Computer Auditing Question Paper

Computer Auditing 

Course:Bachelor Of Commerce

Institution: Kca University question papers

Exam Year:2010



UNIVERSITY EXAMINATIONS: 2009/2010
FIRST YEAR EXAMINATION FOR THE DEGREE OF BACHELOR OF
COMMERCE
CMS 303: COMPUTER AUDITING (Sunday)
DATE: AUGUST 2010 TIME: 2 HOURS
INSTRUCTIONS: Answer question ONE and any other TWO questions
QUESTION ONE
a) The Internal Control Questionnaire for House of Manji’s payroll system reveals several control
weaknesses. Comment on the control implications of each of the following: (20 Marks)
i. Neither the warehouse nor the personnel department has written procedures
ii. Source documents are not pre-numbered
iii. Amount totals were not computed during data preparation
iv. Errors were not recorded in a log & re-verified
v. Input validation omits the sign test, value test, field test, and invalid combination
b) Describe the auditing approach referred to as ‘auditing around’ the computer identifying
circumstances when it is appropriate. How does this approach differ from auditing through the
computer? (10 Marks)
QUESTION TWO
a) Your employer, a firm of Certified Public Accountants of Kenya, are the auditors of a private
company with an annual revenue of KShs. 50 million. The board of Management of the hospital
has resolved to convert the accounting procedures from manual to electronic data processing (EDP)
system.
i. State the effect of this development in your approach to audit of the hospital (10 Marks)
2
ii. What controls would you recommend to be included in the new EDP system? (10 Marks)
QUESTION THREE
An important step in systems development is the internal audit participation in the systems
development process. Describe the appropriate responsibilities of the internal auditor who participates
in each of the following steps
i. Systems planning (2.5 Marks)
ii. User specifications (2.5 Marks)
iii. Technical specifications (2.5 Marks)
iv. Implementation planning (2.5 Marks)
v. Programming (2.5 Marks)
vi. User procedure & training (2.5 Marks)
vii. Post implementation review (2.5 Marks)
viii. Documentation (2.5 Marks)
QUESTION FOUR
“The auditor should obtain relevant and relevant and reliable audit evidence sufficient to enable him to
draw reasonable conclusions there from”.
i. List ten categories of evidence that an auditor might use, giving an example of each (10 Marks)
ii. List how the auditor may utilize CAAT’s in gathering the evidence stated above. (10 Marks)
QUESTION FIVE
a) Define security management in the context of systems security controls and identify the key steps
involved in security management planning and control (10 Marks)
b) An auditor can utilize three approaches in testing the controls in a computer program. Identify and
explain on these key approaches ( 9 Marks)
c) Define the following terms
(i) Location Controls (0.5 Marks)
(ii) Construction controls (0.5 Marks)






More Question Papers


Exams With Marking Schemes

Popular Exams


Mid Term Exams

End Term 1 Exams

End Term 3 Exams

Opener Exams

Full Set Exams



Return to Question Papers