II-B Conduct Specific Engagements Answers

Powers CIA Review
a. CIA May 90 I.5

Correct Answer is (A)
Answer (a) is correct. According to the
Standards, the purpose from reviewing the
effectiveness of the system of internal control is
to ascertain whether the system is functioning
as intended.
Not (b).
Not (c).
Not (d).
b. CIA May 87 I.17
Answer (a) is correct. By definition, an
operational audit is an audit to test whether the
functions within the organization are effective in
achieving their obectives, and are operating
efficiently and economically. !herefore, the
auditors must understand the auditee"s
departmental obectives in order to establish
the obectives for an operational audit.
Not (b) because the most recent financial data
is more relevant to a financial audit than to an
operational audit.
Not (c) because activity reports showing rental
information is more relevant to a financial audit
than to an operational audit.
Not (d) because a complete listing of the
perpetual inventory is more relevant to a
financial audit than to an operational audit.
c. CIA Nov 84 I.14
Correct Answer is (B)
Not (a) because the reliability and integrity of
financial information are important in
operational auditing. #nformation systems
provide data for decision ma$ing, control, and
compliance with e%ternal re&uirements.
Answer (b) is correct. 'inancial auditing is
primarily concerned with providing an opinion
on the fairness of the financial statements while
operational auditing evaluates the
accomplishment of established goals and
obectives, and the economical and efficient
use of resources in accomplishing the
established goals and obectives.
Not (c) because financial statements are the
starting point in financial auditing rather than
operational auditing.
Not (d) because analytical s$ills and tools are
necessary in all types of audits.
d. CIA May 87 I.!
Not (a) because determining that employees
are paid in accordance with union wages would
be an obective for a compliance audit.
Answer (b) is correct. (etermining that
employees are assigned to wor$ situations
e&uivalent to their training and s$ill level relates
to minimizing labor costs because the
assignment of employees to tas$s not
commensurate with their s$ills, specifically far
less than their abilities)s$ills, may result in
e%cess labor costs.
Not (c) because determining that the &uality of
performance by labor meets the company
standards would be an obective for
effectiveness of the company*s use of labor
resources.
Not (d) because determining that only
authorized employees are paid relates to the
obective of e%istence of employees on the
payroll.
+, B-!4
. /001 2owers 3esources 4orporation5.
All rights reserved
Powers CIA Review
e. CIA Nov 94 I.!
Answer (a) is correct. A compliance audit of
overtime policy is li$ely to be the most obective
audit because the audit is comparing actual
operations against specific management
policies and procedures, which are li$ely to be
well defined and documented.
Not (b) because an operational audit of the
personnel function hiring and firing procedures
is relatively subective since there is often more
than one way to establish operational
procedures.
Not (c) because a performance audit of the
mar$eting department is relatively subective
since the criteria to evaluate performance must
be agreed upon.
Not (d) because a financial control audit over
payroll procedures is relatively subective since
there is often more than one way to establish
operational procedures.
". CIA Nov 88 I.1
Correct Answer is (C)
Not (a).
Not (b).
Answer (c) is correct. By definition, an
operational audit is an audit to test whether the
functions within the organization are effective in
achieving their obectives, and are operating
efficiently and economically. (etermining that
the mar$eting department has the
organizational status needed to accomplish its
obectives and operates in a manner that is
cost-beneficial to the company would be
obectives of an operational audit of the
mar$eting department.
Not (d).
#. CIA May 89 I.1
Not (a).
Not (b).
Answer (c) is correct. #nternal auditors review
information systems to test the security and
integrity of data processing systems in addition
to the data generated by those systems. !his
includes determining that financial and
operating records and reports contain accurate,
reliable, timely, complete, and useful
information.
Not (d).
$. CIA Nov 90 I.17
Answer (a) is correct. 2rogram-results audits
e%amine effectiveness (outputs)results) by
analyzing how the inputs are converted.
Not (b) because see$ing cost savings is in
audits of economy and efficiency.
Not (c) because including only historical data is
in financial and compliance audits.
Not (d) because e%pressing an opinion on the
fairness of financial presentation is an obective
of a financial audit.
+, B-!5
All rights reserved
Powers CIA Review
i. CIA May 90 I.1
Not (a) because approving obectives or goals
to be met is a managerial function.
Answer (b) is correct. #nternal auditors can
provide assistance to managers who are
developing obectives and goals by determining
if the underlying assumptions are appropriate.
(etermination whether the underlying
assumptions are appropriate provides for an
opinion and not an actual e%ecutive or decision
function and thus an internal audit function.
Not (c) because developing and implementing
control procedures is management*s
responsibility.
Not (d) because accomplishing desired
operating program results is management*s
responsibility.
%. CIA May 91 I.1
Answer (a) is correct. By definition, 6#nternal
auditing is an independent, obective
assurance and consulting activity designed to
add value and improve an organization"s
operations. #t helps an organization accomplish
its obectives by bringing a systematic,
disciplined approach to evaluate and improve
the effectiveness of ris$ management, control,
and governance processes6. !herefore,
internal auditing assists members of the
organization in the effective discharge of their
responsibilities.
Not (b) because internal auditing usually gives
an opinion on designs and implementation of
accounting and control systems, but does not
directly assist in the process. Although
performed in some cases, assisting in the
design and implementation of accounting and
control systems would impair the obectivity of
internal auditing. #n any case, this would only
be a limited scope of internal auditing. #nternal
auditing has a far broader scope.
Not (c) because the scope of internal auditing
is much broader than e%amining and evaluating
an organization"s accounting system.
Not (d) because the obective of internal
auditing is to serve the organization rather than
the e%ternal auditors.
&. CIA Nov 91 I.10
Not (a).
Answer (b) is correct. !he goal of an
operational audit is to assess current
performance and ma$e appropriate
recommendations for improvement.
Not (c).
Not (d).
All rights reserved
+, B-!!
Powers CIA Review
'. CIA May 9 I.9
Answer (a) is correct. #nternal auditors are
more familiar with the organization, including
systems, people, and obectives. Standard 710,
Scope of wor$, 8conomical and efficient 9se of
3esources.
Not (b) because both internal and e%ternal
auditors are re&uired to be obective.
Not (c) because internal and e%ternal Auditors
use the same techni&ues.
Not (d) because internal auditors will be
concerned with fraud and waste.
(. CIA Nov 9! I.7
Answer (a) is correct. !he auditor is
determining whether the participants are in
compliance with the program*s eligibility
re&uirements.
Not (b).
Not (c).
Not (d).
n. CIA Nov 9! I.8
Not (a) because the internal auditor should
determine whether the budget was reviewed
and approved by supervisory personnel within
the city as this relates to the obectives
established in the regulation.
Answer (b) is correct. !he regulation set by
the granting agency states that the city should
establish a budget in a manner consistent with
the obectives of the program. !here is no such
re&uirement for the granting agency to review
and approve the budget.
Not (c) because this procedure would help
determine whether the budget is adhered to,
i.e. all e%penses were charged to the
appropriate accounts, and the accounts are all
in accordance with the budgets.
Not (d) because this procedure determines
whether the budget is adhered too in
accordance with the approved budget.
o. CIA Nov 9! I.9
Correct Answer is ())
Not (a) Because these individuals should be
familiar with the applicable laws and
regulations and would provide the auditor with
relevant information.
Not (b) because reviewing prior year*s wor$ing
papers and in&uiring about changes would
allow the auditor to benefit from prior audit*s
research.
Not (c) because the grant agreements will often
contain references to the applicable laws and
regulations.
Answer (d) is correct. (iscussing the matter
with the audit committee would be least
effective because the audit committee would
not be responsible for understanding all the
underlying laws and regulations. 'urther, the
audit committee*s obectives for the audit do
not help the auditor understand the applicable
laws and regulations.
+, B-!7
All rights reserved
Powers CIA Review
*. CIA Nov 88 II.+
Answer (a) is correct. :anagement is
responsible for setting operating standards.
#nternal auditors are responsible for
determining that (;) such standards have been
established, (/) the standards are being met,
(7) deviations are being identified and
communicated, and (1) corrective action has
been ta$en.
Not (b) because verifying e%istence relates to
the safeguarding of assets.
Not (c) because the reliability of operating
information and the accuracy of asset valuation
concern the reliability and integrity of
information.
Not (d) because the reliability of operating
information and the accuracy of asset valuation
concern the reliability and integrity of
information.
,. CIA May 9 II.1
Not (a) because a program results auditing
addresses accomplishment of program
obectives.
Not (b) because financial auditing addresses
accuracy of financial records.
Not (c) because compliance auditing
addresses compliance with re&uirements,
including legal and regulatory re&uirement.
Answer (d) is correct. <perational auditing is
most li$ely to address a determination of cost
savings by focusing on economy and efficiency.
r. CIA Nov 9! III.+0
Not (a).
Not (b).
Not (c).
Answer (d) is correct. By definition, 6#nternal
auditing is an independent, obective
assurance and consulting activity designed to
add value and improve an organization"s
operations. #t helps an organization accomplish
its obectives by bringing a systematic,
disciplined approach to evaluate and improve
the effectiveness of ris$ management, control,
and governance processes6.
s. CIA May 90 III.+7
Answer (a) is correct. Since each 24 in the
networ$ can send or receive electronic mail to
or from any other 24 via the minicomputer
(which is the central controller), such networ$ is
called start networ$. #n a star networ$ (also
called star topology), all stations are directly
connected to a centralized controller.
!ransmissions go through the central controller
and then diverted to the related station.
Not (b) because in a ring topology (also called
ring networ$) the stations are connected to
each other to form a loop. !ransmissions are
received by each station and then transmitted
to the ne%t station in the ring. !here is no
central computer that diverts transmissions to
the stations in this type of networ$.
Not (c) because an irregular networ$ has the
properties of both star and ring networ$s.
Not (d) because there is no networ$
configuration called loop networ$. !he
appropriate terminology is ring networ$.
All rights reserved
+, B-!8
Powers CIA Review
t. CIA May 97 III.!9
Not (a) because there is no limitation on the
number of access ports.
Answer (b) is correct. !he most difficult
aspect of using #nternet resources is locating
the best information given the large number of
information sources on the world wide web.
Not (c) because the only e&uipment re&uired
for accessing #nternet resources is a computer,
a modem, a telephone line, and basic
communication software.
Not (d) because organizations routinely provide
#nternet access to their employees, and
individuals can obtain access through
individual subscriptions to commercial
information service providers.
-. CIA May 90 III.+9
Not (a) because system # is an e%ample of a
centralized facility.
Answer (b) is correct. A minicomputer tied to
;= intelligent wor$stations is an e%ample of a
distributed system. A distributed system
combines the features of centralized and
decentralized facilities> users have their own
computers that perform some processing? in
addition, some computers are tied to a remote
terminal that performs other processing
functions. #t is beneficial to distinguish between
a decentralized and a distributed facility. #n a
decentralized facility, a separate computer
facility is established to service the needs of
each maor department or unit in an
organization. #n a distributed facility, these
computer facilities are interconnected as in the
given e%ample.
Not (c) because system # is an e%ample of a
centralized facility while system ## is an
e%ample of a distributed facility.
Not (d) because system # is an e%ample of a
centralized facility while system ## is an
e%ample of a distributed facility.
v. CIA Nov 90 III.0
Answer (a) is correct. 8lectronic mail system
has those features that the other systems do
not have. An electronic mail system enables
the user to use features as Answer, 8dit,
'orward, Send, 3ead, and 2rint among many
other features.
Not (b) because a voice store-and-forward
system lac$s 3ead and 2rint capability.
Not (c) because, a des$top publishing system
provides only 8dit and 2rint features.
Not (d) because a digital communications
system refers to a method of transmission
(digital transmission).
w. CIA May 9 III.!
Answer (a) is correct. A local area networ$
(@AN) is the appropriate type of networ$. @ocal
area networ$s connect computers with other
computers, peripherals (e.g. printers, plotters)
and wor$stations that are fairly close in
pro%imity such as in a building or multiple
buildings within a campus.
Not (b) because ,ide area networ$s (,ANs)
provide communication over long distance.
Not (c) because, this is a distracter. !he term
6end user6 is not a type of networ$.
Not (d) because Baseband networ$ is a term
used to describe the communication between
terminals in most local area networ$s.
Basebands are used only for data
communications? such types of networ$s are
very slow in data transmission.
.. CIA Nov 9+ III.+
Answer (a) is correct. #n a star networ$ (also
called star topology), all stations (nodes) are
directly connected to a centralized controller.
!he centralized controller controls the networ$
and all nodes and all transmissions go through
the central controller and then diverted to the
+, B-!9
All rights reserved
Powers CIA Review
related station.
Not (b) because in a ring networ$ (also called
ring topology) the stations are connected to
each other to form a loop. !ransmissions are
received by each station and then transmitted
to the ne%t station in the ring. !here is no
central computer that diverts transmissions to
the stations in this type of networ$.
Not (c) because in a bus networ$ (also called
bus topology), all stations are connected to one
communications channel. 8ach station gets a
copy of the transmission that will be processed
(if addressed to the particular station) or
ignored (if addressed to another station).
Not (d) because synchronous is a
communications protocol (type of data
transmission) where characters are sent at a
fi%ed rate by synchronizing the transmitting and
receiving devices.
y. CIA Nov 9+ III.9
Not (a) because a self-contained minicomputer
with terminals would be unable to communicate
with the corporate computer for file in&uiry and
downloading.
Not (b) because personal computers with a
terminal emulator would be unable to access
other departments" machines.
Not (c) because personal computers in a stand-
alone @AN would be unable to access
corporate files.
Answer (d) is correct. 2ersonal computers in
a @AN with a gateway would be able to access
to departmental laser printers (via the @AN),
electronic mail with each other (via the @AN)
and employees in other departments and other
plants (via the @AN through the gateway to the
corporate computer), and file in&uiry and
downloading of corporate files (through the
gateway to the corporate computer). A gateway
is a device that acts as a protocol converter,
e.g. connecting @AN to mainframe or a @AN to
the internet.
/. CIA May 94 III.+
Answer (a) is correct. A networ$ interface
card lin$s microcomputers and printers
together in a local area networ$ that is
connected by coa%ial cable, twisted pair, or
optical fiber. !he card creates an address for
the microcomputer, transmits data, and
monitors incoming messages (e.g. 8thernet
card).
Not (b) because modems are used to connect
microcomputers to regular telephone lines.
Not (c) because modems are used to connect
Not (d) because modems are used to connect
aa. CIA Nov 94 III.0
Not (a) because long-range business plans is a
central aspect of strategic decisions.
Not (b) because support of daily business
operations is an important aspect of strategic
decisions.
Not (c) because measurement of plan
fulfillment is essential to management"s
evaluation of the system.
Answer (d) is correct. 4utting operating costs,
by itself, is the least important issue concerning
the e%pansion of its e%isting local area networ$
All rights reserved
+, B-70
Powers CIA Review
(@AN). !he payoff that would result from the
e%pansion i.e. the company*s return on its
investment is a more relevant strategic
consideration.
bb. CIA Nov 94 III.1
Not (a) because cabling (the
telecommunications lin$) is the medium
through which the terminals are lin$ed in a
@AN.
Answer (b) is correct. A server manages the
@AN*s resources. A file server is the device that
stores program and data files for users of the
@AN? it is one type of server.
Not (c) because a networ$ gateway connects
the @AN to other networ$s. A gateway is a
device that acts as a protocol converter, e.g.
connecting @AN to mainframe or a @AN to the
internet.
Not (d) because a wor$station that is dedicated
to a single user is a client.
cc. CIA Nov 95 III.!
Not (a) because AANs normally act as a
clearinghouse and storage house for
communications between different
organizations.
Not (b) because AANs provide a common
communication interface, thus eliminating the
need for each company to establish
independent communication with each of its
trading partners.
Not (c) because AANs establish logs of
transactions as a basis for record $eeping and
audit trail.
Answer (d) is correct. 4ompanies must
purchase their own software to translate to a
national standard protocol (either ANS# B.;/ in
the 9.S. or 8(#'A4! in 8urope and most of the
rest of the world). <nce the data are in the
standard format, the AAN handles all aspects
of the communication. Aalue-Added Networ$
(AAN) is a private owned type of networ$ that
provides services such as data storage and
access to specialized databases for a fee.
<rganizations implementing 8(# would utilize
AANs.
dd. CIA Nov 9! III.5!
Answer (a) is correct. Cateways connect
#nternet computers of dissimilar networ$s. A
gateway is a device that acts as a protocol
converter, e.g. connecting @AN to mainframe or
a @AN to the internet.
Not (b) because bridges are devices that
connect physically two independent @AN"s.
Not (c) because repeaters are devices that
regenerate and transmit signals between
segments of a networ$ to strengthen data
signals between distant computers.
Not (d) because routers are devices that route
information pac$ets in accordance with the
address and the intended destinations of the
pac$s by determining the best path for data.
ee. CIA Nov 9! III.59
Not (a) because dedicated phone lines would
not be cost effective or available to field agents.
Not (b) because, field agents would not always
be located at the same phone line to permit
dialup call bac$ usage. #n addition, callbac$
features are a type of access controls and are
not controls for securing data transmission.
Not (c) because passwords are a type of
access controls and are not controls for
securing data transmission. #n addition,
passwords may be compromised by computer
software.
Answer (d) is correct. 8ncryption of data to be
transmitted through the networ$ would best
secure data while being transmitted. 8ncryption
+, B-71
All rights reserved
Powers CIA Review
is the encoding of sensitive data using
mathematical algorithms so that data becomes
incomprehensible. (ecryption will retrieve the
data to its comprehensible form.
"". CIA Nov 9! III.71
Not (a) because private ,ide Area Networ$ is
one that an individual business firm maintains
for its own use.
Not (b) because #ntegrated Services (igital
Networ$ (#S(N) is an international standard for
transmitting voice, video, and data over phone
lines.
Not (c) because a Aalue-Added Networ$ is a
data-only, multi-path, third-party managed
networ$.
Answer (d) is correct. A Airtual 2rivate
Networ$ (A2N) is a carrier-provided service in
which the public switched networ$ provides
capabilities similar to those of dedicated private
lines but at a lower cost.
##. CIA Nov 9! III.7
Answer (a) is correct. A number of
bottlenec$s (e.g. in-house analog technology)
may limit the benefits that can be derived from
the e%ternal networ$. !o prepare the company
for changes resulting from the enhanced
e%ternal networ$ services management should
optimize in-house networ$s to avoid such
bottlenec$s.
Not (b) because resistance to change, infle%ible
organizational structures, and s$epticism of the
technology should be e%pected and must be
successfully managed if the company is to reap
the benefits of the technology.
Not (c) because as individuals rely more on
communications to perform their daily tas$s, it
becomes imperative for a networ$ to be
essentially ;00D available. !he company
should enhance its disaster recovery plan to
recognize this fact.
Not (d) because since networ$ management
may now be primarily a function within the
company, it will become more of a partnership
arrangement with the communications carrier.
$$. CIA Nov 9! III.74
Not (a) because, value-added networ$s provide
protocol conversion, message storing, and
message forwarding for specific transactions
such as 8(#.
Answer (b) is correct. A :AN (metro-area
networ$) connects multiple sites with multiple
wor$stations for shared use of common
resources. !hus, the company can share
inventory and special diagnostic s$ills.
Not (c) because electronic data interchange
supports the transfer of business information
between application systems on different
computers.
Not (d) because !42)#2 is a networ$ protocol
that implements the <S# transport layer for
managing end-to-end networ$ transmissions.
ii. CIA May 97 I.0
Not (a) because a maor concern with @ANs is
that users are responsible for building and
maintaining procedures for capturing and
processing data. <ne of the maor problems
associated with this form of end-user
computing is that users often do not do a good
ob of documenting procedures.
Not (b) because security is a maor concern for
sensitive data residing on a 24 and)or a @AN.
Answer (c) is correct. +ardware used for
processing data is not considered a maor ris$
since 24s have similar hardware components
to mainframe computers. #f a hardware failure
is to occur, it would be for various factors that
both 24s and mainframes are e%posed to.
Not (d) because, data communications are
always a high ris$ factor on @ANs because they
do not happen automatically. !he auditor will
need to gain assurance that the company has
mechanisms, including reconciliations, to
All rights reserved
+, B-7
Powers CIA Review
ensure completeness of data communications.
%%. CIA May 97 III.41
Not (a) because both statements # and ### are
correct.
Not (b) because #tem ## is incorrect. A
confidential mail message should not be
retained on the server once the user has
downloaded it to a personal computer.
Answer (c) is correct. Statements # and ### are
correct and item ## is incorrect. A confidential
mail message should not be retained on the
server once the user has downloaded it to a
personal computer. Since electronic mail is
operated and stored on the computer system,
control features present in the networ$ will
secure it. #n addition, large organizations
usually have several electronic mail
administrators and locations with varying levels
of security.
&&. CIA May 97 III.4+
Answer (a) is correct. <nly item # is correct.
4ompanies who wish to maintain ade&uate
security must use firewalls to protect data from
being accessed by unauthorized users.
'irewalls separate an internal secure networ$
from an e%ternal networ$ by controlling traffic
flow of information. #tem ## is incorrect. Anyone
can establish a +ome 2age on the #nternet.
#tem ### is incorrect. !here are no security
standards for connecting to the #nternet, nor is
there a coalition of #nternet providers which
dictate such standards. !he lac$ of such
standards is a maor problem with the #nternet.
Not (b) because item ## is incorrect. Anyone can
establish a +ome 2age on the #nternet.
Not (c) because item ### is incorrect. !here are
no security standards for connecting to the
#nternet, nor is there a coalition of #nternet
providers which dictate such standards. !he
lac$ of such standards is a maor problem with
the #nternet.
Not (d) because item ### is incorrect. !here are
no security standards for connecting to the
#nternet, nor is there a coalition of #nternet
providers which dictate such standards. !he
lac$ of such standards is a maor problem with
the #nternet.
''. CIA May 9+ III.40
Not (a) because management oversight
controls for the growth in end-user
development by selecting and authorizing
users who will develop the system.
Not (b) because competitive pressures for
enhanced functions in systems may affect the
efficiency and effectiveness of the developed
functions but does not essentially wea$en
access controls in the system.
Answer (c) is correct. Creater on-line access
to information systems creates the ris$ of
increased unauthorized access to systems,
which can be mitigated by authenticating
transactions for authorized users.
Not (d) because growing organizational
reliance on information systems is controlled by
increased attention to validating development
phases.
((. CIA May 94 I.!5
Not (a) because, data file bac$ups are critical
to reconstructing lost files.
+, B-7+
All rights reserved
Powers CIA Review
Not (b) because the controls over hardware
and software failures may prevent or minimize
the effects of a system failure.
Answer (c) is correct. 8ncryption is the
process of coding data before transmission and
decoding it after transmission. !hus, encryption
is a communication control for security. #t is not
related to bac$up and recovery.
Not (d) because responsibilities for bac$up and
recovery should be fully described in updated
documents and manuals.
nn. CIA May 95 III.7!
Not (a) because parallel testing is done when
using parallel conversion method in systems
development. New and e%isting systems run
concurrently for a period of time. !he results of
both systems are then compared.
Not (b) because, integrated test facility (#!') is
a computer-aided audit techni&ue by which
fictitious entities are integrated on the
company*s master files and data is tested to
validate processing..
Answer (c) is correct. 2erformance
monitoring is the systematic measurement and
evaluation of operating results such as
transaction rates, response times, and
incidence of error conditions. 2erformance
monitoring will reveal trends in 4apacity usage
so that capacity can be upgraded before
response deteriorates to the point that users
behave in unintended or undesirable ways.
Not (d) because program code comparison
software enables detection of unauthorized
changes in programs, but such software cannot
detect deteriorating response time.
oo. CIA May 95 III.78
Not (a) because, to the e%tent the system
incorporates components from e%ternal parties,
the company is dependent on them.
Not (b) because, having an accurate inventory
of hardware, software, and communications
components and an accurate account of
changes in the components would ma$e timely
installation of new components easier but
would not guarantee timely installation of new
components.
Answer (c) is correct. @ac$ of ade&uate
inventories of networ$, hardware, and software
components and lac$ of records of changes in
components increase the difficulty of isolating
faults in any part of the system. !here may be
subtle differences in components or successive
versions of the same components, which lead
to incompatibilities that cause failures.
Not (d) because having an accurate inventory
of hardware, software, and communications
components and an accurate account of
changes in the components may be helpful in
maintaining system availability? but availability
depends on the appropriateness of the
configuration and the ability of service
personnel to $eep the system running.
All rights reserved
+, B-74
Powers CIA Review
**. CIA May 9! III.5
Answer (a) is correct. !he pressure for the
department store company to be competitive is
so great that there may be a significant ris$ that
applications software could be incomplete,
inade&uately tested, or unauthorized.
Not (b) because, on the contrary, management
has stated its intention to install the networ$,
salespeople have been as$ing for features that
the networ$ could provide, and the planning
committee has identified many potential
applications.
Not (c) because these types of violations do not
occur with in-house development.
Not (d) because given the standard nature of
the networ$, it is unli$ely that the company
would not be able to obtain needed
components from vendors as usage increases.
,,. CIA May 9! III.5+
Not (a) because reserving all system functions
for salespeople would restrict access more
than is re&uired for ade&uate security and
would hinder use of the system for ma%imum
benefit
Not (b) because customers should not have
update privileges to prevent them from
corrupting data files, intentionally or
accidentally.
Not (c) because customers should not have
update privileges to prevent them from
corrupting data files, intentionally or
accidentally.
Answer (d) is correct. 4ustomers with read
privileges can e%amine the gift registry lists to
ma$e their selections, and salespeople can
update the gift registry with actual purchases.
rr. CIA May 9! III.54
Not (a) because salespeople are already
as$ing for networ$ features to help them do
their obs so they are unli$ely to be reluctant to
use the system.
Not (b) because, the re&uired features are
typical of networ$s and its overall size ma$es it
a mid-range system, the networ$ should not
re&uire e%pensive non-standard components.
Not (c) because customers are used to
companies managing inventory using computer
systems with the best supply practices.
Answer (d) is correct. Civen the company"s
lac$ of e%perience with networ$s, a significant
ris$ is that the networ$ operating costs may not
be fully proected. !he result is that the
company may incur unanticipated costs after
the networ$ is installed.
ss. CIA May 9! III.55
Not (a) because a local area networ$ (@AN) is
generally limited to short distances, e.g., /,000
feet radius of the servers.
Answer (b) is correct. ,ide area networ$s
(,ANs) are a type of networ$s that connect
system users who are geographically dispersed
through public telecommunication facilities. A
wide area networ$ (,AN) is the best $ind of
networ$ because it can connect many sites
located across a broad geographical distance.
Not (c) because a value-added networ$ (AAN)
is, in general, more e%pensive than a private
networ$ such as a ,AN for high-volume
communications.
Not (d) because, a private branch e%change
(2BB) is an electronic switch that transfers
+, B-75
All rights reserved
Powers CIA Review
voice and data within a local site and it does
not have the networ$ capabilities needed by
the company.
tt. CIA May 9! III.5!
Not (a) because in a leased-line networ$ there
are no phone numbers.
Not (b) because in a leased-line networ$ there
are no phone numbers and hence no ports with
tone devices for incoming calls.
Answer (c) is correct. #f the company installs
a leased-line networ$, it should ensure that
transmission facilities on its premises are
secure. A leased line is more secure than a
public switched line and security issues should
be dealt with to physically secure the
transmission facilities.
Not (d) because to reduce the time during
which unauthorized people could potentially
gain access to the system by limiting networ$
availability to certain times of the day is often
associated with public switched lines, not
leased lines.
--. CIA May 9! III.!0
Answer (a) is correct. !he company should
have access to the business-related 8-mail that
is left behind. Access to 8-:ail can also be
critical in business or possible criminal
investigations. !he privacy concerns of the
individual may be mitigated by compelling
business interests.
Not (b) because encryption helps prevent
eavesdropping of unauthorized persons trying
to compromise 8-:ail messages.
Not (c) because limiting the number of
electronic mail pac$ages adopted by the
organization is an appropriate element of the
new policy on electronic mail. Such standards
simplify the ob of managing email messages
and reduce the number of administrators who
can access them.
Not (d) because this is an appropriate privacy
control techni&ue because of the inherent
wea$nesses in 8-:ail security.
vv. CIA May 97 III.+9
Not (a) because messages on the #nternet are
not encrypted. !he sender and receiver are
responsible for encrypting confidential
information.
Answer (b) is correct. Access should be
limited to those whose activities necessitate
access to the computer system. :oreover, the
degree of access allowed should be consistent
with an individual"s responsibilities. 3estricting
access to particular individuals rather than
groups or departments clearly establishes
specific accountability. Not everyone in a group
will need access or the same degree of access.
!hus, passwords assigned to individuals
should be re&uired for identification of users by
the system. 2asswords are especially effective
against the casual intruder.
Not (c) because if someone gains access to the
server, he or she can download the file of
messages and gain access to them without
wor$ing with a security log.
Not (d) because the statements, 6All messages
on the #nternet are encrypted thereby providing
enhanced security6 and 6#f someone gains
supervisory-level access to the file server
containing electronic messages, he or she
could still not gain access to the file containing
electronic mail messages without decrypting
the security control log6 are false.
All rights reserved
+, B-7!
Powers CIA Review
ww.CIA Nov 9+ III.17
Not (a) because, improvements in automated
control techni&ues follow from the development
of information technology.
Not (b) because, improvements in automated
control techni&ues follow from the development
of information technology.
Not (c) because data encryption standards are
a response to the increase in the use of
telecommunications technology as a whole.
Answer (d) is correct.
;. 4orrect - 4ompetition has been a
strong motivator in the financial
services industry in the development of
8'! systems.
/. 4orrect - :aintaining costs in a highly
competitive industry can be aided by
leveraging information technology.
7. 4orrect - Advances in information
technology, especially
telecommunications technology have
made 8'! systems possible.
1. #ncorrect - #mprovements in automated
control techni&ues have been the result
of industry ta$ing advantage of the
trends that have influenced the
development of information technology.
E. E. #ncorrect - (ata encryption
standards have been in response to
the increase in the use of
telecommunications technology.
... CIA May 9! III.!4
Not (a) because unauthorized access and
activity is a maor ris$ factor, inherent to
electronic funds transfer (8'!).
Not (b) because duplicate transaction
processing is another inherent ris$ factor in
8'!.
Answer (c) is correct. 8lectronic 'unds
!ransfer (8'!) is the e%change of funds via
telecommunication devices. 'unds are
transferred electronically between two accounts
without the actual e%change or manual deposit.
(ue to the nature of transactions described,
8'! systems re&uire high level of security and
control. #n addition, per transaction costs are
lower with electronic funds transfer since the
electronic process of transferring funds
replaces the manual process.
Not (d) because inade&uate bac$up and
recovery capabilities is a critical ris$ factor in
8'!.
yy. CIA May 9+ III.+1
Not (a) because physical access controls over
the data center are important to restrict
physical access to authorized people? however,
poor physical access controls are secondary
e%posure for compromise of remote data
communications lines.
Not (b) because, e%posures from networ$
viruses can be minimized through the
implementation of 6safe computing practices6
such as where to buy software or have logical
+, B-77
All rights reserved
Powers CIA Review
access controls on the system.
Not (c) because poor system documentation is
a secondary e%posure thus causing
inconvenience to system users and
maintainers.
Answer (d) is correct. @eased telephone
circuits represent a direct e%posure to
breaching data integrity since it represents the
use of public lines that can be easily identified
and tapped and thus re&uires that ade&uate
security measures be adopted.
//. CIA Nov 9! III.!+
Not (a) because, improper change controls
procedures, insufficient online edit chec$s
procedures, and inade&uate bac$ups and
disaster recovery procedures are all ris$s that
are common to all types of #nformation
!echnology environments.
Answer (b) is correct. 9nauthorized access is
a ris$ that is higher in an 8'! environment than
in other #nformation !echnology environments.
#f unauthorized people were able to access
8'! systems they could cause serious financial
losses to institutions that use the 8'! system.
Not (c) because improper change controls
Not (d) because improper change controls
aaa. CIA Nov 9+ III.50
Not (a) because, this cycle time (/; days) does
not include reductions possible by using
electronic data interchange (8(#) to eliminate
mail time (7 days) and supplier process time
(;1 days).
Not (b) because this cycle time (;F days) does
not include reductions possible by using 8(# to
eliminate supplier process time (;1 days).
Answer (c) is correct. 'our days is the
minimum cycle time because physical delivery
re&uires 1 days. !he other periods of time
described for the manual purchase cycle time
would be eliminated when the company fully
implements electronic data interchange (8(#).
#n 8(#, documents are electronically
e%changed between the company (purchaser)
and the supplier and data entry is eliminated.
Not (d) because the cycle time cannot be
reduced below the delivery time of 1 days with
implementation of 8(# alone.G !ransportation
that is more efficient would be re&uired.
All rights reserved
+, B-78
Powers CIA Review
bbb. CIA Nov 9 III.+0
Not (a) because a re&uest for an airline
reservation re&uires an on-line, real-time
reservations system.
Not (b) because withdrawal of cash from an
automated teller is accomplished via on-line
transactions to copies of master files.
Not (c) because the transfer of summary data
to head&uarters may be accomplished with
point-to-point communications, $nown as
distributed computing.
Answer (d) is correct. 2lacement of order
entry transactions from a customer to its
supplier is an accepted use of electronic data
interchange between trading partners. #n 8(#,
documents are electronically e%changed
between the purchaser and the supplier and
data entry is eliminated and inventory ordering
and carrying costs will be reduced.
ccc. CIA May 9+ III.+8
Answer (a) is correct. 8lectronic data
interchange (8(#) for business documents
between unrelated parties has the potential to
increase the ris$ of unauthorized third-party
access to systems because more outsiders will
have access to internal systems.
Not (b) because systematic programming
errors are the result of mis-specification of
re&uirements or lac$ of correspondence
between specifications and programs.
Not (c) because inade&uate $nowledge bases
are a function of lac$ of care in building them.
Not (d) because one of the benefits of 8(# is to
improve the efficiency and effectiveness of
system use.
ddd. CIA May 9+ III.59
Not (a) because the first is not 8(# since it is
not computer-to-computer.
Not (b) because the second is not <@3! since
processing does not ta$e place, only
communication.
Not (c) because the first is <@3!, the second
8(#.
Answer (d) is correct. <@3! systems are
used when time is of the essence. #nventory
availability and good credit status are important
to process a customer"s order at the catalog
sales firm where orders are made by phone.
<nce inventory and credit are chec$ed, the
order can be processed (if inventory is
available and the customer still has credit
available to use).
#n 8(#, documents are electronically
e%changed between the purchaser and the
supplier and data entry is eliminated. !he
second application uses 8(# since the
production schedule and parts orders are sent
electronically to the supplier by the
manufacturer*s (purchaser) computer.
eee. CIA Nov 9+ III.45
Answer (a) is correct. Before sending or
receiving electronic data interchange (8(#)
messages with its customers and suppliers, the
company should e%ecute a trading partner
agreement with its customers and suppliers so
that all parties understand their responsibilities,
the messages each will initiate, and how they
will interpret the messages.
Not (b) because the company may intend to
reduce inventory levels, but that is unrelated to
the timing of sending or receiving electronic
data interchange (8(#) messages.
Not (c) because the company may want to
demand or encourage all its customers and
suppliers to implement electronic data
interchange (8(#) capabilities, but that is
independent to sending and receiving
messages to customers and suppliers.
Not (d) because, it is not possible to evaluate
the effectiveness of electronic data interchange
(8(#) transmissions until after they occur.
+, B-79
All rights reserved
Powers CIA Review
""". CIA Nov 9+ III.4!
Not (a) because the company and its
customers may get their 8(#-related software
from the same vendor but still have software
incompatibility problems if they do not
synchronize their installation of updated
versions.
Answer (b) is correct. #f the company and its
customers will agree to synchronize their
updating of electronic data interchange (8(#)-
related software, then they will minimize the
li$elihood of unrecognizable or unintelligible
messages due to software incompatibilities. #n
fact, one of the maor features of an 8(# is to
have data transmitted between the parties in a
standard format to facilitate processing and
ma$e the use of 8(# effective. !he data is then
translated by using an 8(#-related software to
ma$e it in an intelligible form for other parties.
!hus, the best approach for minimizing the
li$elihood of software incompatibilities is to
have the company and its customers agree to
synchronize their updating of 8(#-related
software.
Not (c) because as business re&uirements
change, it may not be possible to use the same
software in the same ways indefinitely.
Not (d) because even if the company and its
customers each write their own version of the
electronic data interchange (8(#)-related
software, there will be synchronization
problems with updates.
###. CIA Nov 9+ III.47
Not (a) because, if the company developed its
own software, internal audit would be
responsible for evaluating that the software
was developed in a controlled environment.
Not (b) because if the company developed and
maintained its own software, internal audit
would be responsible for evaluating that the
software is bac$ed up ade&uately to permit
recovery in the event of a system failure.
Not (c) because, if the company purchased,
leased, or paid for the use of the software,
internal audit would be responsible for
evaluating that the software was ac&uired with
legal counsel review of contract terms.
Answer (d) is correct. 3egardless of whether
the company develops, buys, leases, or pays
for the use of the software for electronic data
interchange (8(#), internal audit should be
responsible for evaluating that the applications
meet business obectives.
All rights reserved
+, B-80
Powers CIA Review
$$$. CIA Nov 9+ III.49
Answer (a) is correct. #f the company gave
the supplier more information about use of the
materials, the supplier could plan its production
better so that it could reduce its inventory of the
materials and then reduce the price of the
materials to be able to charge a lower price.
Not (b) because the company could demand
that the supplier reduce the prices of the
materials, but the supplier could then decline to
supply them.
Not (c) because, the company could attempt to
find another supplier to replace the one
charging higher prices, but since the materials
are special, other suppliers would probably
charge higher prices for the same reasons the
original supplier did.
Not (d) because if the special materials are
needed in the primary product line, it is unli$ely
that the company would discontinue it before
investigating other alternative, e.g., wor$ing
with the supplier to help the supplier manage
its inventory.
iii. CIA Nov 9+ III.51
Answer (a) is correct. #f implementing
electronic data interchange (8(#) with suppliers
permitted more fre&uent orders and more
fre&uent communication about them, the
company could reduce ordering and carrying
costs of inventory. 'or e%ample, inventory
carrying costs would be reduced by reducing
raw materials inventory.
Not (b) because the company could ensure that
it always maintained the /E-day buffer stoc$,
but there would be no reason to do so if it could
ensure more reliable deliveries by ordering
more fre&uently.
Not (c) because trac$ing materials through
production is not an e%ample of electronic data
interchange (8(#), which is inter-company
e%change of business information.
Not (d) because scheduling production is not
an e%ample of electronic data interchange
(8(#), which is inter-company e%change of
business information.
%%%. CIA Nov 9+ III.5+
Answer (a) is correct. Sending the supplier
the re&uested data daily via 8(# would permit
the supplier to smooth its production and thus
+, B-81
All rights reserved
Powers CIA Review
let it hold down its costs.
Not (b) because sending the supplier usage
data via wee$ly reports is not the most effective
response. :a$ing daily data available is more
effective since it allows for updates that are
more fre&uent.
Not (c) because sending the supplier usage
data via monthly production reports is not the
most effective response. :a$ing daily data
available is more effective since it allows for
updates that are more fre&uent.
Not (d) because sending the supplier no data at
all (since it is confidential) will probably lead to
the supplier increasing its prices to the
company in order for the supplier to assume
the increased ris$ entailed by having to be
more responsive to the company"s orders, i.e.,
the supplier assumes the cost of the inventory
the company no longer maintains.
&&&. CIA May 94 III.!
Not (a) because 8-mail can send te%t or
document files, but the term encompasses a
wide range of transfers. 8lectronic (ata
#nterchange (8(#) specifically applies to the
system described in the &uestion.
Not (b) because electronic 'unds !ransfer
(8'!) refers to the transfer of money.
8lectronic (ata #nterchange (8(#) specifically
applies to the system described in the &uestion
Answer (c) is correct. 8lectronic data
interchange (8(#) refers to the electronic
transfer of documents between businesses and
between customers and suppliers. #n 8(#,
documents are electronically e%changed
between the purchaser and the supplier and
data entry is eliminated and inventory ordering
and carrying costs will be reduced.
Not (d) because 8lectronic (ata 2rocessing
(8(2) is a generic term that refers to
computerized processing of transaction data
within organizations.
'''. CIA May 9! III.57
Not (a) because 8(# transmits document data,
not the actual document.
Answer (b) is correct. #n 8(# documents are
electronically e%changed between the
purchaser and the supplier and data entry is
eliminated and inventory ordering and carrying
costs will be reduced. #n addition, improved
business relationships with trading partners is
also a benefit of 8(# because of increased
communication, reduction in costs (for both
supplier and customer), shorter lead time etc.
Not (c) because liability issues related to
protection of proprietary business data are a
maor legal implication of 8(#.
Not (d) because 8(# bac$up and contingency
planning re&uirements are not diminished.
(((. CIA May 9! III.59
Not (a) because #tem # is incorrect. 9sing a
third party service provider-does not mean
encryption is utilized.
Not (b) because #tem # is incorrect. 9sing a
third party service provider-does not mean
encryption is utilized.
Not (c) because #tem ### is incorrect. 2ublic
switched data networ$s are not directly related
to 8(# applications
All rights reserved
+, B-8
Powers CIA Review
Answer (d) is correct. #tem ## is correct.
(etermination whether an independent review
of the third party service provider has been
performed (and appropriate follow-up) is
re&uired. #tem #A is correct. 3eviewing the third
part provider"s contract is an appropriate audit
step. #tem # is incorrect. 9sing a third party
service provider-does not mean encryption is
utilized. #tem ### is incorrect. 2ublic switched
data networ$s are not directly related to 8(#
applications.
nnn. CIA May 97 III.51
Answer (a) is correct. :ar$ed benefits come
about when 8(# is tied to strategic efforts that
alter, not mirror, previous practices. Applying
8(# to an inefficient process results in the
ability to continue doing things incorrectly.
!hus, successful 8(# implementation must
begin with planning and analyzing the wor$
processes and flows that support the
organization"s goals.
Not (b) because, the prere&uisite for 8(#
success is an understanding of the mission of
the business and the processes and flows that
support its goals, followed by cooperation with
e%ternal partners. +ardware concerns come
secondly.
Not (c) because before applying 8(#
technology to the business, 8(# must be
viewed as part of an overall integrated solution
to organizational re&uirements.
Not (d) because 8(# is not a solution by itself.
#nstead of thin$ing about how to send and
receive transactions bac$ and forth, a company
should first thin$ about the entire process from
both ends.
ooo. CIA May 91 III.50
Not (a) because the procedure described is
considered acceptable. 8ncrypted passwords
further decrease the li$elihood of unauthorized
access.
Not (b) because message se&uencing detects
unauthorized access by numbering each
message and incrementing each message by
one more than the last one sent. Such a
system detects when a gap or duplicate has
occurred.
Not (c) because allowing certain types of
transactions (such as payroll transactions) to
be made only at specific terminals minimizes
the li$elihood of unauthorized access.
Answer (d) is correct. !he system should
employ automatic dial-bac$ to prevent intrusion
by unauthorized parties. Such a system
accepts an incoming modem call, disconnects,
and automatically dials bac$ a prearranged
number to establish a permanent connection
for data transfer or in&uiry.
+, B-8+
All rights reserved
Powers CIA Review
***. CIA May 94 III.18
Answer (a) is correct. !he customer*s account
number, name, and unused credit balance
should be downloaded to the microcomputer.
!he name should be displayed when the
account number is input to provide a control
chec$. !he system then should show the
amount available for a credit purchase. !he
user should not be re&uired to calculate an
amount that could be done by the computer.
Not (b) because current customer balance is
not needed as the system shows the amount of
available for a credit purchase and the sales
department can ma$e credit chec$s before
processing an order. Also the customer name
is an important control since a wrong, but valid,
account number might be entered
Not (c) because the customer name is an
important control since a wrong, but valid,
account number might be entered.
Not (d) because unused credit balance is more
important than the current customer balance for
credit chec$s.
,,,. CIA May 94 III.19
Not (a) because the sales department is
creating an informal system to ma$e up for a
system deficiency. !here is a ris$ that it may
rely on the previous day"s file and the credit
information would be outdated.
Not (b) because the sales department is
capturing data at the beginning of the day.
!here is a ris$ that customers would e%ceed
their credit limit if multiple orders were
submitted on the same day.
Answer (c) is correct. Bac$ups of transaction
data are necessary for security and to
safeguard data and provide control. +owever,
in this situation the user file does not contain
transaction data and a bac$up would li$ely
duplicate data contained elsewhere. #t is highly
probable that the main system has a history file
with the day"s beginning balances that could be
accessed if needed. !here is a higher degree
of ris$ associated with using outdated data or
manipulated data.
Not (d) because there is a ris$ that the sales
department could alter the contents of the file
and allow customers to e%ceed their credit limit.
All rights reserved
+, B-84
Powers CIA Review
rrr. CIA Nov 9+ III.4+
Correct answer is (A)
Answer (a) is correct. #f the company
ac$nowledges messages initiated e%ternally,
then the alleged sender would have the
opportunity to recognize that it had not sent the
message and could notify the company of the
potential forgery.
Not (b) because permitting only authorized
employees to have access to transmission
facilities controls for unauthorized access to the
facilities but would not detect forged 8(#
messages.
Not (c) because delaying action on orders until
a second order is received for the same goods
defeats the purpose of using 8(#, namely, rapid
communication followed by rapid response.
Not (d) because writing all incoming messages
to a write-once)read -many device is a good
practice, but it will not detect forgeries.
sss. CIA Nov 9! III.70
Not (a) because the ob of end users is to
conduct the business of the organization, not to
be the interface between the #S group and the
rest of the organization.
Not (b) because the application programmer"s
ob is to convert information re&uirements
specifications into new application systems.
Not (c) because the maintenance
programmer"s ob is to modify e%isting
programs in response to authorized changes in
program functions.
Answer (d) is correct. !he systems analysts
are the principal liaison between the #S group
and the rest of an organization because the
analyst"s ob is to translate business problems
and re&uirements into information re&uirements
and systems.
ttt. CIA May 90 III.+0
Not (a) because system programs are those
that provide the interface with the computer for
the e%ecution of application programs.
Answer (b) is correct. Application programs
are user programs that perform specific tas$s
for the users. An e%ample of application
programs is inventory control application
program.
Not (c) because utility programs are part of
system programs which perform common tas$s
such as sorting, merging, listing, etc.
Not (d) because, an operating program is not a
specific program type in #! terminology. System
programs however, relate to the operating
system whose main purpose is to control and
coordinate the running of the computer and its
many functions. !he <)S directs and assists
the e%ecution of application programs.
---. CIA Nov 9+ III.+1
Answer (a) is correct. :anagement of the
commercial lending department has the
ultimate responsibility for data integrity and
availability of its applications. !hus, the
responsibility of bac$up) recovery of data files
is that of management of the department.
Not (b) because, the function of a central #S
group analyst is to help develop applications for
users.
Not (c) because, the function of a central #S
group programmer is to help develop
applications for users.
Not (d) because the function of an internal
auditor is to assess the appropriateness of
controls and not to operate those controls.
vvv. CIA May 94 III.7
Answer (a) is correct. Access must be
controlled to ensure integrity of documentation
although 6read6 access should be provided to
+, B-85
All rights reserved
Powers CIA Review
other parties, as it is important for applications
development and maintenance. !he database
administrators are responsible for the
administration of the organization*s database.
!hus, adding and updating data elements into
the data dictionary is one of a database
administrator*s functions.
Not (b) because a system programmer
develops and maintains the system software
and should not be able to access data
dictionaries to add or update documentation
items into them.
Not (c) because a system librarian records,
issues, receives, and safeguards all program
and data files used by the organization. !he
librarian should not be authorized or have the
s$ills to add or update documentation items
into data dictionaries.
Not (d) because an application programmer
develops the application software and should
not be able to access data dictionaries to add
or update documentation items into them.
www. CIA May 95 III.79
Not (a) because if the only access permitted is
read-only, then there could be no updating of
database files.
Not (b) because permitting catalog updating
from privileged software would be a breach of
security, which might permit unauthorized
access.
Answer (c) is correct. !he database
administrator should ensure that database
system features are in place to permit access
only to authorized logical views. <ne security
feature in database systems is their ability to let
the (BA restrict access on a logical view basis
for each user.
Not (d) because updating of users" access
profiles should be a function of a security
officer, not the user.
.... CIA Nov 95 III.++
Answer (a) is correct. #nade&uate testing is
the most li$ely cause for the coding errors in
the most comple% reports. #t is difficult to design
a test that will satisfy all data criteria in a
comple% environment.
Not (b) because there may be inade&uate
change control, but that is not the reason for
errors in the most comple% reports.
Not (c) because there may be inade&uate
documentation, but that is not the reason for
Not (d) because there may be inade&uate
access control, but that is not the reason for
yyy. CIA Nov 95 III.+4
Not (a) because, there may be inade&uate
bac$ups, but that is not the cause of analysts
reusing erroneous code.
Answer (b) is correct. !he most li$ely cause
of the reappearance of the same coding errors
is inade&uate change control. #nade&uate
change control is apt to lead to previously
corrected errors recurring because the analysts
were reusing erroneous code rather than
corrected code. !he solution to the problem is
All rights reserved
+, B-8!
Powers CIA Review
better program change control procedures.
Not (c) because there may be inade&uate
access control, but that is not the cause of
analyst*s reusing erroneous code.
Not (d) because there may be inade&uate
testing, but that is not the cause of analysts
reusing erroneous code.
///.CIA May 9! III.4+
Answer (a) is correct. Segregation of
incompatible duties in a computer environment
is crucial. 9sers need access to production
application data but should not have access to
the programs. #n addition, application
programmers should not have access to
production data, systems software, and
production application programs. Any update
for application programs must be subect to
proper control procedures.
Not (b) as per the e%planation in (a) above.
Not (c) as per the e%planation in (a) above.
Not (d) as per the e%planation in (a) above.
aaaa. CIA May 9! III.44
Not (a) because developing an information
security policy is a duty properly assigned to an
information security officer.
Answer (b) is correct. !he information
security officer should not even $now the user
passwords. !hese are normally stored on a
computer in encrypted format, and users
change them directly.
Not (c) because commenting on security
controls in new applications is a duty properly
assigned to an information security officer.
Not (d) because monitoring and investigating
unsuccessful access attempts is a duty
properly assigned to an information security
officer.
bbbb. CIA May 9! III.45
Not (a) because application audits should be
about the same difficulty with or without an
ade&uately staffed help des$.
Not (b) because preparation of documentation
is a development function, not a help des$
function.
Not (c) because the li$elihood of use of
unauthorized program code is a function of
change control, not a help des$.
Answer (d) is correct. !he biggest ris$ in not
having an ade&uately staffed help des$ is that
users will un$nowingly persist in ma$ing errors
in their interaction with the information systems.
cccc. CIA Nov 9! III.49
Not (a) because a security administration deals
with adding or deleting user to)from the system.
Answer (b) is correct. 4hange control is the
process of authorizing, developing, testing, and
installing coded changes so as to minimize the
impact on processing and the ris$ to the
system.
Not (c) because problem trac$ing is the
process of collecting operational data about
processes so that it can be analyzed for
corrective action.
Not (d) because problem escalation
procedures are a means of categorizing
problems or unusual circumstances so that the
least s$illed person can address them.
+, B-87
All rights reserved
Powers CIA Review
dddd. CIA Nov 9! III.55
Not (a) because applications development is
responsible for developing systems. After
acceptance by users, developers typically
cease having day-to-day contact with a
system"s users.
Not (b) because, the responsibility of systems
programming is to implement and maintain
system level software such as operating
systems, access control software, and
database systems software.
Answer (c) is correct. +elp des$s are usually
a responsibility of computer operations
because of the operational nature of their
functions, e.g., assisting users with systems
problems involving prioritization and obtaining
technical support)vendor assistance.
Not (d) because 9ser departments typically do
not have the e%pertise necessary to solve their
own systems problems.
eeee. CIA May 97 III.7+
Answer (a) is correct. #n client)server
environments, change control must also ensure
synchronization of programs across the
networ$ so that each client and each server are
running from the same versions of the
programs, #n mainframe environments, there
may be only one copy of the production system
that is e%ecuted so that synchronization of
programs is not re&uired.
Not (b) because emergency move procedures
should be documented and followed in both
mainframe and client)server environments.
Not (c) because appropriate users should be
involved in program change testing in
mainframe and in client)server environments.
Not (d) because movement from the test library
to the production library should be controlled in
both mainframe and client)server
environments.
"""". CIA Nov 90 III.+7
Not (a) because operating systems direct and
manage use of computer resources such as
the 429 and peripheral devices.
Answer (b) is correct. An application program,
such as a payroll program, performs the
processing functions that the users in an
organizational unit need to complete their
tas$s.
Not (c) because a report generator is a
program that accepts high-level coding
statements and creates program code to
e%ecute them.
Not (d) because a utility program accepts
commands, such as copying and sorting, from
users and manipulates the designated files
accordingly.
All rights reserved
+, B-88
Powers CIA Review
####. CIA May 91 III.+1
Answer (a) is correct. (isplay screen layouts,
interactive dialogues, and processing interact
with program generators to generate
applications based on specifications included in
the layouts, dialogues and processing to be
performed.
Not (b) because detailed coding is not re&uired
for operation of a program generator to
produce an application.
Not (c) because statistical sampling
parameters are not re&uired for program
generators.
Not (d) because control sensors measure a
character or condition as part of a control
feedbac$ system and do not pertain to program
generators.
$$$$. CIA May 9 I.+
Not (a) because asynchronous modems handle
data streams from peripheral devices to a
central processor.
Not (b) because, authentication techni&ues
confirm that valid users have access to the
system.
Not (c) because, call bac$ techni&ues are used
to ensure incoming calls are from authorized
locations.
Answer (d) is correct. 4ryptographic devices
protect (encrypt) data to be transmitted over
communication lines. A $ey notarization can be
used in conunction with a cryptographic device
to provide increased data security. Hey
management involves the secure generation,
distribution, and storage of cryptographic $eys.
iiii. CIA May 94 III.1+
Answer (a) is correct. Aarious factors need to
be considered. 8ncoding is important when
confidential data are transmitted between
geographically separated locations that can be
electronically monitored. Although @ANs may
need encryption protection, the type of data
and the described communication media ma$e
the other options appear more vulnerable.
Not (b) because when wire transfers are made
between ban$s encryption is most li$ely to be
utilized.
Not (c) because, when confidential data are
sent by satellite transmission encryption is
most li$ely to be utilized.
Not (d) because when financial data are sent
over dedicated leased lines, encryption is most
li$ely to be utilized.
%%%%. CIA May 9! III.47
Answer (a) is correct. 8ncryption is the best
means of ensuring the confidentiality of satellite
transmissions because even if an unauthorized
individual recorded the transmissions, they
would not be intelligible until decoded in the
correct way.
Not (b) because access control applies to
gaining entrance to the application systems,
not to the format of transmissions.
Not (c) because monitoring software is
designed to monitor performance (human or
machine) for specified functions such as
number of tas$s performed or capacity utilized.
Not (d) because cyclic redundancy chec$s are
comple% computations performed with the data
bits and the chec$ bits in data transmissions to
ensure the integrity, but not the confidentiality,
of the data.
+, B-89
All rights reserved
Powers CIA Review
&&&&. CIA May 9! III.48
Not (a) because encrypting transmissions from
the stores would increase the difficulty of
eavesdropping on the transmissions but would
not deter someone from entering bogus
transactions.
Not (b) because re&uiring change control for
programs ensures that program changes are
authorized, tested, and documented.
Answer (c) is correct. 8nforcing password
control procedures would ma$e it more difficult
for an unauthorized person, such as a
competitor intending to disrupt the distribution
patterns, to gain prolonged entry.
Not (d) because encouraging store employees
to report suspicious activity is a good practice,
but such activity might go undetected.
''''. CIA May 9! III.49
Not (a) because access control ensures that
only authorized persons have access to
specific or categories of information resources,
but is not enough by itself to ensure integrity of
application software.
Not (b) because, audit trails permit audits of
transaction updates to data files, not programs.
Answer (c) is correct. !he best way to ensure
the integrity of the application software change
controls for inventory software. 4hange control
is the set of procedures that ensure that only
authorized, tested changes to programs are run
in production.
Not (d) because monitoring software is
designed to monitor performance (human or
machine) for specified functions such as
number of tas$s performed or capacity utilized.
((((. CIA May 9+ I.4
Not (a) because a proof calculation is the use
of a predefined algorithm to be performed on
the information in a telecommunications
transmission to verify that no transmission
errors occurred.
Not (b) because chec$-digit verification is used
to control the accuracy of input of reference
numbers but would not deny access to an
inactive but valid account.
Answer (c) is correct. !he master file will
contain information about the status of ban$
accounts (i.e., active or inactive). By loo$ing up
the account numbers in the master file, the
teller can verify that the account is active.
Not (d) because a duplicate record chec$
ensures that duplicate records are not
processed.
nnnn. CIA May 9 II.+0
Not (a) because statistical sampling is most
useful in estimating the size of a population
(variables sampling) or the degree of error
(attribute sampling). Specific identification of
unreported duplicate payments is the problem
here.
Not (b) because des$ chec$ing the source
code would detect a program error, but not the
potential causes of duplicate payments.
Not (c) because an integrated test facility is
useful for passing test data through a
production system, but it does not address the
unreported duplicate payments problem.
Answer (d) is correct. !he primary use of
generalized audit software is to select and
summarize a client"s records for additional
testing. !hese pac$ages permit the auditor to
audit through the computer, to e%tract,
compare, analyze, and summarize data and
generate output for use in the audit. !hey allow
the auditor to e%ploit the computer to e%amine
many more records than otherwise possible
with far greater speed and accuracy. Although
generalized audit software re&uires the auditor
to provide certain specifications about the
All rights reserved
+, B-90
Powers CIA Review
particular client"s records, 8(2 e&uipment, and
file formats, a detailed $nowledge of the client"s
system may be unnecessary because the audit
pac$age is designed to be used in many
environments.
oooo. CIA Nov 9 I.+!
Answer (a) is correct. 9se of audit software to
perform parallel simulation is an acceptable
audit application. 2arallel simulation (the audit
model techni&ue) involves duplicate processing
of the client"s data using a program developed
by the auditor. !he auditor"s program simulates
the logic of the client"s application program.
!he auditor may thus enter data and compare
simulated test results with those from the
auditee"s program. :aintenance of parallel
simulation programs may prove e%pensive
because they must be updated to match
changes in the client"s system.
Not (b) because use of an integrated facility
usually re&uires advanced planning before a
system is implemented. #nstalling an integrated
test facility after-the-fact can be &uite costly
and time consuming.
Not (c) because tagging and tracing is more
difficult to employ than parallel simulation.
Not (d) because mapping and program
analysis re&uires a strong programming
bac$ground, something not available on this
audit team.
****. CIA Nov 94 I.40
Not (a) because an integrated test facility
involves the use of test data and also the
creation of fictitious entities on master files.
Not (b) because tracing provides a detailed
listing of the se&uence of program statement
e%ecution.
Answer (c) is correct. 2arallel simulation
processes live transactions run through an
auditor-developed test program. !he purpose is
to simulate routine processing and verify the
results.
Not (d) because mapping is a procedure for
reporting code usage within a program.
,,,,. CIA May 88 II.+
Not (a) because both input and processing
controls are types of application controls.
Answer (b) is correct. !here are two
categories of accounting controls present in a
computerized system - general and application
controls. Ceneral controls apply to the
environment of the information system and all
information systems actions. Application
controls relate to specific obs e%ecuted by the
computer. !hey are designed to supply
reasonable assurance that the recording,
processing, and reporting functions are
properly e%ecuted. Application controls are
classified as input controls, processing
controls, and output controls. #nput controls are
designed to provide reasonable assurance that
data ac&uired for processing have been
properly authorized (approved by
management), converted into machine-
sensible form (verified and edited as to validity
and completeness), and subse&uently
accounted for (controls to chec$ if data were
lost in transmission).
Not (c) because organization controls pertain to
segregation of functions within the information
systems department.
Not (d) because general controls apply to the
environment of the information system and are
+, B-91
All rights reserved
Powers CIA Review
distinct from application controls.
rrrr.CIA Nov 88 II.+5
Answer (a) is correct. 2hysical security of
storage media is much easier and more
effective if in a central location. 8ach location is
subect to various problems. (ata transfer,
format, and location re&uire more control in a
distributed system.
Not (b) because access restrictions and
custody controls are necessary in any
environment.
Not (c) because computer organizational
standards are necessary to maintain computer
compatibility, security, and efficient operation
procedures.
Not (d) because access restrictions are
necessary on every computer system
irrespective of the configuration.
ssss. CIA Nov 88 II.+!
Not (a) because a chec$ digit is used primarily
to catch transpositions.
Answer (b) is correct. All transactions and
their record $eeping should be authorized. A
review should be made of all write-offs>
inventory, receivables, final assets, etc. Also,
warehouse employees having custody of
inventory should not have authority to initiate or
process entries to the inventory records.
Not (c) because a parity chec$ is a hardware
control over the internal transfer of data.
Not (d) because an edit chec$ for validity would
not catch an adustment of a valid part number.
tttt. CIA May 89 I.4
Not (a) because the batch total chec$ simply
assures that items have not been lost.
Not (b) because an edit test at the time of
online data entry will detect the problem earlier
than a chec$ made during the later batch-
processing run.
Not (c) because an edit test at the time of
online data entry will detect the problem earlier
than a chec$ made during the later batch-
processing run.
Answer (d) is correct. #f an online data entry
is used, edit tests (programmed chec$s) to
detect errors must be applied as each
transaction is entered. 'or e%ample, the vendor
number in the transaction file should be
matched (matching chec$) with the number in
the vendor file. #f the latter file has not yet been
updated, this edit test will result in immediate
detection of the discrepancy.
----. CIA Nov 89 I.5
Not (a) because personal computer operations
are decentralized and therefore customarily
combine these functions out of necessity.
Not (b) because these special security
measures are more cost-ustified in a
mainframe system.
All rights reserved
+, B-9
Powers CIA Review
Not (c) because programming by users is often
necessary and sometimes a purpose of using
decentralized, personal computer-based
systems.
Answer (d) is correct. #n a personal computer
environment, user training becomes still more
important than in a centralized system because
users may have to assume greater
responsibilities. !hus, users may have to
provide maintenance of the e&uipment and
learn programming s$ills.
vvvv. CIA Nov 89 I.+0
Answer (a) is correct. An overflow test is a
programmed control that chec$s computational
results and issues a warning if the result
e%ceeds the capacity of the storage location,
which would result in the loss of data. 'or
e%ample, if E1/F were stored as E1/, the F lost
on overflow would be discovered.
Not (b) because a range test determines
whether the value of a data field falls outside
prescribed limits.
Not (c) because an e%istence (validity) chec$
determines whether an entered code is one of
a set of valid codes.
Not (d) because a parity chec$ adds the bits in
a character or message and chec$s the sum to
determine if it is odd or even, depending on
whether the computer has odd or even parity.
!his chec$ verifies that all data have been
transferred without loss. 'or e%ample, if the
computer has even parity, a bit will be added to
a binary coded character or message that
contains an odd number of bits. No bit is added
if a character or message in binary form has an
even number of bits.
wwww. CIA Nov 89 I.7
Not (a) because a data transmission chec$
verifies only the accuracy of the
communication.
Answer (b) is correct. !he use of e%ternal,
header, and trailer labels should be enforced to
ensure the proper access and protection of
files. A header label is a machine-readable
record at the beginning of a file that identifies
the file. Software ma$es this chec$. A trailer
label is a machine-readable label at the end of
a file containing record counts and control
totals. An e%ternal label is a human-readable
identifying label affi%ed to the outside of a file
holder, such as a magnetic tape file.
Not (c) because this control (boundary
protection) protects programs or data from
interference (unauthorized reading and)or
writing) caused by activity related to other
programs or data stored on the same medium.
Not (d) because access controls (passwords,
etc.) prevent unauthorized access from remote
locations, not authorized use by an operator.
..... CIA Nov 89 I.8
Not (a) because the control group has this
responsibility.
Not (b) because these are specified in the
bac$up and recovery plan.
Answer (c) is correct. An important operating
control is to establish a library to preclude
misplacement or theft of storage media,
+, B-9+
All rights reserved
Powers CIA Review
programs, and documentation. A librarian
should perform this custodianship function and
be appropriately accountable. !he schedule of
data processing activity provides authorization
for release of files to operators and a
conse&uent transfer of accountability.
Not (d) because the control group has this
responsibility.
yyyy. CIA Nov 89 I.9
Not (a) because hash totals, document counts,
batch se&uence chec$s, and computer
matching test for completeness, not for
accuracy of data. !he term 6dependency
chec$6 is apparently not meaningful in this
conte%t. A matching chec$ compares a field
(e.g., a customer number) on the master file
with the matching field in a transaction record.
Not (b) because hash totals, document counts,
Not (c) because hash totals, document counts,
Answer (d) is correct. A limit or
reasonableness (range) chec$ tests whether
the value of a data field falls outside a
prescribed range. !he range may be stated in
terms of an upper limit, lower limit, or both. 'or
e%ample, a payroll record might be tested to
determine if the number of hours wor$ed
e%ceeds E0 per wee$. A chec$ digit (self-
chec$ing number) tests an identification
number by recomputing a chec$ digit in
accordance with an established algorithm. Hey
verification involves re$eying data (usually only
critical fields) and comparing the results with
the first $eying operation. +ence, all these
techni&ues control for data accuracy.
////. CIA Nov 89 I.+1
Not (a) because posting batch control totals is
a means of accounting for (recording) all
batches of transactions.
Not (b) because source documents are used
for input, not output.
Answer (c) is correct. 4ritical output data
should be physically isolated, e.g., in loc$ed
output bins. :oreover, the distribution of output
should be in accordance with distribution
registers that list designated users. !he data
control group should distribute output in a
prompt manner to these users, and the
distribution should be noted in the control log.
Not (d) because destruction is not helpful if the
company desires to retain the output.
All rights reserved
+, B-94
Powers CIA Review
aaaaa. CIA Nov 89 I.+7
Not (a) because the limited capacity of main
memory is not a ris$.
Not (b) because some personal computer
manufacturers provide operating systems that
can be used with any machine.
Not (c) because purchase procedures do not
relate to the use of personal computers.
Answer (d) is correct. Security problems are
intensified in a personal computer environment.
!he computers themselves are often small,
portable, and located in areas of ma%imum
accessibility. +ence, they are prone to theft,
damage, and unauthorized use. !hey tend to
use the main power supply, with the
conse&uent potential for loss of data and harm
to the e&uipment. A personal computer system
may also not provide for the elaborate
hardware and software controls found in larger
systems, and organizational control through
segregation of duties may not be feasible. 'or
e%ample, the same person may be able to
access data, modify programs, and operate the
e&uipment. 4onse&uently, security issues of all
$inds may arise when personal computers are
used, whether as stand-alones or as intelligent
terminals.
bbbbb. CIA May 90 I.1
Not (a) because redundant calculation is a
processing, not an input, control.
Not (b) because the input itself was valid, so
validity chec$ing would not have detected the
error.
Answer (c) is correct. 8%plicit chec$ing for
data values with error messages for un$nown
values would have detected the biwee$ly
employee pay re&uests and generated error
messages rather than erroneous chec$s.
Not (d) because chec$point-restart processing
permits the operator to restart a failed program
without repeating the entire process.
ccccc. CIA Nov 89 II.5
Not (a) because systems development controls
concern systems analysis, design, and
implementation.
Not (b) because hardware controls are
incorporated into the e&uipment.
Not (c) because applications controls pertain to
specific programs. !hey include input,
processing, and output controls.
Answer (d) is correct. <rganizational control
concerns the proper segregation of duties and
responsibilities within the information systems
department. 'or e%ample, programmers should
not have access to the e&uipment, and
operators should not have programming ability.
Although proper segregation is desirable,
functions that would be considered
incompatible if performed by a single individual
in a manual activity are often performed
through the use of an information systems
program or series of programs. !herefore,
compensating controls may be necessary, such
as library controls, effective supervision, and
rotation of personnel.
ddddd. CIA Nov 89 II.9
Not (a) because access controls perform this
function.
Not (b) because access controls perform this
function.
Not (c) because processing controls perform
this function.
+, B-95
All rights reserved
Powers CIA Review
Answer (d) is correct. #nput controls are
designed to provide reasonable assurance that
data received for information systems
processing have been properly authorized and
are in a form suitable for processing, i.e.,
complete, accurate, and valid. #nput controls
also include those that relate to reection,
correction, and resubmission of data that were
initially incorrect.
eeeee. CIA Nov 89 II.+0
Not (a) because an access control does not
affect the validity, accuracy, and completeness
of processing.
Answer (b) is correct. A suspense file
contains input records in which errors have
been detected. !he transaction file
incorporates transactions flagged during the
edit or master file updating run. !his file is run
against the suspense file so that the latter will
include the new erroneous items. A listing of
errors is printed out and corrections are made.
!he corrected transactions are then re-entered.
,hen the transaction file is ne%t run against the
suspense file, the corrected items are removed.
3econciling the suspense file items is
necessary to arrive at an accurate inventory
balance.
Not (c) because failing a reasonableness chec$
is but one basis for including an item in the
suspense file.
Not (d) because this control concerns whether
only timely data are processed.
""""". CIA Nov 90 I.+
Answer (a) is correct. <nline systems re&uire
physical controls over terminals and password
protection. !he latter is effected through the
operating system or security software. Actual
use of the system may re&uire a hierarchy of
passwords permitting only specified persons to
access the system or specified programs and
files. 'or e%ample, certain persons may have
read-only access to certain files, whereas other
parties may have updating authority.
Not (b) because sign-on se&uences do not
provide physical security.
Not (c) because conte%t-dependent security is
access control based on the content of a
se&uence of database in&uiries.
Not (d) because write-protection security is
provided by the absence of a write-enable ring
on tapes and the presence of a write-protect
tab on floppy dis$s.
All rights reserved
+, B-9!
Powers CIA Review
#####. CIA May 90 I.0
Answer (a) is correct. !his separation is an
organizational control. <rganizational controls
concern the proper segregation of duties and
department. Although proper segregation is
desirable, functions that would be considered
incompatible if performed by a single individual
in a manual activity are often performed
through the use of an information systems
program or series of programs. !hus,
rotation of personnel. Segregating test
programs ma$es concealment of unauthorized
changes in production programs more difficult.
Not (b) because physical security (e.g., climate
control and restrictions on physical access) is
another aspect of organizational control.
Not (c) because input controls validate the
completeness, accuracy, and appropriateness
of input.
Not (d) because concurrency controls manage
situations in which two or more programs
attempt to use a file or database at the same
time.
$$$$$. CIA Nov 89 II.++
Not (a) because a limit or reasonableness test
chec$s the values of data items against
established limits.
Not (b) because a limit or reasonableness test
chec$s the values of data items against
established limits.
Not (c) because a chec$ digit in a number is
determined by applying an algorithm to the
number. #f the number has been mis$eyed, the
digit generated will differ from the chec$ digit.
Answer (d) is correct. A record count is simply
a control total of the physical records
(documents) involved in the run. A hash total is
a control total generated by adding the values
found in a given field of each record in the
batch. !he total is a 6hash6 because the field
chosen contains an identification number or
other item that is otherwise not meaningful.
:issing transactions can be detected by either
control.
iiiii. CIA May 90 I.
Not (a) because chec$ digit processing and
master file loo$ups verify that employee
numbers are valid.
Not (b) because validity tests verify that only
authorized employees are paid.
Not (c) because hash totals are independent of
calculations of payroll amounts.
Answer (d) is correct. 4alculation of a hash
total is an input control. #t assures that all the
transactions that should have been applied to
the master file were processed once but only
once.
+, B-97
All rights reserved
Powers CIA Review
%%%%%. CIA May 90 II.0
Not (a) because memory protection prohibits
programs from accessing memory outside their
designated ranges.
Answer (b) is correct. 2arity chec$ing adds
the bits in a character or message and chec$s
the sum to determine if it is odd or even,
depending on whether the computer has odd or
even parity. !his chec$ verifies that all data
have been transferred without loss. 'or
e%ample, if the computer has even parity, a bit
will be added to a binary coded character or
message that contains an odd number of bits.
No bit is added if a character or message in
binary form has an even number of bits.
Not (c) because, for hardware, validity chec$ing
verifies that a machine-level instruction is a
valid instruction, for applications, validity
chec$ing verifies that transaction data is
complete, authorized, and reasonable.
Not (d) because range chec$ing verifies that
input data values are within pre-determined
ranges.
&&&&&. CIA Nov 90 I.++
Not (a) because agreement of a batch register
or total gives assurance that the batch totals
agree but does not identify the specific missing
or duplicate transactions.
Not (b) because agreement of a batch register
or total gives assurance that the batch totals
agree but does not identify the specific missing
or duplicate transactions.
Not (c) because batch se&uence chec$s
perform se&uence chec$s within single batches
only.
Answer (d) is correct. #n a cumulative
se&uence chec$, transaction table entries are
flagged by se&uence number when
transactions are processed so that a record is
created of the transactions processed. !his
record permits detection of attempted duplicate
transactions and missing transactions.
'''''. CIA Nov 90 I.+4
Not (a) because password security for access
to the system permits all departmental
employees access to all documents in the
system.
Not (b) because there are no floppy dis$s in
this system.
Not (c) because periodic server bac$up and
storage in a secure area is a good
security)bac$up procedure, but it would not
prevent access to sensitive documents online.
Answer (d) is correct. (ifferent passwords
may be re&uired to access the system, to read
certain files, and to perform certain other
functions. 3e&uired entry of passwords for
access to individual documents is the best
single control over unauthorized access to
sensitive documents in the system.
(((((. CIA Nov 90 I.+5
Answer (a) is correct. Source code written in
a higher-level language must be translated
(compiled) into machine language statements
that can be e%ecuted by the computer.
9pdating of e%ecutable program modules must
be controlled by re&uiring proper authorization
All rights reserved
+, B-98
Powers CIA Review
of changes in the source code. . <nly the
authorized source code should then be used
for updating the e%ecutable modules.
Not (b) because enforcing the use of separate
development and production libraries is good
practice, but it does not ensure that source
code and e%ecutable modules correspond.
Not (c) because re&uiring management
authorization for source code change ensures
that source code changes are authorized but
does not ensure correspondence between
source versions and e%ecutable forms.
Not (d) because installing access control
procedures ensures control of source code
libraries but does not ensure control over
access to e%ecutable libraries.
nnnnn. CIA Nov 90 I.+!
Not (a) because performing data matching of
transactions and master file records ensures
that the proper master file record is selected for
updating but does not ensure that the record is
actually updated.
Not (b) because a self-chec$ing number is a
control over the accuracy of data transmission.
Answer (c) is correct. A processing control
that reconciles counts of se&uence flags set
and records updated would detect situations in
which records were not updated.
Not (d) because this procedure permits
detection of duplicate updates but does not
ensure that updates occur.
ooooo. CIA Nov 90 II.+1
Not (a) because hardware controls have
nothing to do with correct programming of
operating system functions.
Answer (b) is correct. +ardware 4ontrols
such as parity chec$s, read-after-write chec$s,
and echo chec$s, are manufacturer-built-in
controls to detect and control errors that arise
from the use of automated e&uipment. !he
significance of hardware controls to internal
auditors is that they assure the correct
e%ecution of machine instructions representing
application systems. ,ithout hardware
controls, internal auditors would have no way of
$nowing whether hardware operated correctly.
Not (c) because input controls, rather than
hardware controls, reduce the incidence of user
input errors in online systems.
Not (d) because control totals, rather than
hardware controls, ensure that run-to-run totals
in application systems are consistent.
*****. CIA Nov 91 I.!
Not (a) because determining the competence
of information systems operating personnel is
not the maor purpose of the evaluation
Not (b) because due professional care should
be e%ercised in all audits.
Answer (c) is correct. #nternal auditors should
review the reliability and integrity of financial
and operating information and the means used
to identify, measure, classify, and report such
information. #nformation systems provide data
for decision-ma$ing, control, and compliance
with e%ternal re&uirements. !hus, internal
+, B-99
All rights reserved
Powers CIA Review
auditors should e%amine information systems
and, as appropriate, ascertain whether financial
and operating records and reports contain
accurate, reliable, timely, complete, and useful
information, and controls over record $eeping
and reporting are ade&uate and effective.
Not (d) because becoming familiar with the
company"s information system is a means to an
end.
,,,,,. CIA May 91 I.+!
Not (a) because programmed chec$s
determine the potential accuracy of input data
(e.g., a range chec$).
Not (b) because batch control is used to ensure
the completeness and accuracy of input and
updating.
Answer (c) is correct. Ceneral information
system controls include organizational controls,
such as a policy (an implementation control)
that re&uires new programs and changes in
programs (after ade&uate testing) to be
formally approved before being put into
operation (implemented). !his policy is
reflected in the maintenance of approval and
change sheets with appropriate authorizations.
Not (d) because one-for-one chec$ing is a
techni&ue used to chec$ individual documents
for accuracy and completeness of data input or
update.
rrrrr. CIA May 91 I.+8
Not (a) because $ey verification ensures the
accuracy of selected fields by re&uiring a
different individual to re-$ey them.
Not (b) because se&uence chec$s are used to
ensure the completeness of input or update
data by chec$ing the use of preassigned
document serial numbers.
Not (c) because computer matching entails
chec$ing selected fields on input data with
information held in a suspense or master file.
Answer (d) is correct. !o prevent
unauthorized access to computer files, lists of
authorized persons can be maintained in the
computer. !he entry of passwords or
identification numbers, a prearranged set of
personal &uestions, and the use of badges,
magnetic cards, or optically scanned cards
may be combined to avoid unauthorized
access. :oreover, a device authorization table
may restrict file access to those physical
devices that should logically need access even
when a valid password is used.
sssss. CIA May 91 I.+9
Not (a) because the system log is a file
showing details of all activity during processing
that can be used to investigate unusual activity,
such as hardware malfunctions, reruns, and
abnormal endings.
Answer (b) is correct. !he advent of cheaper,
smaller, and more powerful computers has
permitted the development of a somewhat
different alternative to centralization or
decentralization> distributed data processing. #n
a distributed data processing system, the
organization"s processing needs are e%amined
in their totality. !he decision is not whether an
application should be done centrally or locally,
but rather which parts of the application are
All rights reserved
+, B-100
Powers CIA Review
better performed by small local computers as
intelligent terminals, and which parts are better
performed at some other, possibly centralized,
site. #n essence, the best distribution of
processing tas$s within application areas is
sought. !he $ey distinction between
decentralized and distributed systems is the
interconnection among the nodes (sites) in the
latter $ind of networ$. !he capability to
continue processing at all sites e%cept a
nonfunctioning one is called fail-soft protection,
an advantage of distributed systems.
Not (c) because bac$up procedures are
intended to prevent the recovery process from
introducing any erroneous changes into the
system after computer failure.
Not (d) because data file security procedures
are intended to prevent unauthorized changes
to data files.
ttttt. CIA May 91 I.41
Answer (a) is correct. A computer matching of
fields, such as product code, supplier code,
and &uantity, assures agreement between
goods received and goods invoiced.
Not (b) because control totals do not identify
specific item-by-item differences.
Not (c) because batch totals only provide a
total value for a field and do not allow for
detailed matching.
Not (d) because chec$ digits only provide for
validation of predefined account numbers.
-----. CIA Nov 91 I.8
Not (a) because review of the use of restricted
utilities is an important control over the
activities of systems programmers, who have
access to utility programs that is denied to
others.
Not (b) because reviewing attempted accesses
is an important step in ensuring that access
control is effective.
Answer (c) is correct. 4hanges in the
computer system should be subect to strict
control procedures. 'or e%ample, a written
re&uest for an applications program change
should be made by a user department and
authorized by a designated manager or
committee. !he program should then be
redesigned using a wor$ing copy, not the
version currently in use. Also, the systems
documentation must be revised. !he user, the
internal auditor, and a systems employee who
was not involved in designing the change will
be testing changes in the program. Approval of
the documented change and the results of
testing should be given by a systems manager.
!he user may then accept the change and test
results.
Not (d) because maintenance of bac$up
master files is important in any system to
ensure data integrity.
vvvvv. CIA Nov 91 I.+0
Not (a) because, in this case, the batch totals
would have agreed, and the error would not
have been prevented.
Not (b) because, in this case, the batch totals
would have agreed, and the error would not
have been prevented.
Not (c) because in a batch se&uence chec$,
only specific ranges are chec$ed for duplicates
within the batch. !hus, a batch se&uence chec$
would not have prevented this error.
Answer (d) is correct. !esting for paid
invoices, which assumes that invoice records
are mar$ed paid as chec$s are produced,
+, B-101
All rights reserved
Powers CIA Review
would have detected the duplicate chec$
re&uests and thus prevented the second set of
chec$s from being produced.
wwwww. CIA Nov 91 I.+1
Not (a) because preassignment of
authorization times for ob e%ecution is
appropriate for production obs run on a fi%ed
schedule, but it would not have prevented this
unauthorized access.
Not (b) because periodic comparison of
production program e%ecution with authorized
production schedules would neither prevent
this unauthorized access nor detect it after the
fact.
Answer (c) is correct. 2rogrammers design,
write, test, and document the specific programs
re&uired by the system. !o prevent wrongdoing,
these functions should be segregated from
production activities. +ence, programmers
should have no access to production programs
and data or to the e&uipment used in
operations.
Not (d) because logging does not prevent the
copying of a program.
...... CIA Nov 91 I.9
Not (a) because the use of internal labels is
intended to prevent misidentification of
programs.
Not (b) because control totals are used to
assure that all transactions are processed.
Answer (c) is correct. @ibrary security controls
include the organization and operation of a
library to preclude misplacement, misuse, or
theft of storage media, programs, and
documentation. !he librarian should maintain
control over and accountability for these items.
Not (d) because maintaining a duplicate set of
programs insures against loss or destruction of
original programs.
yyyyy. CIA Nov 91 I.+4
Answer (a) is correct. Application controls
relate to specific tas$s performed by personnel
or programs. !heir function is to provide
reasonable assurance that the recording,
processing, and reporting of data are
performed properly. Application controls are of
three types> input, processing, and output. An
input control is designed to provide reasonable
assurance that data received for processing
have been properly authorized and converted
to machine-sensible form. Self-chec$ing digits
may be used to detect incorrect identification
numbers. !he digit is generated by applying an
algorithm to the #( number. (uring the input
process, the chec$ digit is recomputed by
applying the same algorithm to the code
actually entered.
Not (b) because a chec$ digit is an input
control, not a file management control.
Not (c) because a chec$ digit is an input
control, not an access control.
Not (d) because a chec$ digit is an input
control, not an output control.
/////. CIA May 9 I.+1
Not (a) because the review of obs processed
will disclose access but not prevent it.
Not (b) because comparison of production
programs and controlled copies will detect
changes but not prevent them.
Not (c) because periodic running of test data
will detect changes but not prevent them.
Answer (d) is correct. ,hen duties are
separated, users cannot obtain a detailed
$nowledge of programs, and those developing
or maintaining programs cannot gain
unsupervised access to production programs.
<rganizational control is achieved in part
through proper segregation of duties and
All rights reserved
+, B-10
Powers CIA Review
function. 'or e%ample, programmers should not
have access to the e&uipment, and operators
should not have programming ability. Although
proper segregation is desirable, functions that
would be considered incompatible if performed
by a single individual in a manual activity are
often performed through the use of a computer
program or series of programs. !hus,
rotation of personnel.
aaaaaa. CIA May 9 I.++
Not (a) because batch totals re&uire numerical
control.
Answer (b) is correct. 3eview of processing
results by users is an important output control.
<ne-for-one chec$ing of input documents
against a list of transactions processed is one
aspect of the comparison of output with data
input.
Not (c) because computer se&uence chec$s
re&uire that transactions be numbered.
Not (d) because computer matching is
performed under program control and not by
the user.
bbbbbb. CIA May 9 I.+4
Not (a) because, although user submission of
test data may detect invalid transactions and
failure to process valid transactions, this
techni&ue would not be used consistently.
Answer (b) is correct. An important detective
control is user review of output. 9sers should
be able to determine when output is incomplete
or not reasonable, particularly when the user
prepared the input. !hus, users as well as
information systems personnel have a &uality
assurance function.
Not (c) because controlled output distribution
will not prevent or detect incorrect output.
Not (d) because decollation of output is simply
the separation of output copies.
cccccc. CIA May 9 I.+5
Not (a) because applications programmers are
responsible for installing and customizing
software and usually perform their duties
outside the computer center. !hey should not
have access to output.
Answer (b) is correct. !he information
systems control group acts as liaison between
the users and the processing center. !his
group records input data in a control log,
follows the progress of processing, distributes
output, and establishes control totals. #t is also
responsible for following up error reports and
assuring that erroneous records are
reprocessed.
Not (c) because computer operators should not
have access to output.
Not (d) because review of output is performed
by the control section and not directly by the
data processing manager.
dddddd. CIA May 9 I.+!
Not (a) because supervisor-only authorization
for transfers between the ban$"s customers
would interfere with normal ban$ operations.
Not (b) because overnight balancing of all
accounts by the online teller system ensures
that all parts of all transactions are accounted
for but does not ensure that all transactions are
authorized.
Answer (c) is correct. 2eriodic e%amination of
accounts of employees with access to
automated teller functions may detect unusual
activity to and from employees" accounts.
Not (d) because re&uired vacations for
employees with access to teller functions might
e%pose a teller"s actions to others" scrutiny but
would not ensure detection, especially if the
teller remedied any overdrafts before going on
+, B-10+
All rights reserved
Powers CIA Review
vacation.
eeeeee. CIA May 9 I.+8
Answer (a) is correct. A logic error occurs in
the fundamental interrelationships among the
program"s instructions. !he spreadsheet logic
was flawed in that it failed to apply discounts to
all complementary product lines.
Not (b) because the error is independent of the
operation of hardware.
Not (c) because there was no misentry of
$eystro$es in spreadsheet cells.
Not (d) because cross footing is the
independent summing of rows and columns
and comparison of results. No cross footing
error occurred in the spreadsheet model.
"""""". CIA May 9 I.+9
Not (a) because, although trained systems
professionals are less li$ely to ma$e logic
errors, all significant spreadsheet models
should be independently reviewed.
Spreadsheet models are useful precisely
because they can be prepared by users.
Systems specialists may not be available to
develop all the spreadsheet models that
organizations need.
Answer (b) is correct. #ndependent audit and
testing of spreadsheet models by
$nowledgeable persons is the best approach
for validating model logic and thus the integrity
of a spreadsheet. (evelopment of new
programs or program changes should be
initiated by users and authorized by an
appropriate manager or committee. #f changes
are authorized, they should be made in a copy
of the program. 2rogrammers should not have
access to the programs used in actual
processing (production). !he user, the internal
auditor, and a systems employee independent
of the programmer should then test the
changes. !he documentation must be
amended to reflect the changes and the test
results, a manager in the systems department
should give formal approval, and the users
should ma$e a formal acceptance.
Not (c) because specifying cross footing for all
spreadsheet models would detect some
spreadsheet logic errors, but not all of them.
4ross footing would not have detected this
error.
Not (d) because enforcing documentation
standards for multi-use spreadsheet models is
a good practice for promoting correct use of
spreadsheet models used repetitively but is
unli$ely to detect logic errors li$e this one.
######. CIA Nov 9 I.++
Not (a) because installing a logging system for
program access would permit detection of
unauthorized access but not prevent it.
Not (b) because monitoring physical access to
program library media would control only
unauthorized physical access.
Answer (c) is correct. An important operating
control is to establish a library to preclude
misplacement, misuse, or theft of data files,
programs, and documentation. A librarian
should perform this custodianship function and
be appropriately accountable. 3estricting
physical and logical access secures programs
from unauthorized use, whether in person or
remotely via terminals.
Not (d) because denying all remote access via
terminals would li$ely be inefficient and would
not secure program libraries against physical
access.
All rights reserved
+, B-104
Powers CIA Review
$$$$$$. CIA May 9 III.7
Not (a) because use of an integrated test
facility (#!') is a techni&ue by which an auditor
selects transactions and processing functions
and applies the transactions to a fictitious entity
during a normal processing cycle along with
regular transactions. !his techni&ue cannot
determine whether the data themselves are
legitimate.
Not (b) because tracing follows the path of a
transaction during processing but is inade&uate
to determine whether a transaction is
legitimate.
Not (c) because transaction selection uses an
independent computer program to monitor and
select transactions for internal audit review.
@i$e tracing, it fails to determine whether a
transaction is legitimate. #t would be an
appropriate techni&ue to apply to transactions
suspected to be illegitimate.
Answer (d) is correct. An access log should
be used to record all attempts to use the
system. !he date and time, codes used, mode
of access, and data involved are recorded. !he
system should monitor unsuccessful attempts
because repeated attempts could suggest that
someone is trying random or patterned
character se&uences in order to identify a
password.
iiiiii. CIA Nov 9 I.+1
Not (a) because verifying that the account
number corresponds to an e%isting account in
the master file is a master file reference chec$.
Answer (b) is correct. A maor control used to
guard against errors made in transcribing or
$eying data is a chec$ digit. A chec$ digit is a
detective control designed to establish the
validity and appropriateness of numerical data
elements, such as account numbers. !he
chec$-digit within the code is a mathematical
function of the other digits. 3ecalculation of the
digit tests the accuracy of the other characters
in the code. 4hec$ digit verification prevents
single-digit errors from leading to erroneous
updates.
Not (c) because ensuring that supporting
documentation e%ists for update transactions is
a document reconciliation control.
Not (d) because re&uiring a field to have the
correct logical relationship with other fields is a
dependency chec$.
%%%%%%. CIA Nov 9 II.+1
Answer (a) is correct. An echo chec$ provides
a feedbac$ loop by transmitting data received
(by peripheral devices) bac$ to the source unit
+, B-105
All rights reserved
Powers CIA Review
(429) for validation with the original data. #t is
a hardware control.
Not (b) because a protection ring prevents
accidental writing on a tape file for mostly batch
systems. A real time system would not utilize
tape files.
Not (c) because hash totals are utilized to
control data sent to a batch system not a real-
time system.
Not (d) because integrated test facilities are
useful in testing real-time systems but cannot
be utilized to ensure completeness of data
transmissions.
&&&&&&. CIA Nov 9 I.+4
Not (a) because se&uence chec$ing provides a
reasonably good test for completeness of input
but does not test accuracy.
Answer (b) is correct. A batch total is an
application control. !his total controls the
movement and processing of data in groups.
!he batch total (a record count or financial
total) tests completeness and accuracy.
Not (c) because limit chec$s are useful to
determine whether an entry is within
acceptable limits only. Such limitation ma$es
the limit chec$ unusable to test the accuracy of
input.
Not (d) because a chec$ digit allows the
computer to automatically reect incorrect
entries. !he cumbersome computation re&uired
to establish the chec$ digit, however, tends to
limit its use to a few $ey entries. #t is never
used to test accuracy of input for an entire
wor$ing document.
''''''. CIA Nov 9 I.+5
Not (a) because increased capacity has led to
further proliferation of personal computers but
is not a ris$.
Not (b) because rapid changes or new versions
of software usually include enhanced features?
some changes may reflect e%posure but
change is not the maor e%posure.
Not (c) because rapid e%pansion in usage
tended to decrease centralization? moreover,
such centralization would not tend to represent
an e%posure.
Answer (d) is correct. ,idespread use of
personal computers means that more and often
less well-trained individuals are involved in
computing and that assuring the security of
data, programs, and hardware is increasingly
difficult. Accordingly, end-user processing with
personal computers potentially e%poses the
organization to loss or corruption of data,
unreliable processing, and alteration of
programs and data.
((((((. CIA Nov 9 I.+7
Not (a) because vendor payees were not
changed? the chec$ register would show that
the chec$s were issued to authorized vendors.
Not (b) because total dollars were not altered?
there is no out-of-balance condition.
All rights reserved
+, B-10!
Powers CIA Review
Answer (c) is correct. All application changes
must be documented and subect to testing and
approval. A program change control group is
responsible for determining that proper
procedures are carried out relative to
controlling programming changes. !his
includes assuring that written authorizations
are received for changes. !o avoid fraud and to
ensure compatibility with other programs,
programmers should not be able to ma$e
unauthorized changes.
Not (d) because the programmer did not need
access to the system given his)her access to
the program.
nnnnnn. CIA Nov 9 I.+
Not (a) because, although validation at sign-on
to the system will limit access, it will not
effectively prevent data from being removed
without permission.
Not (b) because data could be ta$en
electronically from the networ$ file server or the
mainframe.
Answer (c) is correct. (ata access control
software on the networ$ and mainframe will
limit access to the data to authorized users
only. 'or e%ample, this software may e%ecute
compatibility tests. 4ompatibility tests restrict
access to the computer system by determining
whether access by a given user (or device) is
compatible with the nature of the attempted
use. A series of passwords or identification
numbers may be re&uired to gain access to the
system, to e%amine data files, and to perform
processing using particular programs. !hus, a
cler$ might be authorized only to read the data
in a given file while using a specified terminal,
but his)her superior might be able to update the
file. 4ompatibility tests re&uire online storage of
authorization tables or matrices that specify the
access permitted to specified codes and
devices.
Not (d) because $ey loc$s will limit access to
the 24 and thus to the data, but they will not
effectively prevent data being removed without
permission.
oooooo. CIA Nov 9 III.++
Not (a) because an integrated test facility is an
audit approach to validating processing.
Answer (b) is correct. An operating system is
a set of programs routines used by the
processor to control the operations of the
computer and its peripheral e&uipment, such
as input-output devices and communications
channels. 'unctions performed by the
operating system include scheduling of
program e%ecution, debugging, input-output
control, compilation, storage assignment, data
management, and related services. #nitial login
to a system is a function of access control
software at the operating system level.
Not (c) because database subschema
authorizations control access to specific views
of fields in a database.
Not (d) because access to applications and
their data is a function of application level
software.
******. CIA May 9+ I.9
Not (a) because completeness tests are used
to ensure that the input has the prescribed
amount of data in all data fields.
Answer (b) is correct. Aalidity tests are used
to ensure that transactions contain valid
transaction codes, valid characters, and valid
field size. 4hec$ing obs for validity would
prevent assigning labour hours to inactive obs.
+, B-107
All rights reserved
Powers CIA Review
Not (c) because limit tests are used to
determine whether the data e%ceeds certain
predetermined limits.
Not (d) because control totals are used to
reconcile 8(2 input to the source document
totals.
,,,,,,. CIA May 9+ I.1
Not (a) because top management is charged
with the overall control of computer based
information systems. <perational control is
defined as residing in the users.
Not (b) because e%ternal auditing is an
independent appraisal function, whose
principle obective is the e%pression of an
opinion about an organization"s financial
statements.
Not (c) because internal auditing is an
independent appraisal function, whose
principle obective is to assist the organization
in the accomplishment of its obectives.
Answer (d) is correct. :odule / of the ##A"s
Systems Auditability and 4ontrol (SA4 ;II;)
report places the operational responsibility for
the accuracy and completeness of computer
based information systems on the users.
rrrrrr. CIA May 9+ I.5
Not (a) because ensuring that the database
design is relational facilitates the use of views,
but would not by itself prevent cler$s from
having read access to confidential information.
Answer (b) is correct. !he cler$ was able to
access the online system with his)her own
access code. 3estricting access to authorized
individuals would prevent the use of
unauthorized user numbers for unauthorized
access. !his could be achieved by maintaining
a list of the authorized people to access the
system in the computer)server including a
device authorization table. #n addition,
passwords, access codes, the use of badges
and magnetic cards may be combined to avoid
unauthorized access to the information
systems files.
Not (c) because re&uiring before and after
images of transactions is a good
bac$up)recovery practice but would not prevent
unauthorized read access.
Not (d) because reconciling monetary totals for
input sessions helps maintain data integrity but
would not prevent unauthorized read access.
All rights reserved
+, B-108
Powers CIA Review
ssssss. CIA May 9+ I.+0
Not (a) because controlled disposal of
documents is not limited to computer files.
Answer (b) is correct. 8ncryption is a typical
security measure. A program encodes data so
that it is more difficult for an intruder to
understand or use the data. Also, fre&uent
changing of passwords limits unauthorized
access to files.
Not (c) because $ey integrity chec$s are not
access controls. Hey integrity chec$s prevent
the updating process from creating
inaccuracies in $eys.
Not (d) because $ey integrity chec$s are not
access controls. Hey integrity chec$s prevent
the updating process from creating
inaccuracies in $eys.
tttttt. CIA May 9+ I.4
Not (a) because a 6hot site6 has all needed
assets in place and is not vendor dependent.
Answer (b) is correct. <rganizations should
maintain contingency plans for operations e.g.>
plans for off-site storage of important bac$up
data and a plan for the continuation of
operations at another location in the case of a
disaster. A 6cold site6 has all needed assets in
place e%cept the needed computer e&uipment
and is vendor dependent for timely delivery of
e&uipment.
Not (c) because a 6cold and hot site6
combination allows the 6hot site6 to be used
until the 6cold site6 is prepared and is thus not
too vendor dependent6.
Not (d) because e%cess capacity would ensure
that needed assets are available and would not
be vendor dependent.
------. CIA May 9+ II.+
Not (a) because, although there is a migration
of control of this type away from applications to
other software, the large bul$ of these controls
still reside in application software.
Answer (b) is correct. 9tility programs
perform functions such as sorting and copying.
!hose programs are available to all users and
in many applications, which ma$es them one of
the more serious 6holes6 in data access
security since some of them can actually
bypass normal access controls.
Not (c) because access control software has as
one of its primary obectives improving data
access security for all data on the system.
Not (d) because most data base management
systems provide for improved data access
security while they are running.
vvvvvv.CIA May 9+ II.4
Answer (a) is correct. 2rocessing controls
provide reasonable assurance that processing
has been performed as intended for the
particular application, i.e., that all transactions
are processed as authorized, that no
authorized transactions are omitted, and that
no unauthorized transactions are added.
Not (b) because proof calculations mitigate the
ris$ of transmission errors.
Not (c) because restart and recovery controls
mitigate the ris$ of lost transactions when
processing is interrupted.
Not (d) because programmed cutoff controls
prevent an improper cutoff and mitigate the ris$
of transactions being recorded in the wrong
period.
+, B-109
All rights reserved
Powers CIA Review
wwwwww. CIA May 9+ I.+
Answer (a) is correct. 4hec$ digit verification
is an e%ample of an input control. #nput controls
are application controls designed to provide
reasonable assurance that data received for
processing have been properly authorized
(approved by management) and converted to
machine-readable form (verified and edited as
to validity and completeness). !he
completeness of the input process can be
determined by accumulating and comparing
appropriate control totals (controls to chec$ if
data were lost in transmission).
Not (b) because chec$ digit verification is not a
file management control. #nternal label chec$ is
an e%ample of a file management control.
Not (c) because chec$ digit verification is not
an access control. 2assword is an e%ample of
access control.
Not (d) because chec$ digit verification is not
an output control. 3eport balancing is an
e%ample of an output control.
....... CIA May 9+ II.8
Not (a) because lac$ of enforcement of
program change procedures is irrelevant to this
impropriety.
Not (b) because lac$ of a password is irrelevant
to this impropriety.
Not (c) because lac$ of appropriate ownership
is irrelevant to this impropriety.
Answer (d) is correct. #ndividuals should have
only the access privileges re&uired for their ob
functions. 2roduction employees typically do
not need access to pricing information. Access
controls, such as passwords, #( numbers,
access logs, and device authorization tables,
prevent unauthorized use of data files. !hey
ensure that only persons with a bona fide
purpose and authorization have access to
databases.
yyyyyy. CIA May 9+ II.41
Answer (a) is correct. !he primary reason for
organizations to develop contingency plans for
their 8(2 operations is to ensure that they will
be able to properly process vital transactions
in the event of any type of disaster. !he
continuity of operations depends on these vital
transactions. 'ast and efficient application of
the contingency plan is also a crucial factor in
such a case.
Not (b) because it is not the best answer. !his
is a secondary reason.
Not (c) because it is not the best answer. !his
is a secondary reason.
Not (d) because it is not the best answer?
sources of capital are seldom included.
//////. CIA May 9+ III.+5
Not (a) because ensuring compatibility of
information systems with organizational
obectives will not ensure ade&uate security
and recovery controls in end-user developed
systems.
Answer (b) is correct. !he technology trend of
increasing end-user development of systems
has the ris$ of lac$ of necessary security and
recovery controls. !his can be mitigated by
management oversight to ensure ade&uate
procedures.
Not (c) because validation of the $nowledge
base will not ensure ade&uate security and
recovery controls in end-user developed
systems.
Not (d) because testing of controls in
development and production will not ensure
ade&uate security and recovery controls in end-
user developed systems.
All rights reserved
+, B-110
Powers CIA Review
aaaaaaa. CIA May 9+ II.5
Not (a) because restart and recovery controls
mitigate the ris$ of lost transactions when
processing is interrupted.
Not (b) because cycle processing controls
mitigate the ris$ of missing or improper
transactions.
Answer (c) is correct. 2rogrammed balancing
controls ensure the accuracy and
completeness of file updating by verifying
consistency of opening and closing balances
and thus ensuring that the right file is
processed.
Not (d) because programmed cutoff controls
prevent an improper cutoff and mitigate the ris$
of transactions being recorded in the wrong
period.
bbbbbbb. CIA May 9+ III.4+
Answer (a) is correct. 2reventive controls are
controls designed to prevent errors from
occurring. !he error in this case is
overspending the budget. !he control
prevented this from occurring.
Not (b) because detection occurs after-the-fact.
An error is detected after it happens.
Not (c) because correction fi%es the error and
comes after the error is detected (after-the-
fact).
Not (d) because relates to automated detection
of error conditions and attempts by the
software (usually vendor software such as a
database) to recover from an error condition.
ccccccc. CIA May 9+ III.41
Not (a) because systematic and rigorous
testing of programmed controls does not
reduce the ris$ of misplaced reliance on
management oversight since the supervision of
management is an essential element of every
control structure in an organization.
Not (b) because proliferation of $nowledge-
based systems increases the ris$ of inade&uate
$nowledge bases.
Not (c) because closer lin$age between
organizational strategy and information is a
strength, not a wea$ness.
Answer (d) is correct. Systematic and
rigorous testing of programmed controls
reduces the ris$ of misplaced reliance on
automated controls. :ore pervasive use of
automated controls increases the need for
testing those controls in their development,
implementation and functioning since there are
fewer compensating manual controls.
ddddddd. CIA May 9+ III.54
Not (a) because system development
standards for the organization are an element
of management control, they are not part of a
disaster recovery plan.
Not (b) because the history of modifications to
the operating system is an element of
management control through documentation, it
is not part of the disaster recovery plan.
Not (c) because the applications planned for
new development are part of management
planning and control, they are not part of a
disaster recovery plan.
Answer (d) is correct. An essential element of
a disaster recovery plan is a statement of the
responsibilities of each organizational unit.
+, B-111
All rights reserved
Powers CIA Review
eeeeeee. CIA May 9+ III.5!
Answer (a) is correct. 2assword control
systems are used to prevent unauthorized
access to system program and data files.
Not (b) because physical loc$s and other such
devices are used to prevent unauthorized
physical availability of remote terminals.
Not (c) because organizational controls for
security and protection are necessary to
prevent physical destruction of system program
and data files.
Not (d) because organizational controls for
security and protection are necessary to
prevent physical destruction of remote
terminals.
""""""". CIA May 9+ III.58
Not (a) because policy dissemination is too
vague a response in this case.
Not (b) because training cannot cover all
contingencies.
Not (c) because the customer did not wish to
effect a change
Answer (d) is correct. @imiting access to the
database to authorized users only will prevent
inaccurate file changes by unauthorized users,
such as an accounts receivable cler$.
#######. CIA May 9+ III.49
Answer (a) is correct. A dependency chec$
would test whether the data elements for a loan
application are logically consistent.
Not (b) because a reasonableness chec$ tests
whether the data contents entered fall within
predetermined limits.
Not (c) because a format chec$ ensures that all
re&uired data are present in the prescribed
form.
Not (d) because an e%istence chec$ tests
whether the entered data codes are valid codes
held on the file or in the program.
$$$$$$$. CIA May 9+ III.!1
Not (a) because both types of data are
sensitive and need protection
Not (b) because it would not identify the user.
Answer (c) is correct. Access limited to users
with valid passwords to prevent unauthorized
access to data files and programs.
Not (d) because use of separate passwords for
customer data and product data is e%cessive
and burdensome.
All rights reserved
+, B-11
Powers CIA Review
iiiiiii. CIA Nov 9+ I.5
Answer (a) is correct. 4ode comparison is the
process of comparing two versions of the same
program to determine whether the two
correspond. #t is an efficient techni&ue because
it is performed by software.
Not (b) because code review is the process of
reading program source code listings to
determine whether the code contains potential
errors or inefficient statements. 4ode review
can be used as a means of code comparison
but is inefficient.
Not (c) because test data runs permit the
auditor to verify the processing of preselected
transactions. #t gives no evidence about
une%ercised portions of the program.
Not (d) because analytical review is the
process of creating and evaluating ratios
between numbers, often in the conte%t of
financial statements.
%%%%%%%. CIA Nov 9+ I.7
Not (a) because an e%istence chec$ is a test of
accuracy.
Answer (b) is correct. Application controls
relate to specific tas$s performed by personnel
or programs. #nput controls are application
controls designed to provide reasonable
assurance that data received for processing
have been properly authorized and converted
to machine-readable form. !he completeness
of the input process can be determined by
accumulating and comparing appropriate
control totals.
Not (c) because a limit chec$ is a test of
accuracy which determines whether a data
value falls within certain limits.
Not (d) because a reasonableness chec$ is
based on limits for given information.
&&&&&&&. CIA Nov 9+ I.8
Not (a) because individuals e%ternal to the
organization may need to have limited access
privileges to participate in inter-organization
information systems, e.g., electronic data
interchange.
Not (b) because a wee$ly cycle may be too
long to wait to cancel privileges for employees
with changed ob responsibilities or for
terminated employees.
Answer (c) is correct. 2roper addition)deletion
of authorizations includes prompt activation of
access privileges after they are authorized. !oo
much delay may tempt users to bypass access
control procedures.
Not (d) because security officers, not systems
programmers, are responsible for maintaining
records of access changes.
'''''''. CIA Nov 9+ I.9
Not (a) because having customers specify the
name for each item they order would let the
company correct erroneous order codes once
they had been detected, but would not, in
general, detect erroneous codes.
Answer (b) is correct. Self-chec$ing digits
may be used to detect incorrect codes. By
applying an algorithm to the code, the digit is
generated. (uring the input process, the chec$
digit is recomputed by applying the same
algorithm to the code actually entered.
Not (c) because separating the parts of the
order code with hyphens would ma$e the
characters easier to read, but would not cure
the problem of transposed characters.
Not (d) because using a master file reference
for all order codes would verify the e%istence of
items, but would not detect erroneous order
codes in which transposed characters in an
order code match other items.
+, B-11+
All rights reserved
Powers CIA Review
(((((((. CIA Nov 9+ I.+0
Not (a) because moving the program code that
computes sales ta%es to a single program is a
good system design approach, but it does not
guarantee that sales ta% processing is
complete.
Not (b) because changing the operator input
screens does not ensure correct application of
sales ta%es. !he operator may not $now what
the appropriate computation is.
Not (c) because customers may not $now the
proper rates or may deny that their areas
impose the ta%es.
Answer (d) is correct. Sales ta%es vary from
one urisdiction to another. +ence, the program
must include a code that sorts orders by area.
Aerification of the accuracy of the ta% charges
can then be obtained by calculating the total
ta%es for each area in two ways> applying the
ta% rate to the aggregate sales and summing
the ta%es charged on individual sales.
nnnnnnn. CIA May 9+ III.!
Not (a) because a firm can control the
application ris$s resulting from bad system
design and implementation. #t is a class of ris$
and is very pertinent to an 894 application.
Not (b) because a firm can control
environmental ris$s such as interfaces of an
894 system and people with others. #t is a
class of ris$ and is very pertinent to an 894
application.
Not (c) because a firm can control the ris$s
inherent in the application"s software and
hardware combination. !he company*s
technical support staff and)or computer vendor
support staff can resolve problems resulting
from these ris$s. #t is a class of ris$ and is very
pertinent to an 894 application.
Answer (d) is correct. A single firm cannot
control the technological obsolescence ris$s
resulting from advancements in computer
hardware and software.
ooooooo. CIA Nov 9+ I.+1
Not (a) because placing output in bins does not
ensure that unauthorized persons are denied
access.
Not (b) because output loaded in a file is
available to anyone with access to the file.
Answer (c) is correct. An independent data
control group should receive user input, log it,
transfer it to the computer center, monitor
processing, review error messages, compare
control totals, log and distribute output, and
determine whether error corrections have been
made. !his group is therefore responsible for
maintaining lists of authorized recipients in a
distribution log and holding the output in a
secure area until it is pic$ed up.
Not (d) because ma$ing printouts available at
specified times does not control access.
All rights reserved
+, B-114
Powers CIA Review
*******. CIA Nov 9+ I.+
Not (a) because the practice of not retaining
daily transaction data is unsound in that the
ban$ loses a day"s transactions for each
bac$up that is unreadable.
Answer (b) is correct. Bac$ups should always
be made to ensure that any lost information
can be restored. +owever, not retaining each
day"s transaction files is ris$y because
information received since the last bac$up file
was created will be lost.
Not (c) because the practice of not retaining
daily transaction data certainly minimizes
comple%ity but at the e%pense of losing
transaction data if the online file must be
restored from the bac$up.
Not (d) because chec$point)restart information
is not needed. !he bac$ups are created after
all processing is finished for the day.
,,,,,,,. CIA Nov 9+ I.+4
Answer (a) is correct. Aalidation of the model
can be accomplished using historical data if
circumstances have not changed. #f they have,
the results produced by varying the input
should be evaluated to determine that they are
consistent with what is $nown about the
behavior of ta% revenue given various
economic conditions, changes in ta% law, etc.
Not (b) because there is no forecast techni&ue
that would always forecast all the different
$inds of revenue this precisely? the overall
behavior of the model is more important than
the forecasting of individual revenue
components.
Not (c) because there is no reason to believe
that the programs used for this year"s forecast
should be identical to those used in the
previous year, given continually evolving
circumstances.
Not (d) because there is no reason to re&uire
that the model predict the previous year"s
actual revenue. 8conomic conditions and ta%
laws change.
+, B-115
All rights reserved
Powers CIA Review
rrrrrrr. CIA Nov 9+ I.+7
Answer (a) is correct. System development
procedures and controls that are well
established in the centralized information
systems environment do not e%ist in user
departments. 8nd-user computing may result in
elimination of the function of the systems
analyst, omission of documentation,
inade&uate consideration of control
procedures, poor integration with e%isting
systems, etc.
Not (b) because this is a principle motivation for
developing end-user systems.
Not (c) because end-user systems can be
developed to serve departmental needs without
understanding mainframe architecture.
Not (d) because the inability to accommodate
computer-assisted auditing techni&ues is not a
control wea$ness.
sssssss. CIA Nov 9+ II.5
Answer (a) is correct. (uring each program
run in a series, the computer accumulates the
totals of transactions that have been
processed. !he run-to-run chec$ reconciles
them with the totals forwarded from the
previous program run. 3un-to-run totals thus
ensure completeness of update.
Not (b) because computer matching compares
transaction data with referenced fields or
records.
Not (c) because computer se&uence chec$s
identify changes or brea$s in a numerical
se&uence.
Not (d) because one-for-one chec$ing usually
re&uires manual comparisons of input data
elements with processing results.
ttttttt. CIA Nov 9+ I.+5
Answer (a) is correct. A (B:S is an
integrated set of computer programs that
create the database, maintain the elements,
safeguard the data from loss or destruction,
and ma$e the data available to application
programs and in&uiries. Because the (B:S
handles data retrieval and storage, applications
programs need not specify data locations but
can simply as$ for data by name. !he results
are data independence and avoidance of data
redundancy. (ata ournaling procedures
re&uire ma$ing appropriate copies of any
changes to a database to enable recovery from
database failures.
Not (b) because edit and validation are controls
over data integrity.
Not (c) because data ownership and
accountability policies identify who $nows how
data are to be used and who is responsible for
determining levels of control over access to
data.
Not (d) because data integrity procedures test
input of data, not recovery of data.
-------. CIA Nov 9+ II.9
Answer (a) is correct. An online in&uiry
capability permits the order-ta$er to retrieve the
J#2 code from a master file of J#2 codes. !he
operator can then verify the state abbreviation
while tal$ing with the customer.
Not (b) because loo$ing up the state
abbreviation is insufficient to permit the
operator to verify the J#2 code. 8ach state has
more than one J#2 code.
Not (c) because permitting operators to enter
the J#2 code only ma$es it impossible to detect
incorrect J#2 codes.
Not (d) because, in general, it is not feasible to
determine J#2 codes from street, city, and state
addresses that can be entered in multiple
ways.
All rights reserved
+, B-11!
Powers CIA Review
vvvvvvv. CIA Nov 9+ II.+
Not (a) because analyzing ob activity with a
&ueuing model to determine wor$load
characteristics gives information about
resource usage but does not verify that the
system actually functioned as intended.
Not (b) because a simulation helps
management characterize the wor$load but
does not verify that the system actually
functioned as intended.
Not (c) because using library management
software to trac$ changes to successive
versions of application programs permits
control of production and test versions but does
not verify that the system actually functioned as
intended.
Answer (d) is correct. Kob accounting data
analysis permits programmatic e%amination of
ob initiation and termination, record counts,
and processing times. Auditing ob accounting
data for file accesses and ob
initiation)termination messages will reveal
whether the right data files were
loaded)dismounted at the right times and the
right programs were initiated)terminated at the
right times.
wwwwwww. CIA Nov 9+ II.+4
Not (a) because protecting all cells e%cept
those specifically intended for data entry
guards against data entry mista$es, but it does
not ensure that model calculations are correct.
Not (b) because inspecting the documentation
provides evidence on how usable and
maintainable the model is but does not ensure
that model calculations are correct.
Answer (c) is correct. 2erforming sensitivity
analysis, i.e., varying input values and
determining whether the output varies
accordingly, on the maor output results gives
assurance that calculations are performed
correctly.
Not (d) because mapping the spreadsheet
model with spreadsheet analysis software
provides output useful for documenting the
structure and surface consistency of the model
but does not ensure that model calculations are
correct.
+, B-117
All rights reserved
Powers CIA Review
........ CIA Nov 9+ III.!
Answer (d) is correct. As e%plained below>
;. 4orrect - :icrocomputer users may be
unaware of the need to ma$e fre&uent file
bac$-ups.
/. #ncorrect - 3educed application
development costs are one of the benefits
of microcomputers.
7. #ncorrect - Batch update is a characteristic
of mainframes.
1. 4orrect - :icrocomputer software
pac$ages typically do not have appropriate
access control capabilities.
E. 4orrect - :a$ing unauthorized copies of
software is fairly easy and sometimes may
be an informally accepted method of
reducing software costs for microcomputer
systems.
Answers (a, b, and c) are incorrect. (ue to
answer (d).
yyyyyyy. CIA Nov 9+ III.+0
Not (a) because restricting access on the basis
of the type of resource would not permit
selective access based on values in a record.
Not (b) because restricting access on the basis
of statistical summaries would not be helpful in
preparing bids.
Not (c) because restricting access on the basis
of the age of the stored records would not
enable the selective access the company
wants because some needed data would be
new and some would be old.
Answer (d) is correct. 3estricting access on
the basis of data values within a record, e.g.,
bid identity, would enable the selective access
the company wants.
///////. CIA Nov 94 I.4
Not (a) because data ownership standards are
a direct departmental-level responsibility.
Answer (b) is correct. #n an end-user
computing environment, an individual user is
directly responsible for bac$up and recovery of
data and for physical security.
Not (c) because most end users do not have
the $nowledge to read technical manuals.
Not (d) because the end user has custody of
e&uipment but should not be responsible for
the inventory of e&uipment.
aaaaaaaa. CIA Nov 94 I.8
Not (a) because discussing the password
removal process does not determine whether
e%-employees are still using or are able to use
their passwords to access the databases.
Not (b) because the computer logs should be
compared with current payroll lists.
Answer (c) is correct. !o determine if e%-
employees are accessing the company"s
automated database, the auditor should obtain
the log showing database accesses. !his log
should be compared with current payroll lists to
see if anyone not on the payroll is still
accessing or is able to access the databases.
Not (d) because reviewing the access control
software does not indicate whether e%-
employees can access or are accessing the
databases.
All rights reserved
+, B-118
Powers CIA Review
bbbbbbbb. CIA Nov 9+ III.55
Answer (a) is correct. 3estricting updating to
one position would protect the libraries from
unauthorized updating, and permitting all #S
employees read access to source code would
let them continue to obtain the efficiencies of
being able to read others" code.
Not (b) because permitting updating for
everyone is the current situation, which is ris$y?
restricting read access to source code to one
position creates more inefficiency than e%isted
before.
Not (c) because restricting updating and read
access to one position protects the libraries but
creates the inefficiency of no others being able
to read the source code.
Not (d) because permitting updating and read
access for everyone in the information systems
department is the current situation, which
created the ris$.
cccccccc. CIA Nov 9+ III.75
Answer (a) is correct. A software agreement
usually allows one bac$up copy to be made.
#nstalling the software on multiple computers
and ma$ing additional copies are copyright
violations.
Not (b) because installing the spreadsheet
software on a multi-user networ$ would ma$e it
available to multiple users.
Not (c) because not all vendors allow use on
different machines.
Not (d) because some agreements re&uire
relicensing when a machine change occurs.
dddddddd. CIA May 95 I.7
Not (a) because oral verification also would
address the problem.
Not (b) because assigning a se&uential number
to the customer"s order helps build an audit trail
but does not address the product identification
issue.
Answer (c) is correct. A self-chec$ing digit
detects incorrect codes. Applying an algorithm
to the code generates the digit. (uring input,
the digit is recomputed by applying the
algorithm to the code actually entered. <ral
verification also addresses the problem of
incorrectly identifying the product number.
Not (d) because assigning a se&uential number
to the customer"s order helps build an audit trail
but does not address the product identification
issue.
eeeeeeee. CIA Nov 94 I.7
Not (a) because the built-in access controls
should be retained until replaced with a more
comprehensive and cost-effective system.
Answer (b) is correct. Access control software
provides comprehensive and coordinated
security. #t permits authorized users to gain
access only for purposes of performing their
assigned duties and restricts employees from
performing incompatible functions. A
comprehensive system is more cost-effective
than programming access controls into each
application.
Not (c) because utility software does not
usually perform security functions.
Not (d) because a comprehensive system is
more cost-effective than programming access
controls into each application.
+, B-119
All rights reserved
Powers CIA Review
"""""""". CIA Nov 94 I.+7
Not (a) because the ac&uisition of hardware
and software is an organizational- and
departmental-level responsibility.
Not (b) because ta$ing e&uipment inventories
is an organizational-level responsibility.
Not (c) because strategic planning is an
organizational- and departmental-level
responsibility.
Answer (d) is correct. 8nd-user computing
involves user-created or - ac&uired systems
that are maintained and operated outside of
traditional information systems controls. #n this
environment, an individual user is ordinarily
responsible for the physical security of the
e&uipment he or she uses.
########. CIA Nov 94 I.+9
Not (a) because bac$up)restart procedures are
relevant to abnormal interruptions of
processing. !hey do not cause bottlenec$s.
Answer (b) is correct. Scheduling obs to
optimize computer resources is essential. 2oor
scheduling can result in bottlenec$s at pea$
hours and inade&uate usage at other times.
!he results are increased costs and inefficient
operation.
Not (c) because console logs provide
indications of problems and are not the cause
of bottlenec$s.
Not (d) because program documentation does
not show why the bottlenec$s are occurring.
$$$$$$$$. CIA Nov 95 I.+
Not (a) because effective control re&uires that
programmers not be able to ma$e undetected,
unrecorded changes in data or programs.
!hus, programmers should not have access to
the production library.
Not (b) because programmers should be
responsible for ma$ing program changes, and
users should be responsible for testing the
changes. +ence, users should not have access
to the test library. Accountability for changes
would be diminished. :oreover, users may lac$
the competence to ma$e appropriate changes.
Answer (c) is correct. !he program librarian is
accountable for, and has custody of, the
programs in the production library.
Not (d) because, if the operator has access to
both program libraries, he or she may be able
to ma$e unauthorized and undetected changes
to the computer programs.
iiiiiiii. CIA Nov 94 I.+8
Not (a) because copyright violations are
common ris$s in a stand-alone personal
All rights reserved
+, B-10
Powers CIA Review
computer environment.
Not (b) because unauthorized access is a
common ris$ in a stand-alone microcomputer
environment.
Not (c) because lac$ of data availability is a
common ris$ in a stand-alone microcomputer
environment.
Answer (d) is correct. 8nvironmental control
ris$s more li$ely in a stand-alone
microcomputer environment include copyright
violations that occur when unauthorized copies
of software are made or software is installed on
multiple computers. Access to application
programs and related data by unauthorized
persons is another concern because of lac$ of
physical access controls, application-level
controls, and other controls found in mainframe
environments. :oreover, a stand-alone
personal computer environment may be
characterized by inade&uate bac$up, recovery,
and contingency planning that may result in an
inability to re-create the system or its data.
%%%%%%%%. CIA Nov 95 I.++
Not (a) because self-chec$ing digits detect
incorrect product identification numbers.
Not (b) because verbally verifying the product
and the price helps to ensure that the system
captures the transaction accurately.
Answer (c) is correct. Batch totals are useful
for ensuring that orders are not lost once they
have been captured. !hey do not ensure that
orders are recorded correctly or that shipments
are accurately priced.
Not (d) because the ability to ma$e price
changes should be tightly restricted.
&&&&&&&&. CIA May 95 I.+
Not (a) because generating price tags based
on the electronic receiving reports is
appropriate, given that one purchase order may
generate more than one shipment. !he correct
number received should be properly recorded,
and this reconciliation accomplishes that tas$.
Not (b) because prenumbered receiving
documents are not necessary given that they
are replaced by a re&uired reference to the
purchase order.
Answer (c) is correct. Coods should be
inspected in the receiving department for
&uantity and &uality at the time of receipt, and
receiving information should be documented at
that time.
Not (d) because not all of the answers are
incorrect.
''''''''. CIA May 95 I.+4
Answer (a) is correct. As organizations move
to 8(# and other forms of automated
processing, a comprehensive data access and
security program becomes crucial. Access to
hardware, software, and data files should be
restricted to authorized persons, activities, and
devices.
Not (b) because program changes should
always be reviewed and tested by the user.
!he changes should be implemented only by
the program librarian, not the programmer.
Not (c) because initiation of changes in the
vendor database by the purchasing agent
would allow the purchasing agent to establish
fictitious vendors.
Not (d) because the receiving department
needs access to purchase order information to
determine whether a shipment of goods ought
to be received.
((((((((. CIA Nov 94 I.4+
Not (a) because input validation for
transactions is available in both environments.
Answer (b) is correct. #n general, mainframe
software and procedures for installing
programs and maintaining change histories
ensure centralized control. #n an end-user
environment, individual users are held
+, B-11
All rights reserved
Powers CIA Review
accountable for ensuring that changes follow
established procedures. (ecentralizing this
responsibility may result in inade&uate software
and hardware facilities.
Not (c) because encryption of sensitive data is
available in both environments.
Not (d) because software for relational
database &ueries is available in both
environments.
nnnnnnnn. CIA Nov 95 I.8
Answer (a) is correct. Access should be
limited to those whose activities necessitate
access to the computer system. :oreover, the
degree of access allowed should be consistent
with an individual"s responsibilities. 3estricting
access to particular individuals rather than
groups or departments clearly establishes
specific accountability. Not everyone in a group
will need access or the same degree of access.
!hus, passwords assigned to individuals
should be re&uired for identification of users by
the system. 'urthermore, data should be
restricted at the field level, not the wor$station
level. #t may be possible to limit access to a
wor$station, but most wor$stations are
connected to larger mainframe databases.
!hus, the security at the wor$station level only
would be insufficient.
Not (b) because access should be restricted to
particular individuals on a need-to-$now basis,
data should be restricted at the field level, and
use should be limited to necessary functions
performed by the accountable individual.
Not (c) because access should be restricted to
Not (d) because access should be restricted to
oooooooo. CIA Nov 95 I.+!
Not (a) because users often choose passwords
that are easily guessed.
Not (b) because a program to test passwords is
useful but less effective than see-through
authentication.
Answer (c) is correct. See-through
authentication techni&ues, such as the one
described, re&uire the user to have two of the
three important elements to authenticate
oneself to the system, i.e., a possession (the
card used to generate the password),
$nowledge (the new password), or a personal
All rights reserved
+, B-1
Powers CIA Review
characteristic (e.g., fingerprints).
Not (d) because limiting access to times and a
location is helpful in certain environments but
not when the system allows dial-up access.
********. CIA May 9! I.10
Answer (a) is correct. 4omparing variances
and the related documentation is the only test
that samples from the appropriate population
(proect variances) and verifies that needed
approvals and e%planations were given and
documented.
Not (b) because recomputing variances is not
relevant to whether variances were e%plained
and approved.
Not (c) because the direction of testing should
be from the variances to both e%planations and
approvals. !esting e%planations by tracing to
subse&uent approvals and proect reports does
not determine whether some variances were
not e%plained.
Not (d) because the direction of testing should
be from the variances to both e%planations and
approvals. !esting e%planations by tracing to
subse&uent approvals and proect reports does
not determine whether some variances were
not e%plained.
,,,,,,,,. CIA Nov 95 I.+7
Not (a) because physical access to the @AN is
relevant. 3is$ e%posures e%ist if the
components are not physically protected.
Not (b) because data access security is within
the audit scope.
Not (c) because interviews with users are often
effective in identifying potential security
breaches or other problems that should be
addressed.
Answer (d) is correct. !he level of computer
security at other @ANs in the company may be
interesting for comparative purposes, but it has
no effect on the security at this location or the
scope of the e%amination needed.
rrrrrrrr. CIA May 9! I.9
Not (a) because reviewing K4@ and report end-
of-ob indicators concern processing, not output
distribution.
Not (b) because verifying that a correct
transaction file was used concerns input, not
output.
Answer (c) is correct. Someone on the
approved distribution list should sign for reports
upon delivery. !his procedure is the only one of
those listed that will provide information about
access to reports.
Not (d) because review of end-of-ob indicators
would not provide information on report access.
ssssssss. CIA May 9! I.11
Not (a) because error listings relate to
application controls.
Not (b) because record counts relate to
Answer (c) is correct. Ceneral controls are
pervasive because they apply to most
applications and facilities. 'or e%ample, proper
segregation of duties, systems development
methods, access and other security controls,
administrative controls, and disaster-recovery
planning are e%amples. 3eviewing the fire
suppression capabilities located at the
production facility is a test of the disaster-
recovery plan. 3eviewing position descriptions
for production personnel assigned to computer-
+, B-1+
All rights reserved
Powers CIA Review
related duties is a test of an administrative
control.
Not (d) because error listings relate to
tttttttt. CIA Nov 95 I.+1
Not (a) because potential loss, the probability
thereof, and the cost and effectiveness of
security measures are important elements of
the analysis.
Not (b) because potential loss, the probability
the analysis.
Not (c) because potential loss, the probability
the analysis.
Answer (d) is correct. 2otential loss is the
amount of dollar damages associated with a
security problem or loss of assets. 2otential
loss times the probability of occurrence is an
estimate (e%pected value) of the e%posure
associated with lac$ of security. #t represents a
potential benefit associated with the
implementation of security measures. !o
perform a cost-benefit analysis, the costs
should be considered. !hus, all three items
need to be addressed.
--------. CIA May 9! I.7
Not (a) because testing may detect missing or
erroneous logic, but it does not address flaws
in the conceptual design of the system.
Answer (b) is correct. A traditional system
employs systems analysts to review all aspects
of a problem and to devise a solution given all
relevant factors. +owever, 894 applications
lac$ such an independent review.
Not (c) because proper documentation does
not rectify design flaws.
Not (d) because lac$ of segregation of duties is
a ris$ associated with concealment of errors or
fraud, not failure to meet business
re&uirements.
vvvvvvvv. CIA May 9! I.8
Not (a) because a standard method for
uploading data may not include the controls
necessary to detect errors in the uploading
process.
Not (b) because edit and validation chec$s are
typically designed to identify errors in data
entry rather than in processing.
Not (c) because a record or log of reected
items is a control for monitoring the subse&uent
correction and processing of the items.
Answer (d) is correct. Balancing totals should
be used to ensure completeness and accuracy
of processing. 'or e%ample, comparing totals of
critical fields generated before processing with
output totals for those fields tests for missing or
improper transactions.
All rights reserved
+, B-14
Powers CIA Review
wwwwwwww. CIA May 9! I.9
Not (a) because lac$ of documentation may not
affect the reliability of the information
processed.
Not (b) because an appropriate level of
management authorized the changes.
Answer (c) is correct. <ne of the increased
ris$s in an 894 environment is that program
change procedures may not be followed. 9sers
may ta$e action without adherence to controls
over initiation, authorization, testing,
documentation, coordination, and
communication of the changes.
Not (d) because the consultants may have
properly tested the changes.
......... CIA May 9! I.+0
Not (a) because application controls are
dependent on the general controls.
Not (b) because, in an 894 environment,
responsibility for general controls may be
shared by several individuals in different
departments or locations.
Not (c) because the need for specific general
controls varies with the comple%ity and
importance of the application.
Answer (d) is correct. Ceneral controls
concern data and program security, program
changes, system development, computer
operations, and disaster recovery. Application
controls depend on the general controls. !he
former will be ineffective if the latter are not
functioning properly. 'urthermore, application
controls in an 894 environment may be
inade&uate, so the general controls may be the
auditor"s primary emphasis.
yyyyyyyy. CIA May 9! I.+1
Not (a) because restricting access to @AN
wor$stations is a control to prevent
unauthorized persons from gaining access to
the networ$.
Answer (b) is correct. Sophisticated software
pac$ages may inadvertently threaten data
security by allowing users to bypass e%isting
system-level security. 'ourth-generation
languages have update, retrieval, and reporting
functions that may be used inappropriately in
the absence of strong controls.
Not (c) because re&uiring a password to log on
to the @AN may not prevent authorized users
from performing unauthorized functions.
Not (d) because a security policy may establish
responsibility but will not prevent inappropriate
update of information.
////////. CIA May 9! I.+
Answer (a) is correct. 8dit or validation
routines are application controls over data
entry. 'or e%ample, they test whether data
fields have the appropriate types and numbers
of characters, data fields are complete, data
are consistent with information in a master file
or table, transactions balance, and amounts fall
within a reasonableness interval.
Not (b) because reected and suspense item
controls are relevant only if the data are first
subect to edit and validation chec$s.
Not (c) because controls over update access to
the database are general controls rather than
Not (d) because control totals are designed to
identify errors in the processing of data rather
than in the data itself.
aaaaaaaaa. CIA May 9+ II.0
Not (a) because hiring policies can provide
assurance of &ualified personnel for operation
+, B-15
All rights reserved
Powers CIA Review
of the system, but cannot prevent introduction
of viruses from bulletin boards or from outside
sources.
Not (b) because software programs can identify
and neutralize $nown viruses but may not
recognize and properly neutralize new strains
of a computer virus.
Answer (c) is correct. Acceptably safe
computing can be achieved by carefully crafted
policies and procedures used in conunction
with antivirus and access control software.
Not (d) because physical protection devices
can reduce access but cannot prevent
introduction of viruses by errant employees or
from outside sources.
bbbbbbbbb. CIA Nov 9! I.55
Not (a) because continuous audit involvement
does not minimize the audit cost. Actually, it
has the highest cost of the alternatives.
Not (b) because, when the audit department is
continuously involved in development, there
are no clearly defined points for comments.
Answer (c) is correct. !he scope of internal
auditing wor$ includes recommending
standards of control and reviewing procedures
before implementation. 4ontinuous
involvement of the internal auditing department
in systems development should minimize the
costs of rewor$ing the system. 4ontinuous
audit involvement allows for adustments to be
made during the course of development.
Not (d) because the potential for lac$ of audit
independence can be minimized with audit
involvement only after implementation.
ccccccccc. CIA May 9! I.44
Not (a) because terminal access restrictions
limit access to data input sites.
Not (b) because passwords re&uirements help
restrict input access.
Answer (c) is correct. +ash totals do not have
defined meanings. 8%amples are totals of
employee numbers or invoice numbers. !hey
are used to verify the completeness of data, not
to limit access.
Not (d) because validity tests for user
identification and product codes help to
determine whether input is authorized.
ddddddddd. CIA May 9! I.45
Not (a) because open purchase orders have
not yet been invoiced or paid.
Not (b) because an 8(# system is unli$ely to
offer cash discounts. #n addition, the auditor
was involved in the design and testing of the
8(# system and presumably has $nowledge of
the 8(# system"s procedures.
Answer (c) is correct. :anual input and
processing increase the ris$ of delayed
payments and loss of purchase discounts.
'urthermore, an 8(# system is unli$ely to offer
cash discounts. !hus, the proper population
from which to sample consists of paid invoices
not processed through the 8(# system.
Not (d) because an 8(# system is unli$ely to
offer cash discounts. #n addition, the auditor
was involved in the design and testing of the
8(# system and presumably has $nowledge of
the 8(# system"s procedures.
eeeeeeeee. CIA May 9! I.4!
Answer (a) is correct. An e%ception report
(error listing) should be issued so that company
personnel can investigate the discrepancy,
determine its cause, and ta$e appropriate
corrective action.
All rights reserved
+, B-1!
Powers CIA Review
Not (b) because the company should not pay
for goods not received.
Not (c) because the company should first
determine the cause of the discrepancy.
Not (d) because the company should not pay
for goods not received.
""""""""". CIA May 9! I.47
Not (a) because the number of vendors does
not indicate the size of the purchases.
Not (b) because the amount of purchases is
e&ually divided between the 8(# and non-8(#
systems and does not provide a basis for
prioritizing ris$s.
Answer (c) is correct. Sound controls mitigate
the ris$s associated with 8(#. !he &uestion
states that the internal auditing department"s
prior involvement consisted of assessing and
testing the 8(# system. !his review found no
significant problems. Accordingly, the ris$ of the
8(# system is decreased.
Not (d) because failure to e%amine 8(#
purchase controls increases ris$.
#########. CIA May 9! I.49
Not (a) because identifying and authenticating
the re&uestor provides some assurance that
transactions are authorized.
Not (b) because information should be
authenticated before transfer.
Not (c) because e%ception processing provides
assurance about validity. All error conditions
should be logged, reported, and reviewed on a
timely basis.
Answer (d) is correct. 8ncryption protects
data from unauthorized interception. +owever,
this process does not ensure that the
underlying transactions are genuine.
$$$$$$$$$. CIA May 9! I.58
Not (a) because reasonableness, limit, and
range chec$s are based upon $nown limits for
given information. 'or e%ample, the hours
wor$ed per wee$ is not li$ely to be greater than
1E.
Answer (b) is correct. Aalidity chec$s are
tests of identification numbers or transaction
codes for validity by comparison with items
already $nown to be correct or authorized. 'or
e%ample, Social Security numbers on payroll
input records can be compared with Social
Security numbers authorized by the personnel
department.
Not (c) because a record count is a control total
of the number of records processed during the
operation of a program. 'inancial totals
summarize dollar amounts in an information
field in a group of records.
Not (d) because a hash total is the number
obtained from totaling the same field value for
each transaction in a batch. !he total has no
meaning or value other than as a comparison
with another hash total.
iiiiiiiii. CIA Nov 9! I.5
Not (a) because information technology allows
more data to be reviewed and reduces audit
ris$.
+, B-17
All rights reserved
Powers CIA Review
Not (b) because information technology can
e%pedite the audit.
Not (c) because information technology can be
used to implement a new approach to the audit
of an application or function.
Answer (d) is correct. Kudgment is the fruit of
an auditor"s formal education, professional
e%perience, and personal &ualities. #nformation
technology is merely a tool for achieving audit
obectives. #t does not improve the auditor"s
udgment.
%%%%%%%%%. CIA Nov 9! I.11
Answer (a) is correct. !he number of systems
personnel employed may reflect differences in
operating philosophy (outsourcing vs. in-house
development of applications). +owever, the
compatibility of personnel is a less serious
concern than the compatibility of hardware and
software.
Not (b) because company A has little 8(#
e%perience. +ence, the greater the number of
vendors that must be connected with 4ompany
A, the greater the ris$ e%posure.
Not (c) because the difficulty and e%pense of
conversion will be increased if the computer
systems have significant compatibility
problems.
Not (d) because the greater the comple%ity of
the systems to be integrated, the greater the
ris$ e%posure.
&&&&&&&&&. CIA May 97 I.4
Not (a) because bac$up)restart procedures
concern abnormally aborted processing of obs.
Answer (b) is correct. Kob scheduling is an
obvious starting point for the investigation.
#neffective controls over scheduling result not
only in processing bottlenec$s at pea$ hours
but also in inefficient usage at other times and
increased costs. Scheduling problems may
arise when, for e%ample, the ob mi% changes
daily, users are allowed to submit unscheduled
obs, or manual overrides of an automated
schedule are permitted. 4ontrols include using
automated scheduling software, limiting
manual overrides, obtaining supervisory
approval of manual overrides, documenting
complete and current operations, verifying that
all obs are completed, and submitting
unscheduled obs to a different processor or
partition of the processor from that used for
production processing of scheduled obs.
Not (c) because console logs would give only
indications of problems. 4onsole logs might be
e%amined later in the process, but they would
not be the initial focus.
Not (d) because program documentation is not
the correct place to start, but it might help later
to determine why a given program was
delaying processing.
All rights reserved
+, B-18
Powers CIA Review
'''''''''. CIA May 97 I.5
Not (a) because asynchronous transmission is
a method of data transmission, not a means of
safeguarding data. #t is used for slow, irregular
transmissions, such as from a $eyboard
terminal. 8ach character is mar$ed by a start
and stop code.
Answer (b) is correct. 8ncryption software
uses a fi%ed algorithm to manipulate plain te%t
and an encryption $ey (a set of random data
bits used as a starting point for application of
the algorithm) to introduce variation. Although
tapping into the transmission line may access
data, the encryption $ey is necessary to
understand the data being sent.
Not (c) because, although fiber-optic
transmission lines are difficult to tap, their use
will not prevent theft of unencrypted data by
someone who has access to them.
Not (d) because use of passwords will control
access at the sending location and the head-
office computer. +owever, passwords will not
prevent someone from tapping the
transmission line.
(((((((((. CIA May 97 I.19
Not (a) because self-chec$ing digits detect
inaccurate identification numbers. !hey are an
effective control to ensure that the appropriate
part has been identified. +owever, the control
obective is to ensure that data transfer is
complete.
Answer (b) is correct. Batch control totals for
the data transferred can be reconciled with the
batch control totals in the e%isting file. !his
comparison provides information on the
completion of the data transfer. Batch totals
may include record counts, totals of certain
critical amounts, or hash totals. A hash total is a
control total without a defined meaning, such
as the total of employee numbers or invoice
numbers that is used to verify the
completeness of data. !hus, the hash total for
the employee listing by the personnel
department could be compared with the total
generated during the payroll run.
Not (c) because passwords help ensure that
only authorized personnel ma$e the transfer,
not that data transfer is complete.
Not (d) because field chec$s are effective input
controls, but they do not ensure completeness
of data transfer.
nnnnnnnnn. CIA May 9+ I.9
Not (a) because access to sensitive output is a
security concern.
Not (b) because bac$up and disaster recovery
is an operational integrity issue.
Not (c) because the change environment is a
security and independence concern.
Answer (d) is correct. 8fficiency is not
+, B-19
All rights reserved
Powers CIA Review
achieved when facilities are underused, wor$ is
nonproductive, or procedures are
uneconomical. 8fficiency will be improved by
freeing media and dis$ space for other uses,
thus reducing data storage costs.
ooooooooo. CIA May 97 I.51
Not (a) because restricting specific applications
to specific files is a ob-to-data authorization
techni&ue.
Not (b) because restricting specific terminals to
specific applications is a terminal-to-data
authorization techni&ue.
Answer (c) is correct. #n a user-to-data
access control system, access controls are
based on identification and authentication
procedures. #dentification is the process of
uni&uely distinguishing one user from all
others, and authentication determines that a
user is the person he claims to be.
Authentication may be by $nowledge,
possessions, or characteristics. Hnowledge
may include passwords and identification
numbers, possessions may include a security
card or badge, and characteristics may include
physiological and behavioral traits.
Not (d) because the use of access software
alone does not address all security ris$s.
*********. CIA May 97 I.!7
Answer (a) is correct. A technical feasibility
study determines whether the proposed
solution can be implemented. #t should be
conducted in the systems analysis stage.
Not (b) because the involvement of users in the
development process should result in better
design and greater acceptance of the system.
Not (c) because software &uality assurance is
crucial to the development process. :ista$es
may be e%tremely costly.
Not (d) because, without good documentation,
an information system may be difficult, if not
impossible, to operate, maintain, or use.
,,,,,,,,,. CIA May 90 III.41
Not (a) because given that the members of the
personnel department share one computer,
they all have access to that computer.
Authorized members need to access the
system and retrieve and edit their assigned
portion of personnel files to perform their ob. #f
access and file retrieval for all members were
restricted by passwords only, members who
are authorized to access the system and
retrieve files but not authorized for editing those
files will be able to edit personnel records.
Not (b) because given that the members of the
personnel department share one computer,
they all have access to that computer.
Authorized members need to access the
system and retrieve and edit their assigned
Answer (c) is correct. Civen that the
members of the personnel department share
one computer, they all have access to that
computer. Authorized members need to access
the system and retrieve and edit their assigned
4onse&uently, minimum password protection
should be available at the file editing level.
Not (d) because password control is needed.
rrrrrrrrr. CIA Nov 89 I.4
Not (a) because the 6paper trail6 is less
e%tensive in an information system. 4ombining
All rights reserved
+, B-1+0
Powers CIA Review
processing and controls within the system
reduces documentary evidence.
Not (b) because information assets are more
li$ely to be under the control of the information
system function.
Answer (c) is correct. 9sing a computer does
not change the basic concepts and obectives
of control. +owever, the use of computers may
modify the control techni&ues used. !he
processing of transactions may be combined
with control activities previously performed
separately, or control functions may be
combined within the information system activity.
Not (d) because documentation is more
important in an information system. #nformation
is more li$ely to be stored in machine-readable
form than in hard copy.
sssssssss. CIA Nov 90 III.+
Not (a) because password authorization is a
general control over access to terminals.
Answer (b) is correct. 4hec$ digit verification
is used when an algorithm generates a self-
chec$ing digit and then associates it with an
identification number (e.g. part no.). ,hen the
user enters the part number for e%ample, the
digit will be regenerated using the same
algorithm and compared to the stored chec$-
digit that is related to that part no. !his would
be an appropriate input-output control since it
detects errors in fields, such as account or
inventory numbers.
Not (c) because, hash totals are appropriate for
batch processing.
Not (d) because bac$up and recovery
procedures are general controls and not
ttttttttt. CIA Nov 90 III.++
Answer (a) is correct. !he callbac$ techni&ue
would prevent unauthorized access to the
computer when using a dial up facility. !he call
bac$ techni&ue is a two-step control. 'irst the
connection is bro$en after the caller has
identified himself and given the call number
allowing reconnection. !he system chec$s for
authorization by the caller, if the authorization is
verified the computer is reconnected. #f there is
no authorization, the computer is not
reconnected.
Not (b) because the modem
(modulator)demodulator) is a device that allows
a connection between a computer and a
terminal to be made from a remote location
through the use of telephone lines.
Not (c) because the echo chec$ is a control
used to verify that information sent by a sender
is identical to the information received by the
recipient. !he information sent is echoed bac$
by the recipient to the sender, if the message
received by the sender is not identical to what
was sent the transmission is tried again.
Not (d) because the console log has nothing to
do with controlling access to the computer. !he
log lists all operating system activity, maintains
an e&uipment utilization record, and identifies
operator-initiated actions.
---------. CIA May 91 III.!
Not (a) because the ban$ employee obtained
account codes)2#Ns by observing customers at
the A!:s. !he ban$ should encourage its
customers to $eep their account information
secret but must ta$e independent steps to
detect and prevent use of fraudulent cards.
+, B-1+1
All rights reserved
Powers CIA Review
Answer (b) is correct. (etecting the
fraudulent cards allowed the ban$ to monitor
A!: use and catch the individual. !ransaction
validation of cards allows detecting fraudulent
A!: cards in addition to account numbers and
2#N codes.
Not (c) because, this individual had, at one
time, been authorized to $now about A!:
operations.
Not (d) because the ban$ should restrict
access to machines capable of writing
magnetic stripes on cards to only those
employees who need them for their ob.
#ndividuals s$illed in electronics can, however,
obtain parts they assemble themselves so
ban$s are unable to restrict access to stripe-
writing machines.
vvvvvvvvv. CIA May 91 III.8+
Not (a) because prohibiting departmental staff
from programming their spreadsheet
applications defeats the purpose of using
personal computers, that is, to ma$e it possible
for users to be more productive with their own
computers.
Answer (b) is correct. !o assure control over
confidential data and programs, a functional
separation of computer-based activities should
be established. 4ustody of the data and
programs should be in the hands of a librarian
responsible for their secure storage and
control. Access should be formally authorized
to assure accountability for use of the data and
programs.
Not (c) because custom-designed menus are
ordinarily used to limit access to other
application programs, not necessarily to data
files. Also, they are unnecessary for s$illed
users and do not impose control on them.
Not (d) because dividing the duties of
application preparation and e%ecution impedes
the intended use of the application models. #t is
ineffective as a control measure because all
the department"s staff are s$illed spreadsheet
users.
wwwwwwwww. CIA May 91 III.4
Not (a) because tagging is the practice of
mar$ing specific transactions for subse&uent
investigation.
Not (b) because, callbac$ is a procedure in
which the system disconnects the caller and
calls the e%ternal entity"s telephone number of
record before letting the terminal session
proceed.
Answer (c) is correct. 9sing passwords would
permit supervisors to authenticate themselves
to the system as supervisors. !ellers, not
$nowing the supervisors" passwords, could not
invo$e supervisor-only functions.
Not (d) because, logs of access and attempted
functions by employee would detect teller use
of unauthorized functions but would not prevent
All rights reserved
+, B-1+
Powers CIA Review
tellers from using them.
.......... CIA May 91 III.89
Answer (a) is correct. (uring processing, the
operating system records in the console log the
activities of the computer system and the
actions ta$en by the computer operator. #t
should therefore contain entries for the wor$
performed and provide a control over operator
intervention.
Not (b) because, the data control log contains
entries concerning obs run and output
distribution. +owever, recording is not
concurrent with computer activity, and no entry
may appear for some transactions already
processed.
Not (c) because the ob &ueue is the list of obs
waiting to be processed, not those that have
been e%ecuted.
Not (d) because the master run boo$ provides
documentation of the system.
yyyyyyyyy. CIA May 9+ III.+9
Not (a) because growing organizational
reliance on information systems increases the
ris$ of business interruption.
Answer (b) is correct. As competitive
pressures for enhanced functions in systems
increase, development groups will be under
more pressure to implement systems &uic$ly,
which increases the ris$ of hastily developed,
ineffective systems.
Not (c) because greater emphasis on internal
control reduces the ris$ of ineffectiveness in the
developed system.
Not (d) because the use of $nowledge-based
systems increases the ris$ of inade&uate
$nowledge bases.
/////////. CIA May 94 I.!4
Answer (a) is correct. !he list of authorized
users and their passwords would not be
included in an audit trail log but in a file within
the computer.
Not (b) because the type of event or
transaction attempted would be included in an
audit log and is necessary to investigate
unauthorized attempted access to the system.
Not (c) because the terminal used to ma$e the
attempt would be included in an audit log and is
necessary to investigate unauthorized
attempted access to the system.
Not (d) because the data in the program sought
would be included in an audit log and is
necessary to investigate unauthorized
attempted access to the system.
aaaaaaaaaa. CIA May 94 III.+1
Answer (a) is correct. A preventive control is
designed to prevent errors from occurring. #n
this case, the computer program will not
generate month-end balances to prevent
reporting incorrect balances when it notes the
missing transactions.
Not (b) because detective controls are
designed to detect errors that occurred.
Not (c) because corrective controls fi% detected
and reported errors.
Not (d) because discretionary control is a
distracter since there is no such term.
bbbbbbbbbb. CIA Nov 94 III.
Not (a) because review of insurance coverage
is an aspect of ris$ analysis, and a much
narrower concept than contingency planning.
Not (b) because electronic vaulting is a
technology which may be used as part of
contingency planning. 8lectronic vaulting is
+, B-1++
All rights reserved
Powers CIA Review
bac$ing up data electronically at a remote
location to protect against hardware failures
and threats such as natural threats, fire etc.
Not (c) because change control procedures in
the development of information systems do not
ensure continuity of operations.
Answer (d) is correct. 4ontingency planning
is a management activity that is essential to
ensure continuity of operations in the event a
disaster impairs information systems
processing.
cccccccccc. CIA Nov 94 III.+
Answer (a) is correct. 3is$ analysis is
necessary to for an organization to assess its
e%posure to various factors that may hinder the
organization*s operations and effect losses.
!he level of e%posure may vary from minimal to
disastrous.
Not (b) because system bac$-up analysis is a
contingency planning strategy to react to a
disaster.
Not (c) because, vendor supply agreement
analysis is a contingency planning strategy to
react to a disaster.
Not (d) because contingent facility contract
analysis is a contingency planning strategy to
react to a disaster.
dddddddddd. CIA Nov 94 III.+9
Answer (a) is correct. Automatic dial bac$
re&uires reconnection of authorized contact
before processing. Automatic dial bac$ or
callbac$ is a control procedure in which the
system allows only authorized users to access
the system. (ial bac$ procedure disconnects
the caller and calls the e%ternal entity"s
telephone number of record before letting the
terminal session proceed.
Not (b) because message se&uencing is to
detect gaps or duplicate messages.
Not (c) because encryption scrambles
messages for security transmissions.
Not (d) because dedicated lines for a home
ban$ing system have a high cost factor.
eeeeeeeeee. CIA May 95 III.+9
Not (a) because. 2#N codes are not
physiological or behavioral characteristics of a
person.
Not (b) because passwords are not
physiological or behavioral characteristics of a
person.
Not (c) because an employee badge is not a
physiological or behavioral characteristic of a
person.
Answer (d) is correct. 8ach person*s voice
has different characteristics (sound fre&uency
or signature) that distinguish it from others
people*s voices. !his personal characteristic is
used by biometric systems to authenticate and
verify the identity of a person.
"""""""""". CIA May 95 III.40
Not (a) because screen savers do not prevent
the viewing of data on an unattended data
terminal.
Not (b) because passwords do not prevent the
viewing of data on an unattended data terminal.
Not (c) because encryption of data files will not
prevent the viewing of data on an unattended
data terminal.
Answer (d) is correct. Automatic log-off of
inactive data terminals may prevent the viewing
of sensitive data on an unattended data
terminal.
All rights reserved
+, B-1+4
Powers CIA Review
##########. CIA May 95 III.71
Not (a) because personnel employed at the site
would not be familiar with company operations
because they wor$ for the third party, not the
company.
Not (b) because using a cold site may actually
increase travel e%penses because company
personnel would have to travel to the site.
Answer (c) is correct. #f the company
arranged for a third-party cold site to replace a
non-functioning regional center, the company
would not have to install additional e&uipment
at the regional centers.
Not (d) because typically, cold sites re&uire
more than few hours before being operational
in order to permit installation and testing of
software and data.
$$$$$$$$$$. CIA May 95 III.7
Answer (a) is correct. !he company has
decentralized its information processing since
the last revision to the plan. !he e%isting plan is
li$ely to be out of date because of changes in
e&uipment, data, and software when shifting to
decentralized data processing.
Not (b) because the head&uarters has
ade&uate processing capability.
Not (c) because if the company were
depending on a cold site as a contingent plan
for the centralized head&uarters, arrangements
for cold site bac$ups would be crucial and
included in the plan.
Not (d) because personnel turnover, by itself, is
not a reason for a contingency plan to be
outdated because new personnel would be
trained for their obs, which would include
recovery procedures for processing.
iiiiiiiiii. CIA May 95 III.7+
Not (a) because, head&uarters would be no
more unaware of processing than is now the
case.
Answer (b) is correct. :irroring the data
another regional center would cause the
company to incur the cost and comple%ity of
greater networ$ traffic that would be re&uired to
send and synchronize the replicated data.
Not (c) because, the mirrored data would most
li$ely be $ept in segregated files, there would
be no interference with the data originally $ept
at each regional center.
Not (d) because agents would not have to
change their procedures because they would
continue using the system as before.
%%%%%%%%%%. CIA May 9! I.57
Not (a) because a record count determines the
number of documents entered into a process.
Not (b) because an echo chec$ tests the
reliability of computer hardware. 'or e%ample,
the 429 sends a signal to a printer that is
echoed ust prior to printing. !he signal verifies
that the proper print position has been
activated.
Not (c) because a self-chec$ing digit is
generated by applying an algorithm to an
identification number.
Answer (d) is correct. A limit, reasonableness,
or range test determines whether an amount is
within a predetermined limit for given
information. #t can only detect certain errors
(i.e., those that e%ceed the acceptable limit).
&&&&&&&&&&. CIA Nov 95 III.+8
Not (a) because, a cold site re&uires significant
time to be activated to duplicate regional
+, B-1+5
All rights reserved
Powers CIA Review
facilities. !he site does not have hardware and
e&uipment ready for use beyond the basic
installations re&uired to run an information
processing facility (flooring, lighting, air
conditioning etc.).
Not (b) because, a hot site is a very e%pensive
option for rerouting calls and it would not
provide s$illed staff to receive the claims. A hot
site however, is a fully configured and e&uipped
location that may be ready to operate within
few hours after getting the re&uired staff,
programs, and data files needed.
Not (c) because a third-party service center is
not the best option for contingency planning.
!his option would also be very e%pensive and
may not provide s$illed staff to handle
customers* insurance claims.
Answer (d) is correct. Since it is a distributed
insurance company and receiving customers*
calls is an essential aspect of the operations of
the company, the best contingency plan for
restoring capacity in the event of a disaster
would be to reroute call traffic to regional
centers that would not be affected by the
disaster. #n addition, choosing this contingency
plan would minimize recovery costs during
recovery periods and would be more effective
since the company*s trained personnel would
be receiving customer*s claims.
''''''''''. CIA May 9! III.!8
Answer (a) is correct. !he best way to protect
a client-server system from unauthorized
access is through a combination of application
and general access control techni&ues.
Not (b) because, only authentication systems
are not enough to provide protection for a
client-server system from unauthorized access?
those systems are only a part of the solution.
Not (c) because this only affects general
access control techni&ues.
Not (d) because testing and evaluation of
remote procedure calls may be a small part of
an overall security review.
((((((((((. CIA Nov 9! III.+9
Answer (a) is correct. A crucial aspect of
recovery planning for the company is ensuring
that organizational and operational changes
are incorporated in the plans. #f organizational
and operational changes were not reflected in
the recovery plans, there would be the potential
to have the recovery plans inapplicable.
Not (b) because, it is vital that changes to
systems be tested thoroughly before being
placed into production, but that is not a part of
recovery planning.
Not (c) because a good recovery plan would
specify how operational staff might be replaced
should the need arise, but management
personnel would not be used to replace
operational staff.
Not (d) because being able to predict wor$load
changes accurately permits a company to
minimize its information systems facility costs,
but that is not a part of recovery planning.
nnnnnnnnnn. CIA Nov 9! III.4+
Not (a) because ensuring that the disaster
recovery plans are fully tested would not
contribute to avoiding being selected as a
terrorist target.
Not (b) because hardening the electrical and
communications systems so that they could
withstand some $inds of attac$s would not
contribute to avoiding being selected as a
terrorist"s target.
Answer (c) is correct. !he best approach to
avoid having the data center identified as a
All rights reserved
+, B-1+!
Powers CIA Review
terrorist"s target is to establish as low a profile
as possible for the data center, e.g., by
refraining from (;) identifying the building on
the outside as a data center, (/) showcasing
the data center through glass windows, of (7)
advertising the important role the data center
plays in operations.
Not (d) because monitoring the locations and
activities of $nown terrorists, even if permitted
by law, would not by itself help the company
avoid having the data center selected as a
terrorist"s target.
oooooooooo. CIA Nov 9! III.48
Not (a) because, the company may or may not
maintain the same level of employment after a
disaster, e.g., a disaster that destroys
productive capacity in one plant may lead to
layoffs.
Not (b) because, thorough planning may or
may not minimize the cost of facility repair, i.e.,
the best approach may be to undergo more
e%pensive repair sooner in order to resume
operations sooner.
Answer (c) is correct. !he more thorough l
the recovery plans are, then the more li$ely the
company would be to resume operations
&uic$ly and fulfill its obligations to customers.
Not (d) because the ma%imum benefit from
planning is that it prompts action to avoid the
most li$ely or most devastating events with the
potential to interrupt business. :anagement
would be delighted if planning ensured that
business was never interrupted and thus that
the recovery plan was never invo$ed.
**********. CIA Nov 9! III.54
Not (a) because multiple access to data by
data owners i.e. access by the individuals
responsible for creating and maintaining
specific data, is a normal occurrence.
Not (b) because, management authorization of
modified access is e%pected as needs or
conditions change and is not an event typically
reported.
Answer (c) is correct. !he security
administrator should report access to data or
resources by privileged users so that the
access can be monitored for appropriate and
authorized usage.
Not (d) because data owner specification of
access privileges is normal and need not be
monitored by the security administrator.
,,,,,,,,,,. CIA Nov 9! III.!
Not (a) because, fingerprints are a biometrics
measure? they involve measuring part of
person"s physiological or behavioral
characteristics.
Not (b) because, a retina pattern is a biometrics
measure? they involve measuring part of
person"s physiological or behavioral
characteristics.
Not (c) because, speech patterns are a
biometrics measure? they involve measuring
part of person"s physiological or behavioral
characteristics.
Answer (d) is correct. 2asswords are not a
biometrics authentication. Biometrics systems
use personal characteristics to authenticate
and verify the identity of a person such as
fingerprints, retina patterns, and speech
patterns.
+, B-1+7
All rights reserved
Powers CIA Review
rrrrrrrrrr. CIA Nov 9! III.!!
Not (a) because password proliferation is a
considerable security concern because users
will be tempted to write down their password or
ma$e them overly simplistic.
Not (b) because, consistent security across
varied platforms is often challenging because
of the different security features of the various
systems and the decentralized nature of those
controlling security administration.
Not (c) because under centralized control,
management can feel more confidants that
bac$up file storage is being uniformly
controlled. (ecentralization of this function lead
to lac$ of consistency and difficulty in
monitoring compliance.
Answer (d) is correct. !his would not cause a
control concern. +aving data distributed across
many computers throughout the organization
actually decreases the ris$ that a single
disaster would destroy large portions of the
organization"s data. #t is a potential advantage
to distributed systems of various architectures
versus centralized data in a single mainframe
computer.
ssssssssss. CIA May 97 III.+7
Not (a) because review of the computer
processing logs is an output control to ensure
that data are accurate and complete.
Answer (b) is correct. :atching the input data
with information held on master or suspense
files is a processing control, not an output
control, to ensure that data are complete and
accurate during updating.
Not (c) because periodic reconciliation of
output reports is an output control to ensure
that data are accurate and complete.
Not (d) because maintaining formal procedures
and documentation specifying authorized
recipients is an output control to ensure proper
distribution.
tttttttttt. CIA May 97 III.44
Not (a) because data encryption is an effective
security feature for any computer.
Answer (b) is correct. A noteboo$ computer is
a portable device smaller than a laptop.
Because it may be readily transported
anywhere, security concerns for such a device
are even greater than for des$top personal
computers. 'or e%ample, password protection
for a screensaver program can be easily
bypassed.
Not (c) because a removable hard drive
provides obvious protection for data and
programs stored thereon.
Not (d) because security is promoted by
physically loc$ing the noteboo$ computer to an
immovable obect.
----------. CIA May 97 III.!
Answer (a) is correct. #mplementation controls
are part of general controls. #mplementation
controls occur in the system development
process at various points to ensure that
implementation is properly controlled and
All rights reserved
+, B-1+8
Powers CIA Review
managed.
Not (b) because, hardware controls ensure that
computer hardware is physically secure and
chec$ for e&uipment malfunction.
Not (c) because computer operations controls
apply to the wor$ of the computer department
and help ensure that programmed procedures
are consistently and correctly applied to the
storage and processing of data.
Not (d) because data security controls ensure
that data files on either dis$ or tape are not
subect to unauthorized access, change, or
destruction.
vvvvvvvvvv. CIA May 97 III.!4
Not (a) because this practice is a wise control,
but it does not address the issue of upload-data
integrity. Bac$ups cannot prevent or detect
data-upload problems, but can only help
correct data errors that a poor upload caused.
Not (b) because this control may be somewhat
helpful in preventing fraud in data uploads, but
it is of little use in preventing errors.
Answer (c) is correct. !o prevent data errors
when data would be uploaded from a
microcomputer to the company"s mainframe
system in batch processing, the mainframe
computer should subect the data to the same
edits and validation routines that online data
entry would re&uire.
Not (d) because this control is detective in
nature, but the error could have already caused
erroneous reports and management decisions.
+aving users try to find errors in uploaded data
would be costly.
+, B-1+9
All rights reserved

II-B Conduct Specific Engagements Answers

Загружено:

Сведения о документе

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

II-B Conduct Specific Engagements Answers

Загружено:

Авторское право:

Доступные форматы

Powers CIA Review

a. CIA May 90 I.5

Вам также может понравиться