Access control software on an organization's mainframe computer records detailed information concerning both successful and unsuccessful log-on attempts to applications. Which of the following audit tools would be best suited to review the access information that has been recorded?

• A.Integrated test facility.
• B.Flowcharting.
• C.Generalized audit software.
• D.Test data.

Comment: *

Name: *

Email: *

Verification: *

The chief audit executive (CAE) decided that based on management's oral response, the action taken on an audit observation for a minor improvement in the client's process is sufficient and no further follow-up is necessary. Which of the following would be the best statement regarding the action of the CAE?

• A.The CAE action is not acceptable, as follow-up on the issue is critical until a written response is obtained from management.
• B.The CAE action is acceptable as long as the follow-up is sufficient when weighed against the relative importance of the recommendation.
• C.The CAE action is acceptable as long as the issue has been escalated to the board to get their position on the issue.
• D.The CAE action is not acceptable, as a follow-up audit is needed to ensure that action is really taken by management.

Comment: *

Name: *

Email: *

Verification: *

An internal auditor has a recommendation to change operations which could potentially increase profits by
$50,000. The best way to sell this recommendation to management is to:

• A.Carefully work out the details of implementation before presenting it to department management.
• B.Discuss it with operating supervisors who are directly affected by the change, and then with department management.
• C.Bring it to the audit manager, who should bring it immediately to senior management's attention.
• D.Wait until the exit conference to discuss it in order to ensure all affected parties are present.

Comment: *

Name: *

Email: *

Verification: *

Which of the following is not a direct benefit of control self-assessment (CSA)?

• A.CSA allows management to have input into the audit plan.
• B.CSA can improve the control environment.
• C.CSA allows process owners to identify, evaluate, and recommend improving control deficiencies.
• D.CSA increases control consciousness.

Comment: *

Name: *

Email: *

Verification: *

During a fraud interview, it was discovered that unquestioned authority enabled a vice president to steal funds from the organization. Which of the following best describes this condition?

• A.Rationalization.
• B.Pressure.
• C.Opportunity.
• D.Scheme.

Comment: *

Name: *

Email: *

Verification: *