Вы находитесь на странице: 1из 3


School of Business, Management and Accountancy

A.Y. 2018 - 2019

Auditing in a CIS Environment - Pre-final Quiz 2

Name: ____________________________________ Course and year: _______________ Date: _________________

Instructions: Encircle the letter of the correct or best answer. Use pens with permanent ink only. No erasures allowed.
Do not make unnecessary marks on the examination papers.

1. Which control is not associated with new systems development activities?

a) reconciling program version numbers c) user involvement
b) program testing d) internal audit participation

2. Which test of controls will provide evidence that the system as originally implemented was free from material errors
and free from fraud? Review of the documentation indicates that
a) a cost-benefit analysis was conducted
b) the detailed design was an appropriate solution to the user's problem
c) tests were conducted at the individual module and total system levels prior to implementation
d) problems detected during the conversion period were corrected in the maintenance phase

3. Routine maintenance activities require all of the following controls except

a) documentation updates c) formal authorization
b) testing d) internal audit approval

4. Which statement is correct?

a) compiled programs are very susceptible to unauthorized modification
b) the source program library stores application programs in source code form
c) modifications are made to programs in machine code language
d) the source program library management system increases operating efficiency

5. Which control is not a part of the source program library management system?
a) using passwords to limit access to application programs
b) assigning a test name to all programs undergoing maintenance
c) combining access to the development and maintenance test libraries
d) assigning version numbers to programs to record program modifications

6. Which control ensures that production files cannot be accessed without specific permission?
a) Database Management System c) Source Program Library Management System
b) Recovery Operations Function d) Computer Services Function

7. Program testing
a) involves individual modules only, not the full system
b) requires creation of meaningful test data
c) need not be repeated once the system is implemented
d) is primarily concerned with usability

8. Which statement is not true?

a) An audit objective for systems maintenance is to detect unauthorized access to application databases.
b) An audit objective for systems maintenance is to ensure that applications are free from errors.
c) An audit objective for systems maintenance is to verify that user requests for maintenance reconcile to program
version numbers.
d) An audit objective for systems maintenance is to ensure that the production libraries are protected from
unauthorized access.

9. When the auditor reconciles the program version numbers, which audit objective is being tested?
a) protect applications from unauthorized changes
b) ensure applications are free from error
c) protect production libraries from unauthorized access
d) ensure incompatible functions have been identified and segregated

10. Which statement is not correct? The structured design approach

a) is a top-down approach
b) is documented by data flow diagrams and structure diagrams
Auditing in a CIS Environment - Pre-final Quiz 2

c) assembles reusable modules rather than creating systems from scratch

d) starts with an abstract description of the system and redefines it to produce a more detailed description of the

11. The benefits of the object-oriented approach to systems design include all of the following except
a) this approach does not require input from accountants and auditors
b) development time is reduced
c) a standard module once tested does not have to be retested until changes are made
d) system maintenance activities are simplified

12. Evaluators of the detailed feasibility study should not include

a) the internal auditor c) a user representative
b) the project manager d) the system designer

13. A cost-benefit analysis is a part of the detailed

a) operational feasibility study c) legal feasibility study
b) schedule feasibility study d) economic feasibility study

14. Examples of one-time costs include all of the following except

a) hardware acquisition c) site preparation
b) insurance d) Programming

15. Examples of recurring costs include

a) software acquisition c) personnel costs
b) data conversion d) systems design

16. A commercial software system that is completely finished, tested, and ready for implementation is called a
a) backbone system c) benchmark system
b) vendor-supported system d) turnkey system

17. Which of the following is not an advantage of commercial software? Commercial software
a) can be installed faster than a custom system
b) can be easily modified to the user’s exact specifications
c) is significantly less expensive than a system developed in-house
d) is less likely to have errors than an equivalent system developed in-house

18. Which step is least likely to occur when choosing a commercial software package?
a) a detailed review of the source code
b) contact with user groups
c) preparation of a request for proposal
d) comparison of the results of a benchmark problem

19. The detailed design report contains all of the following except
a) input screen formats c) report layouts
b) alternative conceptual designs d) process logic

20. Computer operators should have access to all of the following types of documentation except
a) a list of users who receive output c) a list of all master files used in the system
b) a program code listing d) a list of required hardware devices
Auditing in a CIS Environment - Pre-final Quiz 2


1. A 1 5
2. C 2
3. D 3
4. B 4
5. C 5
6. C 6
7. B 7
8. A 8
9. A 9
10. C 11
11. A 12
12. D 14
13. D 15
14. B 16
15. C 17
16. D 18
17. B 19
18. A 20
19. B 22
20. B 26