IS auditors are MOST likely to perform compliance tests of internal controls if

Is auditors are most likely to perform compliance

This preview shows page 23 - 25 out of 325 pages.

49. IS auditors are MOST likely to perform compliance tests of internal controls if, after their initial evaluation of the controls, they conclude that: A. a substantive test would be too costly.B. the control environment is poor.C. inherent risk is low.D. control risks are within the acceptable limits. The correct answer is: D. control risks are within the acceptable limits. Explanation: IS auditors perform tests of controls (compliance testing) to assess whether control risks are within acceptable limits. The results of the compliance testing would influence the IS auditor's decisions as to the extent of tests of balance (substantive testing). If compliance testing confirms that the control risks are within an acceptable level, then the extent of substantive testing would be reduced. During the testing phase of an audit, an IS auditor does not know whether the controls identified operate effectively. Tests of controls, therefore, evaluate whether specific, material controls are, in fact reliable. Performing test of controls may conclude that the control environment is poor, but it is not the objective of compliance testing. Inherent risks cannot be determined by performing a test of controls. Area: 1
Image of page 23
50. Which of the following would be of the LEAST value to an IS auditor attempting to gain an understanding of an organization's IT process? The correct answer is: C. Prior audit reports Explanation: Prior audit reports would be of least value because they provide historical and therefore not current information about areas of control weaknesses. Each of the other choices provides information useful for gaining an understanding of the process. Area: 1 51. Which of the following should be the FIRST step of an IS audit? The correct answer is: B. Gain an understanding of the environment under review. Explanation: An auditor needs to gain an understanding of the processes prior to creating a flowchart. Based on the scope of the audit, the IS auditor should gain an understanding of the environment under review, and then carry out a risk assessment. Finally, on the basis of understanding the environment under review and the risk assessment, the IS auditor should prepare an audit plan. Area: 1
Image of page 24
Image of page 25

You've reached the end of your free preview.

Want to read all 325 pages?

  • Summer '17

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask You can ask (will expire )
Answers in as fast as 15 minutes