The BEST method of proving the accuracy of a system tax
calculation is by:
A. detailed visual review and analysis of the source code of
the calculation programs.
B. recreating program logic using generalized audit software
to calculate monthly totals.
C. preparing simulated transactions for processing and
comparing the results to predetermined results.
D. automatic flowcharting and analysis of the source code of
the calculation programs.
Answer / guest
Answer: C
Preparing simulated transactions for processing and
comparing the results to predetermined results is the best
method for proving accuracy of a tax calculation. Detailed
visual review, flowcharting and analysis of source code are
not effective methods, and monthly totals would not address
the accuracy of individual tax calculations.
Is This Answer Correct ? | 7 Yes | 0 No |
Which of the following systems or tools can recognize that a credit card transaction is more likely to have resulted from a stolen credit card than from the holder of the credit card? A. Intrusion detection systems B. Data mining techniques C. Firewalls D. Packet filtering routers
An audit charter should: A. be dynamic and change often to coincide with the changing nature of technology and the audit profession. B. clearly state audit objectives for the delegation of authority for the maintenance and review of internal controls. C. document the audit procedures designed to achieve the planned audit objectives. D. outline the overall authority, scope and responsibilities of the audit function.
A company performs full backup of data and programs on a regular basis. The primary purpose of this practice is to: A. maintain data integrity in the applications. B. restore application processing after a disruption. C. prevent unauthorized changes to programs and data. D. ensure recovery of data processing in case of a disaster.
Which of the following LAN physical layouts is subject to total loss if one device fails? A. Star B. Bus C. Ring D. Completely connected
The FIRST step in data classification is to: A. establish ownership. B. perform a criticality analysis. C. define access rules. D. create a data dictionary.
An organization has contracted with a vendor for a turnkey solution for their electronic toll collection system (ETCS). The vendor has provided its proprietary application software as part of the solution. The contract should require that: A. a backup server be available to run ETCS operations with up-to-date data. B. a backup server be loaded with all the relevant software and data. C. the systems staff of the organization be trained to handle any event. D. source code of the ETCS application be placed in escrow.
Which of the following would an IS auditor consider a weakness when performing an audit of an organization that uses a public key infrastructure (PKI) with digital certificates for its business-to-consumer transactions via the Internet? A. Customers are widely dispersed geographically, but the certificate authorities (CAs) are not. B. Customers can make their transactions from any computer or mobile device. C. The CA has several data processing subcenters to administer certificates. D. The organization is the owner of the CA.
An IS auditor has just completed a review of an organization that has a mainframe and a client-server environment where all production data reside. Which of the following weaknesses would be considered the MOST serious? A. The security officer also serves as the database administrator (DBA.) B. Password controls are not administered over the client/server environment. C. There is no business continuity plan for the mainframe system?s non-critical applications. D. Most LANs do not back up file server fixed disks regularly.
The PRIMARY objective of conducting a post-implementation review is to assess whether the system A) achieved the desired objectives B) provides for backup and recovery C) provides for information security D) documentation is clear and understandable
To identify the value of inventory that has been kept for more than eight weeks, an IS auditor would MOST likely use: A. test data. B. statistical sampling. C. an integrated test facility. D. generalized audit software.
Which of the following duties would be a concern if performed along with systems administration? A. Maintenance of access rules B. Review of system audit trail C. Data librarian D. Performance monitoring
Which of the following is the basic objective of a control self-assessment program?