cpa audit review ch 5 review 4

Card Set Information

Author:
Joens1313
ID:
280195
Filename:
cpa audit review ch 5 review 4
Updated:
2014-08-03 21:01:01
Tags:
cpa audit review
Folders:

Description:
cpa audit review ch 5 review 4
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user Joens1313 on FreezingBlue Flashcards. What would you like to do?


  1. An Internet firewall is designed to provide adequate protection against which of the following?

    A.A Trojan horse application.

    B.Unauthenticated logins from outside users.

    C.Insider leaking of confidential information.

    D.A computer virus.
    B.Unauthenticated logins from outside users.

    A firewall is a device that separates two networks and prevents passage of specific types of network traffic while maintaining a connection between the networks. Generally, an Internet firewall is designed to protect a system from unauthenticated logins from outside users, although it may provide several other features as well.
  2. Which of the following strategies would a CPA most likely consider in auditing an entity that processes most of its financial data only in electronic form, such as a paperless system?

    A.Extensive testing of firewall boundaries that restrict the recording of outside network traffic.

    B.Continuous monitoring and analysis of transaction processing with an embedded audit module.

    C.Increased reliance on internal control activities that emphasize the segregation of duties.

    D.Verification of encrypted digital certificates used to monitor the authorization of transactions.
    B.Continuous monitoring and analysis of transaction processing with an embedded audit module.

    An audit module embedded in the client’s software routinely selects and abstracts certain transactions. They may be tagged and traced through the information system. An alternative is recording in an audit log, that is, in a file accessible only by the auditor.
  3. The design or operation of a control may not allow management or employees, in the normal course of performing their assigned functions, to prevent, or detect and correct, misstatements on a timely basis. According to AU-C 265, this circumstance is a
    Control deficiency. 

    A control deficiency may arise either in the design or operation of a control. It is the lowest level of deficiency identified in the standards. A design deficiency results when (1) a necessary control is missing or (2) a control operating as designed does not meet the control objective. An operating deficiency results when (1) a properly designed control does not function as designed, or (2) the person performing the control does not have the authority or competence to perform it effectively.
  4. Which of the following is a network node that is used to improve network traffic and to set up a boundary that prevents traffic from one segment from crossing over to another?

    A.Firewall.

    B.Router.

    C.Heuristic.

    D.Gateway
    A.Firewall.

    A firewall separates an internal from an external network (e.g., the Internet) and prevents passage of specific types of traffic. It identifies names, Internet Protocol (IP) addresses, applications, etc., and compares them with programmed access rules.
  5. The auditor’s understanding of internal control is documented to substantiate

    A.Conformity of the accounting records with generally accepted accounting principles.

    B.Adherence to procedures for effective and efficient management decision making.

    C.The fairness of the financial statement presentation.

    D.Compliance with generally accepted auditing standards.
    D.Compliance with generally accepted auditing standards.

    The auditor should prepare audit documentation that is sufficient to permit an experienced auditor to understand (1) the nature, timing, and extent of audit procedures performed to comply with GAAS and other requirements; (2) the results and evidence obtained; and (3) significant findings or issues, the conclusions reached, and judgments made (AU-C 230). Thus, the auditor should document, among other things, his/her understanding of the components of internal control and the assessed risks of material misstatement at the financial statement and assertion levels (AU-C 315).

What would you like to do?

Home > Flashcards > Print Preview