Which of the following is not a risk specific to CIS environment ? a. reliance on the functioning capabilities of hardware and software. b. increased human involvement c. loss of data due to insufficient backup d. unauthorized access Required: choose the correct answer and Justify your answers in at least 6 sentences.

Which of the following is not a risk specific to CIS environment ? a. reliance on the functioning capabilities of hardware and software. b. increased human involvement c. loss of data due to insufficient backup d. unauthorized access Required: choose the correct answer and Justify your answers in at least 6 sentences.

Auditing: A Risk Based-Approach (MindTap Course List)

11th Edition

ISBN:9781337619455

Author:Karla M Johnstone, Audrey A. Gramling, Larry E. Rittenberg

Publisher:Karla M Johnstone, Audrey A. Gramling, Larry E. Rittenberg

Chapter3: Internal Control Over Financial Reporting: Responsibilities Of Management And The External Auditor

Section: Chapter Questions

Problem 20CYBK

See similar textbooks

Similar questions

5. Which of the following is not a risk in a computerized information system (CIS) a. need for CIS experienced staff b. separation of CIS duties from accounting functions c. improved audit trail d. hardware and data vulnerability Required: choose the correct answer and Justify your answers in at least 6 sentences.
Which of the following is NOT a data communications control objective?a. maintaining the critical application listb. correcting message loss due to equipment failurec. preventing illegal accessd. rendering useless any data that a perpetrator successfully captures
Which of the following is correct? a. Auditors should evaluate application controls before evaluating general controls b. Auditors should evaluate application controls and general controls simultaneously. c. Auditors should evaluate general controls before evaluating application controls. d. None of these statements is correct. Required: choose the correct answer and Justify your answers in at least 6 sentences.
Choose only one answer as well as state their reasons/rationale for the answer chosen. 7) Which input control is designed to prevent a buffer overflow attack?a. Size checkb. Reasonableness testc. Range checkd. Field check
1. Automated controls in a computerized system are always more reliable than manual controls. true or false 2. The risk of fraud in a computerized system is lower than in a manual system because of the use of automated controls. 3. What is a potential risk associated with computerized systems? a. Inefficient use of resources b. Unauthorized access to data c. Excessive use of paper-based documents d. Lack of user training 4. The use of computer systems in financial reporting increases the risk of material misstatements. true or false 5. Which of the following is a potential limitation of computer-based systems? a. Increased risk of data loss b. Reduced need for user training c. Reduced need for internal controls d. Increased efficiency and accuracy
2. An important characteristic of CIS is uniformity of processing. Therefore, a risk exists that: a. Auditors will not be able to access data quickly. b. Auditors will not be able to determine if data is processed consistently. c. Erroneous processing can result in the accumulation of a great number of misstatements in a short period Which of time. d. All of the above Required: choose the correct answer and Justify your answers in at least 6 sentences.
1. _____ are controls that do not rely on the client's information technology (IT) environment for their operation. a. IT general controls (ITGCs) b. Automated controls c. Computer application controls d. Manual controls 2. Assessing control risk begins with understanding entity-level controls. a. True b. False
5) What are common limitations of Internal Controls? a) Human Error b) Human Fraud c) Cost-Benefit Principle d) A, B, and C e) A and B only
Select each attribute with the most directly related term. No term is used more than once. Attributes 1. Likelihood a misstatement will not be prevented or detected 2. Substantive procedures and tests of controls 3. Likelihood of misstatement assuming no controls 4. Reporting on internal control and financial statements 5. Creates a reasonable possibility a material misstatement will not be detected 6. Inquiries, analytical procedures, observation 7. Merits attention, less than a material weakness 8. GAAP 9. Inquire, inspect, observe, reperform 10. Follow a transaction through the system Term
The following questions/inquiries can be used in determining risk, EXCEPT: CHOICES: A)What is the passcode lock of that computer? B) Where are the people, processes, systems, or assets vulnerable? C) How could that unit fail? D) What could go wrong?
17. The following questions/inquiries can be used in determining risk, EXCEPT: Group of answer choices How could that unit fail? What could go wrong? What is the passcode lock of that computer? Where are the people, processes, systems, or assets vulnerable?
Question 1 Which of these would be a reason for adopting a predominantly substantive approach? Select an answer and submit. For keyboard navigation, use the up/down arrow keys to select an answer. a Accounts are affected by more than one transaction class Detection risk has been assessed as high C There are no significant control procedures that pertain to the assertion Control risk has been assessed as low b d