not a lot is gained by randomly sampling the population with statistical methods, this does not mean that no errors can occur. If in fact the program is producing the wrong calculations, the extent of the resulting error will likely be huge. b) The case scenario suggests there is a risk that the program 3 may have changed during the period. Statistical testing of transactions from different periods could identify a program change that had an impact on the output amounts, which could result in a misstatement in the financial statements. EP11 Control risk assessment, online input The question requires one to apply principles of control to a non-business situation. The response requires one to consider the objectives of tax return filing more generally, what can go wrong in terms of efficiency, accuracy and appropriateness of tax information submitted, and then identify how the e-file system may provide greater control and eff iciency, and what new risks it might introduce. DC1 Back-up procedures, impact on internal control risk The case involves auditee company procedures for backing up computer files, and the implications of this on internal control risk. Management’s cost-benefit decision has resulted in a system that appears to operate well enough considering t
More Less

Related notes for BUS 426

Log In


Join OneClass

Access over 10 million pages of study
documents for 1.3 million courses.

Sign up

Join to view


By registering, I agree to the Terms and Privacy Policies
Already have an account?
Just a few more details

So we can recommend you notes for your school.

Reset Password

Please enter below the email address you registered with and we will send you a link to reset your password.

Add your courses

Get notes from the top students in your class.