Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
72 Cards in this Set
- Front
- Back
Although both the internal and external auditors are concerned with computerized systems, there are important differences in the goals of each type of auditor. true or false?: |
True
|
|
IT auditing involves evaluating the computer s role in achieving audit and control objectives.true or false?: |
True
|
|
An External auditor s main objective in reviewing information systems control procedures is to evaluate the risks to the integrity of accounting data presented in financial reports. true or false?: |
True |
|
After examining general controls and application controls in detail, compliance testing will be performed by the auditor to ensure that the controls are in place and working as prescribed.true or false?:
|
True
|
|
The less confidence auditors have in the internal controls results in less substantive testing.true or false?:
|
False
|
|
A disaster recovery plan can be a procedure to follow after a fire at the organizations computer site. It is a response to an event and is not viewed as an internal control procedure.true or false?:
|
False
|
|
The term "test data" is associated with:
|
Auditing through-the-computer
|
|
With parallel simulation, the auditor uses test input data.true or false?:
|
False
|
|
Continuous Auditing is becoming less popular.true or false?:
|
False
|
|
It governance is the process of using IT resources effectively to meet organizational objectives.true or false?:
|
True
|
|
Sarbanes-Oxley prohibits the practice of auditors participating in the creation of financial information systems design and implementation for non-audit clients.true or false?:
|
False |
|
The IP address is a numerical translation of the text-based domain address.true or false?:
|
True
|
|
Intranets are computer networks that use the same software as the internet but are internal to the organization.true or false?:
|
True
|
|
Developers typically create web pages in an editing language such as hypertext markup language (HTML).true or false?:
|
True
|
|
XBRL allows users to extract and compare financial data from many different companies.true or false?:
|
True
|
|
Electronic Data Interchange is the direct computer to computer exchange of business documents via a communications network such as the world wide web.true or false?:
|
True
|
|
Phishing describes an email that appears to be from a well-known company that gathers personal data for illegal purposes.true or false?:
|
True
|
|
All of the following are markup languages (that use edit tags) except:
|
XOR |
|
Early AIS primarily processed bookkeeping transactions.true or false?:
|
True
|
|
ERP systems architecture is configured around multiple databases.true or false?:
|
False
|
|
Peachtree is an AIS designed for which level of need?
|
Small business
|
|
Entry-level accounting programs usually include a chart of accounts that users can customize.true or false?:
|
True
|
|
Warning signals of the need for a company to upgrade its AIS might include dissatisfied vendors, customers, or employees'.true or false?:
|
True |
|
an IT auditor |
can either be internal or external |
|
accountants that special in fraud investigation, may work with the FBI, and provide type of assurance service |
forensic acctg
|
|
in determining the scope of an IT audit, the auditor should pay most attention to |
threats and risks |
|
auditing around the computer assumes that ? |
accurate output is sufficinet evidence that processing operations are appropiate |
|
an internal framework and model that encompasses an org's IT goverance and info technologies |
COBIT |
|
- they are specifically tailored to auditor tasks
- may be used for specific app areas, such as AR and inventory
- they allow auditors to manipulate files to extract and compare data
> these aspects related to what kind of software? |
generalized audit software (GAS) |
|
- parallel stimulation
- use of specialized control software
- continuous auditing
> auditing techniques for? |
auditing computerized AIS |
|
in auditing program change control, the IT auditor will |
ensure an org is following the process described in their docs for program chg control |
|
continuous auditing will likely become more popular as organizations ? |
will likely become more popular as organizations adopt XBRL in their financial reporting |
|
- IT goverance, which ties IT to organizational strategy, is increasingly important
- sec 404 of the sarbanes oxley act of 2002 created an increase in demand for both IT auditors and internal auditors
- third party assurance seals may provide some comfort to e-business customers regarding the security of online transactions
> these are current changes related to |
IT auditing today |
|
the primary objective of compliance testing is to determine whether |
controls are functioning as planned |
|
implementaion, follow-up, and maint of IT includes acquiring resources for thenew system.
true or false? |
false |
|
- is completed prior to detailed systems design
- includes economic, schedule, technical legal, and operational |
feasibility evaluation |
|
in devleoping and implementing IT, the study team and steering committee must consider org goasl. the goals include what? |
top mgmnt, op mgmnt, and gen systems goals |
|
prototyping, as an IT development approach, has both advantages and disadvantages. in general, prototyping is most appropiate when? |
there are high risks assoc with developing and implementing an ineffective system |
|
in selecting a new acctg info system, the steering committee should consider? |
- all expected costs and benefits, including maint and op costs
- support that a vendor can provide, including training,maint, and backup
- compatibility of a new system with exsisting systems |
|
provides a systems study team w/ an obj means for selecting a final AIS |
a point scoring analysis |
|
- prog evaluation and review tech (pert) allows mgmnt to determine the shortest time it will take to implement anew system and any slack time that might exisit btwn implementation activities
- an advantage of PERT is that it allows mgrs to identify the critical path in implementation
> these are aspects of?
- gantt charts are useful in scheduling and implementing IT because they allow you to indicate actual progress versus planned progress directly on the chart
|
managing IT projects |
|
when converting to a new system what conversion alt would be the most risky for a financial services firm? |
direct conversion |
|
which of the four stages in the systems dev life cycle is most likely to be the most costly for a new system? |
implementation, follow up, and maint |
|
what would be most helpful to mgrs of aproject where the precedence of activities is important? |
PERT |
|
contains only numbers |
IP address |
|
enables users to view data with a web browser |
-intranet - extranet - internet |
|
protocols for transmitting data over the internet |
- IP - HTTP |
|
markup languages that use edit tags |
-HTML -XML -XBRL |
|
acronyms (3) |
-HTML -Blog -XML |
|
XBRL is a subset of XML. true or false? |
true |
|
a document file containing XBRL tags |
instance doc |
|
a private point to point network |
VAN |
|
A VPN is a type of private network. true or false? |
true |
|
POSING AS AN AUTHENTIC USER TO GAIN ACCESS TO A COMPUTER SYSTEM |
spoofing |
|
low-end acctg softeare is increasingly complex and sophisticated. however software costing only a few hundred dollars is not likely to ? |
provide all the info needed to optimize customer and supplier relationships |
|
why might a small business owner hire a CPA firm or a software consultant to help select acctg software? |
- to train train employees to use software - to help the firm identify useful reports for decision making -to help with rescue/recovery needs should a disaster occur |
|
accounting software program that would be appropriate for a small business, sole prop w/ 20 employees |
netsuite |
|
may be purchased in modules that match various business processes |
midlevel acctg software |
|
a distinguing characteristic of ERP system |
low cost |
|
an org will need to upgrade to a new AIS if |
the co wants to begin doing business over the internet |
|
the highest cost assoc w/ a new AIS? |
IMPLEMENTING AND maintaining the new system |
|
in selecting a new AIS, A COMPANYS mgmnt should |
always consult w/ your acct during the decision process |
|
components of an ERP's architecture typically include |
a centralized database and app interfaces |
|
is a specialized accounting journal used in an accounting system to keep track of the sales of items that customers have purchased on account by charging a receivable on the debit side of an accounts receivable account and crediting revenue on the credit side |
sales journal |
|
is used for recording credit purchases such as merchandise for resale to customers, business supplies, equipment, and other such purchases. |
purchase journal |
|
is a specialized accounting journal used in an accounting system to keep track of the sales of items when cash is received, by crediting sales and debiting cash |
cash receipts journal |
|
is a journal used record and track all the cash payments or disbursements by a company. |
cash disbursments journal |
|
set a password for peachtree |
-click on Maintain - User Security. -The first user will have ADMINISTRATOR or full privileges . -Add a unique password. -User Names and Passwords are both Case Sensitive. - Once you are finished, and exit from your company, you will be then forced to enter a User Name and Password to be able to access Peachtree. |
|
create a sales order/journal after receiving a purchase order from a customer |
-either convert the sales quote or
-tasks > sales invoicing
- ref po# |
|
create a invoice after creating a sales order purchase order from a customer |
- tasks > sales/invoicing -update date, invoice #, and qty shipped -ref po#
|
|
record cash payment |
tasks > receive payment - apply the amount against the invoice - include check number |
|
record cash payment/disbursement |
task > make a payment |