IT Auditing 4th Ed—Test Bank, Chapter
a2 a2 a2 a2 a2
1
© a22016 a2Cengage a2Learning®. a 2 May a2not a2be a2scanned, a2copied a2or a2duplicated a2or a2posted a2to a2a a2publicly a2accessible a2website, a2in a2whole a2or a2in a2part,
a2except a2for a2use a2as a2permitted a2in a2a a 2 license a2distributed a2with a2a a2certain a2product a2or a2service a2or a2otherwise a2on a2a a2password-protected a2website a2or a2school-
approved learning management system for classroom use.
, IT Auditing 4th Ed—Test Bank, Chapter
a2 a2 a2 a2 a2
Chapter 1—Auditing and Internal Control
a2 a2 a2 a2 1
TRUE/FALSE
1. Corporate management (including the CEO) must certify monthly and annually their
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
organization‟s internal controls over financial reporting.
a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
2. Both the SEC and the PCAOB require management to use the COBIT framework for assessing
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
internal control adequacy.
a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
3. Both the SEC and the PCAOB require management to use the COSO framework for assessing
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
internal control adequacy.
a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
4. A qualified opinion on management‟s assessment of internal controls over the financial reporting
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
system necessitates a qualified opinion on the financial statements?
a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
5. The same internal control objectives apply to manual and computer-based information systems.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
6. The external auditor is responsible for establishing and maintaining the internal control system.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
7. Segregation of duties is an example of an internal control procedure.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
8. Preventive controls are passive techniques designed to reduce fraud.
a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
9. A key modifying assumption in internal control is that the internal control system is the
a 2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
responsibility of management.
a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
© a22016 a2Cengage a2Learning®. a 2 May a2not a2be a2scanned, a2copied a2or a2duplicated a2or a2posted a2to a2a a2publicly a2accessible a2website, a2in a2whole a2or a2in a2part,
a2except a2for a2use a2as a2permitted a2in a2a a 2 license a2distributed a2with a2a a2certain a2product a2or a2service a2or a2otherwise a2on a2a a2password-protected a2website a2or a2school-
approved learning management system for classroom use.
, IT Auditing 4th Ed—Test Bank, Chapter
a2 a2 a2 a2 a2
1
10. While the Sarbanes-Oxley Act prohibits auditors from providing non-accounting services to their
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
audit clients, they are not prohibited from performing such services for non-audit clients or
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
privately held companies.
a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
11. The Sarbanes-Oxley Act requires the audit committee to hire and oversee the external auditors.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
12. Section 404 requires that corporate management (including the CEO) certify their organization‟s
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
internal controls on a quarterly and annual basis.
a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
13. Section 302 requires the management of public companies to assess and formally report
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
on the effectiveness of their organization‟s internal controls.
a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
14. Application controls apply to a wide range of exposures that threaten the integrity of all
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
programs processed within the computer environment.
a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
15. Advisory services is an emerging field that goes beyond the auditor‟s traditional attestation function.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
16. An IT auditor expresses an opinion on the fairness of the financial statements.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
17. External auditing is an independent appraisal function established within an organization to examine
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
and evaluate its activities as a service to the organization.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
18. External auditors can cooperate with and use evidence gathered by internal audit departments
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
that are organizationally independent and that report to the Audit Committee of the Board of
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
© a22016 a2Cengage a2Learning®. a 2 May a2not a2be a2scanned, a2copied a2or a2duplicated a2or a2posted a2to a2a a2publicly a2accessible a2website, a2in a2whole a2or a2in a2part,
a2except a2for a2use a2as a2permitted a2in a2a a 2 license a2distributed a2with a2a a2certain a2product a2or a2service a2or a2otherwise a2on a2a a2password-protected a2website a2or a2school-
approved learning management system for classroom use.
, IT Auditing 4th Ed—Test Bank, Chapter
a2 a2 a2 a2 a2
a2 Directors. 1
© a22016 a2Cengage a2Learning®. a 2 May a2not a2be a2scanned, a2copied a2or a2duplicated a2or a2posted a2to a2a a2publicly a2accessible a2website, a2in a2whole a2or a2in a2part,
a2except a2for a2use a2as a2permitted a2in a2a a 2 license a2distributed a2with a2a a2certain a2product a2or a2service a2or a2otherwise a2on a2a a2password-protected a2website a2or a2school-
approved learning management system for classroom use.
a2 a2 a2 a2 a2
1
© a22016 a2Cengage a2Learning®. a 2 May a2not a2be a2scanned, a2copied a2or a2duplicated a2or a2posted a2to a2a a2publicly a2accessible a2website, a2in a2whole a2or a2in a2part,
a2except a2for a2use a2as a2permitted a2in a2a a 2 license a2distributed a2with a2a a2certain a2product a2or a2service a2or a2otherwise a2on a2a a2password-protected a2website a2or a2school-
approved learning management system for classroom use.
, IT Auditing 4th Ed—Test Bank, Chapter
a2 a2 a2 a2 a2
Chapter 1—Auditing and Internal Control
a2 a2 a2 a2 1
TRUE/FALSE
1. Corporate management (including the CEO) must certify monthly and annually their
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
organization‟s internal controls over financial reporting.
a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
2. Both the SEC and the PCAOB require management to use the COBIT framework for assessing
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
internal control adequacy.
a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
3. Both the SEC and the PCAOB require management to use the COSO framework for assessing
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
internal control adequacy.
a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
4. A qualified opinion on management‟s assessment of internal controls over the financial reporting
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
system necessitates a qualified opinion on the financial statements?
a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
5. The same internal control objectives apply to manual and computer-based information systems.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
6. The external auditor is responsible for establishing and maintaining the internal control system.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
7. Segregation of duties is an example of an internal control procedure.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
8. Preventive controls are passive techniques designed to reduce fraud.
a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
9. A key modifying assumption in internal control is that the internal control system is the
a 2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
responsibility of management.
a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
© a22016 a2Cengage a2Learning®. a 2 May a2not a2be a2scanned, a2copied a2or a2duplicated a2or a2posted a2to a2a a2publicly a2accessible a2website, a2in a2whole a2or a2in a2part,
a2except a2for a2use a2as a2permitted a2in a2a a 2 license a2distributed a2with a2a a2certain a2product a2or a2service a2or a2otherwise a2on a2a a2password-protected a2website a2or a2school-
approved learning management system for classroom use.
, IT Auditing 4th Ed—Test Bank, Chapter
a2 a2 a2 a2 a2
1
10. While the Sarbanes-Oxley Act prohibits auditors from providing non-accounting services to their
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
audit clients, they are not prohibited from performing such services for non-audit clients or
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
privately held companies.
a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
11. The Sarbanes-Oxley Act requires the audit committee to hire and oversee the external auditors.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
12. Section 404 requires that corporate management (including the CEO) certify their organization‟s
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
internal controls on a quarterly and annual basis.
a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
13. Section 302 requires the management of public companies to assess and formally report
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
on the effectiveness of their organization‟s internal controls.
a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
14. Application controls apply to a wide range of exposures that threaten the integrity of all
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
programs processed within the computer environment.
a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
15. Advisory services is an emerging field that goes beyond the auditor‟s traditional attestation function.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 T PTS: a 2 a 2 1
16. An IT auditor expresses an opinion on the fairness of the financial statements.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
17. External auditing is an independent appraisal function established within an organization to examine
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
and evaluate its activities as a service to the organization.
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
ANS: a 2 F PTS: a 2 a 2 1
18. External auditors can cooperate with and use evidence gathered by internal audit departments
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
that are organizationally independent and that report to the Audit Committee of the Board of
a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2 a2
© a22016 a2Cengage a2Learning®. a 2 May a2not a2be a2scanned, a2copied a2or a2duplicated a2or a2posted a2to a2a a2publicly a2accessible a2website, a2in a2whole a2or a2in a2part,
a2except a2for a2use a2as a2permitted a2in a2a a 2 license a2distributed a2with a2a a2certain a2product a2or a2service a2or a2otherwise a2on a2a a2password-protected a2website a2or a2school-
approved learning management system for classroom use.
, IT Auditing 4th Ed—Test Bank, Chapter
a2 a2 a2 a2 a2
a2 Directors. 1
© a22016 a2Cengage a2Learning®. a 2 May a2not a2be a2scanned, a2copied a2or a2duplicated a2or a2posted a2to a2a a2publicly a2accessible a2website, a2in a2whole a2or a2in a2part,
a2except a2for a2use a2as a2permitted a2in a2a a 2 license a2distributed a2with a2a a2certain a2product a2or a2service a2or a2otherwise a2on a2a a2password-protected a2website a2or a2school-
approved learning management system for classroom use.
