Bbt2208:Auditing Information Question Paper
Bbt2208:Auditing Information
Course:Bachelor Of Commerce
Institution: Meru University Of Science And Technology question papers
Exam Year:2014
QUESTION ONE – 30 MARKS
(a) Explain the following control techniques and their significance in the context of data security. i. Biometric control (3 marks) ii. Encryption (3 marks) iii. Logical access (3 marks) (b) Application controls can be classified into three major categories; processing controls, input controls and output controls. Describe the objective of each control and examine the techniques within each to ensure maintenance of maximum feasible levels of control. (9 marks) (c) Although computer systems should be designed to ensure accurate data processing, an auditor is likely to make use of one or more computer-based techniques in order to check that accuracy. Describe any four techniques available to the auditor and the situations where each might be used. (12 marks)
2
QUESTION TWO –20 MARKS
(a) Client /server architecture, database technology and networks provide structures which facilitate sharing of corporate data and information. As an information technology specialist, outline the major control procedures that should be taken into account in the process of sharing data. (6 marks)
(b) Give reasons to support the importance of controlling data inputs and discuss any four methods that you may use to control data inputs. (6 marks)
(c) A company needs information on which to base decisions concerning the current operations and future plans. Explain areas of management control where computers are used or can be used. (8 marks) QUESTION THREE – 20MARKS (a) Explain the factors that an external auditor should consider before relying on the work of the internal audit function. (6 marks)
(b) Discuss the auditing process in context of an automated system (8 marks)
(c) Discuss how the computer based systems have impacted on the audit approach?(6 marks) QUESTION FOUR – 20MARKS (a) Discuss continuous audit and its implications for independent auditors. (4 marks)
(b) Distinguish the following: i. Auditing around the computer (2 marks) ii. Auditing through the computer (2 marks) (c) Discuss the general functions of computer audit software. (6 marks)
(d) Define and explain five advantages of embedded audit facilities. (6 marks) QUESTION FIVE – 20MARKS Your company has purchased several personal computers. One has been installed in the stores department, which is responsible for disbursing stock items and maintaining store records. In your audit, you find that one employee, trained in computer applications, receives the requisitions for stores, reviews them for completeness and approvals, disburses the stock, maintains the records, operates the computer and authorizes adjustments to the total amounts of stock accumulate by the computer.
3
When you discuss the applicable controls with the department manager, you are told that the personal computer is assigned exclusively to that department. Therefore, it does not require the same types of controls that are applicable to large computer systems. Required: Comment on the manager’s contentions, discussing ten types of controls that would apply to this personal computer application. (20 marks)
More Question Papers