An organization is concerned about duplicate vendor payments on a complex system with a high volume of transactions. Which of the following would be MOST helpful to an IS auditor to determine whether duplicate vendor payments exist?
Correct Answer: A
A computer-assisted technique is the most helpful method for an IS auditor to determine whether duplicate vendor payments exist on a complex system with a high volume of transactions. A computer-assisted technique is a tool or procedure that can be used to perform audit tests or procedures on data stored in electronic form. Examples of computer-assisted techniques include data analysis software, query tools, scripting languages, and specialized audit software. A computer-assisted technique can help an IS auditor to identify and extract duplicate payments from a large data set, perform calculations and comparisons, and generate reports and summaries. A computer-assisted technique can also provide more accuracy, efficiency, and coverage than manual methods. Stratified sampling, statistical sampling, and process walk-through are not as helpful as a computer-assisted technique for this purpose. Stratified sampling is a sampling method that divides the population into subgroups based on certain characteristics and selects samples from each subgroup. Statistical sampling is a sampling method that uses probability theory to determine the sample size and selection criteria. Process walk-through is a review technique that involves following a transaction or process from start to finish and observing the inputs, outputs, controls, and documentation. These methods may be useful for other audit objectives, but they are not as effective as a computer-assisted technique for detecting duplicate payments in a complex and high-volume system. References: ISACA Frameworks: Blueprints for Success, [ISACA Glossary of Terms]
Question 897
When should reviewing an audit client's business plan be performed relative to reviewing an organization's IT strategic plan?
Correct Answer: A
Section: Protection of Information Assets Explanation: Reviewing an audit client's business plan should be performed before reviewing an organization's IT strategic plan.
Question 898
Due to a global pandemic, a health organization has instructed its employees to work from home as much as possible. The employees communicate using instant messaging Which of the following is the GREATEST risk in this situation?
Correct Answer: A
Question 899
Which of the following will prevent dangling tuples in a database?
Correct Answer: D
Explanation/Reference: Explanation: Referential integrity ensures that a foreign key in one table will equal null or the value of a primary in the other table. For every tuple in a table having a referenced/foreign key, there should be a corresponding tuple in another table, i.e., for existence of all foreign keys in the original tables, if this condition is not satisfied, then it results in a dangling tuple. Cyclical checking is the control technique for the regular checking of accumulated data on a file against authorized source documentation. There is no cyclical integrity testing. Domain integrity testing ensures that a data item has a legitimate value in the correct range or set. Relational integrity is performed at the record level and is ensured by calculating and verifying specific fields.
Question 900
Which of the following is the BEST way to ensure that an application is performing according to its specifications?
