Summary UNIV 104 : English Assessment Liberty University answers complete solutions

Document Content and Description Below

Which of the following is NOT a task performed in the audit planning phase? a. Reviewing an organization's policies and practices b. Planning substantive testing procedures c. Reviewing general con... trols d. Determining the degree of reliance on controls d. Determining the degree of reliance on controls Which of the following is the best example of an application control objective? a. Ensure that the computer operating system functions efficiently b. Provide backup facilities in the event of a disaster c. Prevent unauthorized access to corporate databases d. Ensure the validity, completeness, and accuracy of sales transactions d. Ensure the validity, completeness, and accuracy of sales transactions Which of the following statements is true? a. Both the SEC and the PCAOB require the use of the COSO framework b. Any framework can be used that encompasses all of COCO's general themes. c. The SEC recommends COBIT and the PCAOB recommends COSO d. Both the SEC and the PCAOB require the COBIT framwork e. None of the above are true b. Any framework can be used that encompasses all of COCO's general themes. Which of the following is NOT a control concern in a distributed data processing environment? a. Redundancy b. Hiring qualified professionals c. Incompatibility d. Lack of standards e. All of the above are control concerns e. All of the above are control concerns Which of the following disaster recovery techniques may be least optimal in the case of a wide spread natural disaster? a. Empty shell b. Internally provided backup c. ROC d. They are all equally beneficial c. ROC Which of the following is NOT a potential threat to computer hardware and peripherals? a. Low humidity b. High humidity c. Carbon dioxide fire extinguishers d. Water sprinkler fire extinguishers c. Carbon dioxide fire extinguishers Which of the following is NOT requirement of Section 302 of SOX? a. Corporate management (including the CEO) must certify monthly and annually their organization's internal controls over financial reporting b. Auditors must interview management regarding significant changes in the design or operation of internal control that occurred since the last audit c. Auditors must determine whether changes in internal control have materially affected, or are likely to materially affect, internal control over financial reporting. d. Management must disclose any material changes in the company's internal controls that have occurred during the most recent fiscal quarter. e. All of the above are requirements a. Corporate management (including the CEO) must certify monthly and annually their organization's internal controls over financial reporting Which of the following is NOT a requirement in management's report on the effectiveness of internal controls over financial reporting? a. Describe the flow of transactions in sufficient detail to points at which misstatement could arise b. An evaluation of entity-wide controls that correspond to the COSO framework c. A statement that the organization's internal auditors have issued an attestation report on management's assessment of the company's internal controls d. An explicit written conclusion as the effectiveness of internal control over financial reporting e. All of the above are requirements c. A statement that the organization's internal auditors have issued an attestation report on management's assessment of the company's internal controls Which of the following is associated with the unique characteristics of an industry? a. Inherent risk b. Detection risk c. Control risk d. None of the above a. Inherent risk Which of the following is not true about the SSAE 16 report? a. It is a third-party attestation report b. It replaced Statement on Auditing Standards No. (SAS 70) c. The service provider prepares a separate SSAE 16 report tailored to the needs of each of its client firms, which the client auditors rely upon d. When using the carve-out method, service provider management would exclude the sub-service organization's relevant controls e. All of the above are true c. The service provider prepares a separate SSAE 16 report tailored to the needs of each of its client firms, which the client auditors rely upon When someone disguises the source of Internet messages to make appear that it is coming from a different source, this is called: a. Deep packet inspection b. Message packet switching c. Dual-homed signaling d. IP screening e. None of the above e. None of the above A program that attaches to another legitmate program but does NOT replicate itself is called a a. virus b. worm c. Trojan horse d. logic bomb e. none of the above c. Trojan horse The purpose of a checkpoint procedure is to facilitate restarting after a. data processing errors b. data input errors c. the failure to have all input data ready on time d. computer operator intervention e. none of the above a. data processing errors A user's application may consist of several modules stored in separate memory locations, each with its own data. One module must not be allowed to destroy or corrupt another module. This is an objective of a. EDI controls b. network controls c. Detection Risk controls d. application controls e. none of the above e. none of the above An integrated group of programs that supports the applications and facilitates their access to specified resources is called a(n) a. operating system b. database management system c. utility system d. facility system e. none of the above a. operating system Which of the following is NOT a network control objective? a. Preventing illegal access b. Correcting message loss due to equipment failure c. Maintaining the critical application list d. Rendering useless any data that a perpetrator successfully captures e. All the above are network control objectives c. Maintaining the critical application list Reviewing database authority tables is an example of a(n) a. Operating resource controls b. Organizational structure control c. Data resource control d. None of the above d. None of the above [Show More]

Last updated: 1 year ago

Preview 1 out of 214 pages