When companies use information technology (IT) extensively, evidence may be available only in electronic form. What is an auditor's best course of action in such situations?
A. Assess the control risk as high.
B. Use audit software to perform analytical procedures.
C. Use generalized audit software to extract evidence from client databases.
D. Perform limited tests of controls over electronic data.
Correct Answer: C
Explanation: Choice "c" is correct. When companies use information technology (IT) extensively and evidence is available only in electronic form, generalized audit software packages generate the programs necessary to interrogate the files and extract and analyze the data. Choice "a" is incorrect. The use of information technology does not automatically imply that control risk is high. The auditor would need to evaluate the client's controls to make this determination. Choice "b" is incorrect. Although audit software might be used to perform analytical procedures, the data would first need to be extracted from the client's system. A generalized audit software package is the best way to do this. Choice "d" is incorrect. If information technology is used extensively, the auditor would likely perform more than limited tests of controls over electronic data.
Question 822:
When an auditor tests the internal controls of a computerized accounting system, which of the following is true of the test data approach?
A. Test data are coded to a dummy subsidiary so they can be extracted from the system under actual operating conditions.
B. Test data programs need not be tailor-made by the auditor for each client's computer applications.
C. Test data programs usually consist of all possible valid and invalid conditions regarding compliance with internal controls.
D. Test data are processed with the client's computer and the results are compared with the auditor's predetermined results.
Correct Answer: D
Explanation: Choice "d" is correct. The test data approach refers to a technique in which the client's application program is used to process a set of test data, the results of which are already known by the auditor. If the client's program is operating effectively, it should generate the same results determined by the auditor. Choice "a" is incorrect. An integrated test facility (not a test data approach) utilizes dummy accounts. For example, using an integrated test facility (ITF) approach, test data is initially commingled with live data, but coding to a dummy account allows later extraction from the system under actual operating conditions. Choice "b" is incorrect. Test data programs should be tailor-made by the auditor for each client's computer applications, to ensure that the data is in an appropriate form for that client's system, and that it includes the types of invalid conditions in which the auditor is interested. Choice "c" is incorrect. Test data contains the types of valid and invalid conditions in which the auditor is interested (it is not necessary to test all combinations of valid and invalid conditions).
Question 823:
When conducting field work for a physical inventory, an auditor cannot perform which of the following steps using a generalized audit software package?
A. Observing inventory.
B. Selecting sample items of inventory.
C. Analyzing data resulting from inventory.
D. Recalculating balances in inventory reports.
Correct Answer: A
Explanation:
Choice "a" is correct. A generalized audit software package (GASP) is used to perform tests directly on a
client's system. Since observing inventory involves personal observations made by the auditor, and is
unrelated to the client's system, a GASP would not be useful in this regard.
Choice "b" is incorrect. Generalized audit software packages (GASPs) are used to perform tests directly on
a client's system. Tasks typically performed by GASPs include selecting items that meet specified criteria.
Choice "c" is incorrect. Generalized audit software packages (GASPs) are used to perform tests directly on
a client's system. Tasks typically performed by GASPs include performing statistical analysis of data.
Choice "d" is incorrect. Generalized audit software packages (GASPs) are used to perform tests directly on
a client's system. Tasks typically performed by GASPs include recalculating amounts and totals.
Question 824:
A client that recently installed a new accounts payable system assigned employees a user identification code (UIC) and a separate password. Each UIC is a person's name, and the individual's password is the same as the UIC. Users are not required to change their passwords at initial log-in nor do passwords ever expire. Which of the following statements does not reflect a limitation of the client's computer access control?
A. Employees can easily guess fellow employees' passwords.
B. Employees are not required to change passwords.
C. Employees can circumvent procedures to segregate duties.
D. Employees are not required to take regular vacations.
Correct Answer: D
Explanation:
Choice "d" is correct. The requirement that employees take regular vacations is a good internal control, but
it is unrelated to computer-access controls.
Choice "a" is incorrect. Using employee's names as their passwords is an ineffective computer-access
control, because passwords are easily guessed.
Choice "b" is incorrect. It would be acceptable to assign employee names as passwords, as long as the
employees were required to change their passwords at initial log-in as well as periodically in the future.
The fact that this requirement is not in place is a limitation of the client's computer-access controls.
Choice "c" is incorrect. If password controls are used to segregate the duties of individual employees,
using employee names as passwords allows an employee to circumvent this segregation by logging in with
another employee's password.
Question 825:
An auditor would least likely use computer software to:
A. Construct parallel simulations.
B. Access client data files.
C. Prepare spreadsheets.
D. Assess EDP control risk.
Correct Answer: D
Explanation:
Choice "d" is correct. The assessment of control risk is based on auditor judgment. A computer cannot
replace professional auditor judgment in assessing control risk.
Choice "a" is incorrect. Computer software would be used when constructing parallel simulations.
Parallel simulation involves taking the client's data and reprocessing it using the auditor's equipment and
software.
Choice "b" is incorrect. The auditor would use generalized audit software or retrieval package software to
access client data files.
Choice "c" is incorrect. The auditor would most likely use some sort of software to prepare spreadsheets.
Question 826:
Which of the following statements is not true of the test data approach to testing an accounting system?
A. Test data are processed by the client's computer programs under the auditor's control.
B. The test data need consist of only those valid and invalid conditions that interest the auditor.
C. Only one transaction of each type need be tested.
D. The test data must consist of all possible valid and invalid conditions.
Correct Answer: D
Explanation:
Choice "d" is correct. While the auditor will frequently use many valid and invalid conditions, it is not
feasible to test every possible valid and invalid condition using a test data approach.
Choice "a" is incorrect. Test data consists of a set of fictitious entries or inputs that are processed through
the client's computer system under the control of the auditor.
Choice "b" is incorrect. The auditor need only include valid and invalid conditions that interest the auditor. Choice "c" is incorrect. Only one transaction of each type need be tested, as the system should process similar transactions in a consistent manner.
Question 827:
Using microcomputers in auditing may affect the methods used to review the work of staff assistants because:
A. The audit fieldwork standards for supervision may differ.
B. Documenting the supervisory review may require assistance of consulting services personnel.
C. Supervisory personnel may not have an understanding of the capabilities and limitations of microcomputers.
D. Audit documentation may not contain readily observable details of calculations.
Correct Answer: D
Explanation: Choice "d" is correct. When using microcomputers in an auditing task, audit documentation may not contain readily observable details of calculations (e.g., present value calculations). In order to review assistants' work, a supervisor may have to examine the formulas used on the microcomputer rather than simply examining the audit documentation. Choice "a" is incorrect. The standards of fieldwork, specifically planning and supervision, would not change with the use of microcomputers on the audit. Choice "b" is incorrect. Consulting service personnel should not be necessary to document the supervisory review. Choice "c" is incorrect. The familiarity of supervisory personnel with the capabilities and limitations of microcomputers would not have an effect on the review process.
Question 828:
An auditor most likely would introduce test data into a computerized payroll system to test internal controls related to the:
A. Existence of unclaimed payroll checks held by supervisors.
B. Early cashing of payroll checks by employees.
C. Discovery of invalid employee I.D. numbers.
D. Proper approval of overtime by supervisors.
Correct Answer: C
Explanation: Choice "c" is correct. Test data allows the auditor to determine whether adequate controls exist over data processing. Test data consists of fictitious entries or inputs that are processed through the client's computer system under the control of the auditor. The client's computerized payroll system should have adequate controls to prevent input of invalid employee ID numbers. Choice "a" is incorrect. This control does not involve the client's computer system and therefore cannot be tested using test data. Choice "b" is incorrect. This control does not involve the client's computer system and therefore cannot be tested using test data. Choice "d" is incorrect. This control does not involve the client's computer system and therefore cannot be tested using test data.
Question 829:
Which of the following statements most likely represents a disadvantage for an entity that keeps microcomputer-prepared data files rather than manually prepared files?
A. Attention is focused on the accuracy of the programming process rather than errors in individual transactions.
B. It is usually easier for unauthorized persons to access and alter the files.
C. Random error associated with processing similar transactions in different ways is usually greater.
D. It is usually more difficult to compare recorded accountability with physical count of assets.
Correct Answer: B
Explanation:
Choice "b" is correct. It is easier to access and alter microcomputer data files than manually prepared data
files. Microcomputer access security is difficult to maintain because of the increased number of data entry
points and the potential ability to defeat access controls.
Choice "a" is incorrect. Once the programs are written, the focus will still be on the accuracy of the
transactions.
Choice "c" is incorrect. One of the benefits of an automated system over a manual system is the removal
of random errors from the process. (Instead, systematic errors are more common.)
Choice "d" is incorrect. There is no significant difference between comparing physical counts with
accounting records kept either manually or on an automated system.
Question 830:
When an auditor tests a computerized accounting system, which of the following is true of the test data approach?
A. Several transactions of each type must be tested.
B. Test data are processed by the client's computer programs under the auditor's control.
C. Test data must consist of all possible valid and invalid conditions.
D. The program tested is different from the program used throughout the year by the client.
Correct Answer: B
Explanation:
Choice "b" is correct. Test data consists of "dummy" data run through the client's computer system. The
data should be processed under the auditor's control.
Choice "a" is incorrect. Only transactions that the auditor wishes to test must be used.
Choice "c" is incorrect. While the auditor will frequently use many valid and invalid conditions, it is not
feasible to test every possible valid and invalid condition using a test data approach.
Choice "d" is incorrect. The objective of the test data approach is to test programs that the client uses to
process data. Using different programs defeats the primary purpose of the test.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only AICPA exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CPA-TEST exam preparations and AICPA certification application, do not hesitate to visit our Vcedump.com to find your solutions here.