An integrated test facility is considered a useful audit
tool because it:
A. is a cost-efficient approach to auditing application
controls.
B. enables the financial and IS auditors to integrate their
audit tests.
C. compares processing output with independently calculated
data.
D. provides the IS auditor with a tool to analyze a large
range of information.
- 2 Answers
- 22124 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / shashank kandhway
An integrated test facility (ITF) creates a fictitious
entity in a database to process test transactions
simultaneously with live input. It can be used to
incorporate test transactions into a normal production run
of a system. Its advantage is that periodic testing does
not require separate test processes. However, careful
planning is necessary, and test data must be isolated from
production data.
Integrated test facility is considered a useful audit tool
during an IT audit because it uses the same programs to
compare processing using independently calculated data.
This involves setting up dummy entities on an application
system and processing test or production data against the
entity as a means of verifying processing accurary.
| Is This Answer Correct ? | 28 Yes | 1 No |
Answer / guest
Answer: C
An integrated test facility is considered a useful audit
tool because it uses the same programs to compare processing
using independently calculated data. This involves setting
up dummy entities on an application system and processing
test or production data against the entity as a means of
verifying processing accuracy.
| Is This Answer Correct ? | 29 Yes | 4 No |
Which of the following concerns about the security of an electronic message would be addressed by digital signatures? A. Unauthorized reading B. Theft C. Unauthorized copying D. Alteration
Which of the following would be considered an essential feature of a network management system? A. A graphical interface to map the network topology B. Capacity to interact with the Internet to solve the problems C. Connectivity to a help desk for advice on difficult issues D. An export facility for piping data to spreadsheets
At the end of the testing phase of software development, an IS auditor observes that an intermittent software error has not been corrected. No action has been taken to resolve the error. The IS auditor should: A. report the error as a finding and leave further exploration to the auditee's discretion. B. attempt to resolve the error. C. recommend that problem resolution be escalated. D. ignore the error, as it is not possible to get objective evidence for the software error.
Which of the following is a role of an IS steering committee? A. Initiate computer applications. B. Ensure efficient use of data processing resources. C. Prepare and monitor system implementation plans. D. Review the performance of the systems department.
Which of the following is the MOST important objective of data protection? A. Identifying persons who need access to information B. Ensuring the integrity of information C. Denying or authorizing access to the IS system D. Monitoring logical accesses
To meet pre-defined criteria, which of the following continuous audit techniques would BEST identify transactions to audit? A. Systems Control Audit Review File and Embedded Audit Modules (SCARF/EAM) B. Continuous and Intermittent Simulation (CIS) C. Integrated Test Facilities (ITF) D. Audit hooks
The responsibility, authority and accountability of the IS audit function is documented appropriately in an audit charter and MUST be: A. approved by the highest level of management. B. approved by audit department management. C. approved by user department management. D. changed every year before commencement of IS audits.
Disaster recovery planning for a company's computer system usually focuses on: A. operations turnover procedures. B. strategic long-range planning. C. the probability that a disaster will occur. D. alternative procedures to process transactions.
Which of the following satisfies a two-factor user authentication? A. Iris scanning plus finger print scanning B. Terminal ID plus global positioning system (GPS) C. A smart card requiring the user's PIN D. User ID along with password
Following a reorganization of a company's legacy database, it was discovered that records were accidentally deleted. Which of the following controls would have MOST effectively detected this occurrence? A. Range check B. Table lookups C. Run-to-run totals D. One-for-one checking
In a small organization, where segregation of duties is not practical, an employee performs the function of computer operator and application programmer. Which of the following controls should the IS auditor recommend? A. Automated logging of changes to development libraries B. Additional staff to provide segregation of duties C. Procedures that verify that only approved program changes are implemented D. Access controls to prevent the operator from making program modifications
Which of the following functions should be performed by the application owners to ensure an adequate segregation of duties between IS and end users? A. System analysis B. Authorization of access to data C. Application programming D. Data administration
Cisco Certifications 
