d. examine statements signed by employees stating that they have not divulged their user
identifications and passwords to any other person.
When IT programs or files can be accessed from terminals, users should be required to enter
a(n):
An auditor’s flowchart of a client’s system is a graphical representation that depicts the
auditor’s:
a. program for tests of controls.
b. understanding of the system.
c. understanding of the types of errors that are probable given the present system.
d. documentation of the study and evaluation of the system.
Which of the following is not a characteristic of an online processing system?
a. Output of the data files is available on request.
b. Master files are updated at the time the entry is made.
c. Display terminals are used for both input and output purposes.
d. Programming is not allowed online and must be done separately.
Typical controls developed for manual systems which are still important in IT systems include:
a. proper authorization of transactions.
b. competent and honest personnel.
c. careful and complete preparation of source documents.
______ controls prevent and detect errors while transaction data are processed.
A database management system:
a. physically stores each element of data only once.
b. stores data on different files for different purposes, but always knows where they are and
how to retrieve them.
c. allows quick retrieval of data but at a cost of inefficient use of file space.
d. allows quick retrieval of data, but it needs to update files continually.
Which of the following is not associated with converting from a manual to an IT system?
a. It usually centralizes data.
b. It permits higher quality and more consistent controls over operations.
c. It may eliminate the control provided by division of duties of independent persons who
perform related functions and compare results.
d. It may take the recordkeeping function and the document preparation function away from
those who have custody of assets and put those functions into the IT center.
Which of the following statements about general controls is not correct?
a. Disaster recovery plans should identify alternative hardware to process company data.
b. Successful IT development efforts require the involvement of IT and non-IT personnel.
c. The chief information officer should report to senior management and the board.
d. Programmers should have access to computer operations to aid users in resolving
problems.