Scribd
Upload
1K views5 pages

Information System Audit - MCQs

Uploaded by

Banda Ravindra Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
1K views5 pages

Information System Audit - MCQs

Uploaded by

Banda Ravindra Kumar
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

Livemcqs.

com

Information System Audit MCQs With Answers


1. By auditing through the computer we mean

a) The inputs and the corresponding outputs are compared and checked for correctness

b) The programs and procedures are checked for correctness

c) Special synthetic data is input and outputs checked for correctness

d) Programs are written to check the functioning of the computer hardware

Answer: The programs and procedures are checked for correctness

2. How systemic Error helps Auditor in Evidence Evaluation

a) Systemic Error raise audit flags on system errors to auditor against which auditor can easily take
action

b) Systemic errors are the errors made by the system in processing thus auditor is only required to
evaluate system processing

c) Systemic errors are made on all the transactions processed thus it reduces auditor time to
evaluate evidence

d) All of the above

Answer: Systemic errors are made on all the transactions processed thus it reduces auditor time to
evaluate evidence

3. In an organization, Auditor wants to collect evidence based on system user profiles; which CATT
can be used by the auditor to achieve the objective

a) CIS

b) Audit Hooks

c) Audit Trails

d) SCARF

Answer: SCARF

4. To perform IS audit IS Auditor must possess good skills set; in reference to this identify the wrong
statement

a) Should have Knowledge of IT policies

b) Should have Knowledge of IT ACT

c) Should be Able to understand BCP controls to organization

d) Must possess a CA degree

Livemcqs.com
Livemcqs.com

Answer: Must possess a CA degree

5. Risk-control-Matrix is developed in which step of IS audit

a) Analysis

b) Planning

c) Fieldwork

d) Reporting

Answer: Planning

6. Which CAT tool facilitates real-time notification display of messages on the auditor terminal

a) Snapshot

b) SCRAF

c) CIS

d) Audit Hook

Answer: Audit Hook

7. Which one is not the objective of Audit Trail.

a) Audit trail promotes Personal Accountability

b) Audit detect Unauthorized Access

c) To promote good internal control

d) Audit trail facilitate reconstruction of events

Answer: To promote good internal control

8. Auditor uses SCARF to collect various information; what does SCARF stand for

a) System Control Audit review file

b) System Control Audit review facility

c) Software control Auditor’s review file

d) Software control Auditor’s review facility

Answer: System Control Audit review file

9. Which one is not Audit performed during the system development process

a) Concurrent audit

b) Pre-implementation Audit

Livemcqs.com
Livemcqs.com

c) Post-Implementation Audit

d) General Audit

Answer: Pre-implementation Audit

10. IT audit is the process of collecting and evaluating evidence to determine

a) Whether a computer system safeguards assets

b) Whether maintains data integrity

c) Whether allows organizational goals to be achieved effectively and uses resources efficiently

d) All of the above

Answer: All of the above

11. The objectives of IT audit include

a) Ensures asset safeguarding

b) Ensures that the attributes of data or information are maintained

c) Both (a) and (b)

d) None of the above

Answer: Both (a) and (b)

12.Failing to detect a material error would represent which type of risk?

a) Overall Audit Risk

b) Detection Risk

c) Inherent Risk

d) Control Risk

Answer: Detection Risk

13. Which is one of the bigger concerns regarding asset disposal?

a) Residual Asset Value

b) Employees taking disposed property home

c) Standing data

d) Environmental Regulations

Answer: Environmental Regulations

14. Audit Trail is an example of ____ control

Livemcqs.com
Livemcqs.com

a) Detective

b) Application

c) Preventive

d) Correction

Answer: Detective

15. Which one is not a Boundary control audit trail

a) Resources requested

b) No of sign-on attempts

c) Authentication of information supplied

d) Time and date of printing output

Answer: Time and date of printing output

16. Which among the following is not a compliance test as related to IT environment

a) Determining whether passwords are changed periodically.

b) Determining whether systems logs are reviewed

c) Determining whether program changes are authorized.

d) Reconciling account balances

Answer: Reconciling account balances

17. Which among the following is not a limitation in IT Audit

a) Data used not from the production environment

b) If this is only production environment and audit could not test dummy data

c) “Read-only Access” given to audit

d) None of the above

Answer: “Read-only Access” given to audit

18. The type of audit evidence which the auditor should consider using in IT audit includes

a) Observed process and existence of physical items

b) Documentary audit evidence excluding electronic records

c) Analysis excluding IT-enabled analysis

d) None of the above

Livemcqs.com
Livemcqs.com

Answer: Observed process and existence of physical items

19. What is the commonly used example of generalized audit software?

a) CAAT

b) IDEA

c) COBIT

d) None of the above

Answer: CAAT

20. A higher risk of system violation happens where

a) The audit module is not operational

b) The audit module has been disabled

c) The audit module is not periodically reviewed

d) All of the above

Answer: All of the above

Livemcqs.com

You might also like