SOLVED

Learning Objective 12-6 1) A database management system: A) allows clients to create databases that include information that can be shared across multiple applications. B) stores data on different files for different purposes, but always knows where they are and how to retrieve them. C) allows quick retrieval of data, but at a cost of inefficient use of file space. D) allows quick retrieval of data, but it needs to update files continually. 2) When auditing client’s using database management systems the auditor is principally aware of elevated risk due to: A) multiple users can access and update accounting files. B) the accounting information is only in one place. C) the database administrator may lack appropriate accounting knowledge. D) multiple users could all access the data simultaneously causing system shutdown. 3) General controls may include firewalls which are used to protect: A) erroneous internal handling of data. B) against insufficient documentation of transactions. C) illogical programming commands. D) unauthorized use of system resources. 4) What tools do companies use to limit access to sensitive company data? A) Encryption techniques Digital signatures Firewall Yes Yes Yes B) Encryption techniques Digital signatures Firewall Yes No No C) Encryption techniques Digital signatures Firewall No Yes Yes D) Encryption techniques Digital signatures Firewall Yes Yes No 5) Rather than maintain an internal IT center, many companies outsource their basic IT functions such as payroll to an: A) external general service provider. B) external application service provider. C) internal control service provider. D) internal auditor. 6) When the auditor is obtaining an understanding of a service center’s internal controls the auditor should: A) use the same criteria used to evaluate the client’s internal controls. B) use different criteria because the service center resides outside the company. C) use the same criteria used to evaluate the client’s internal controls but omit tests of transactions. D) use different criteria for the service center by including substantive tests of balances. 7) Many clients have outsourced the IT functions. The difficulty the independent auditor faces when a computer service center is used is to: A) gain the permission of the service center to review their work. B) find compatible programs that will analyze the service center’s programs. C) determine the adequacy of the service center’s internal controls. D) try to abide by the Code of Professional Conduct to maintain the security and confidentiality of client’s data. 8) Service auditors do not issue which of the following types of reports? A) report on implemented controls B) report on controls that have been implemented and tested for design effectiveness C) report on controls that have been implemented and tested for operating effectiveness D) each of the above is issued 9) What do auditing standards require when a company outsources some of their IT requirements to an Application Service Provider? 10) Firewalls can protect company data and software programs. A) True B) False 11) LANs link equipment within a single or small cluster of buildings and are used only for intercompany purposes. A) True B) False 12) When auditing a client whose information is processed by an outside service provider, it is not acceptable for the auditor to rely on the audit report of another independent auditor who has previously tested the internal controls of the service provider, rather than testing the service provider’s controls himself or herself. A) True B) False