Which of the following is a substantive audit test?
A. Verifying that a management check has been performed
regularly
B. Observing that user IDs and passwords are required to
sign on the computer
C. Reviewing reports listing short shipments of goods received
D. Reviewing an aged trial balance of accounts receivable
- 1 Answers
- 5636 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
A review of accounts receivable will provide evidence of the
validity and propriety of the financial statement balance.
Choices A, B and C are compliance tests to determine that
policies and procedures are being followed.
| Is This Answer Correct ? | 12 Yes | 4 No |
A consulting firm has created a File Transfer Protocol (FTP) site for the purpose of receiving financial data and has communicated the site's address, user ID and password to the financial services company in separate email messages. The company is to transmit its data to the FTP site after manually encrypting the data. The IS auditor's GREATEST concern with this process is that: A. the users may not remember to manually encrypt the data before transmission. B. the site credentials were sent to the financial services company via email. C. personnel at the consulting firm may obtain access to sensitive data. D. the use of a shared user ID to the FTP site does not allow for user accountability.
The BEST overall quantitative measure of the performance of biometric control devices is: A. false rejection rate. B. false acceptance rate. C. equal error rate. D. estimated error rate.
Neural networks are effective in detecting fraud because they can: A. discover new trends since they are inherently linear. B. solve problems where large and general sets of training data are not obtainable. C. attack problems that require consideration of a large number of input variables. D. make assumptions about the shape of any curve relating variables to the output.
Applying a retention date on a file will ensure that: A. data cannot be read until the date is set. B. data will not be deleted before that date. C. backup copies are not retained after that date. D. datasets having the same name are differentiated.
An organization has an integrated development environment (IDE), where the program libraries reside on the server, but modification/development and testing are done from PC workstations. Which of the following would be a strength of an integrated development environment? A. Controls the proliferation of multiple versions of programs B. Expands the programming resources and aids available C. Increases program and processing integrity D. Prevents valid changes from being overwritten by other changes
Which of the following is the MOST important reason for an IS auditor to be involved in a system development project? A. Evaluate the efficiency of resource utilization. B. Develop audit programs for subsequent audits of the system. C. Evaluate the selection of hardware to be used by the system. D. Ensure that adequate controls are built into the system during development.
Which of the following is an object-oriented technology characteristic that permits an enhanced degree of security over data? A. Inheritance B. Dynamic warehousing C. Encapsulation D. Polymorphism
The window of time recovery of information processing capabilities is based on the: A. criticality of the processes affected. B. quality of the data to be processed. C. nature of the disaster. D. applications that are mainframe based.
Which of the following controls would provide the GREATEST assurance of database integrity? A. Audit log procedures B. Table link/reference checks C. Query/table access time checks D. Rollback and rollforward database features
Which of the following is MOST likely to occur when a system development project is in the middle of the programming/coding phase? A. Unit tests B. Stress tests C. Regression tests D. Acceptance tests
Which of the following is a concern when data is transmitted through secure socket layer (SSL) encryption implemented on a trading partner's server? A. Organization does not have control over encryption. B. Messages are subjected to wire tapping. C. Data might not reach the intended recipient. D. The communication may not be secure.
Which of the following is the MOST important criterion for the selection of a location for an offsite storage facility for IS backup files? The offsite facility must be: A. physically separated from the data center and not subject to the same risks. B. given the same level of protection as that of the computer data center. C. outsourced to a reliable third party. D. equipped with surveillance capabilities.
Cisco Certifications 
