Interested to Buy Any Domain ? << Click Here >> for more details...
Prices are charged on the basis of a standard master file
rate that changes as volume increases. Any exceptions must
be manually approved. What is the MOST effective automated
control to help ensure that all price exceptions are approved?
A. All amounts are displayed back to the data entry clerk,
who must verify them visually.
B. Prices outside the normal range should be entered twice
to verify data entry accuracy.
C. The system beeps when price exceptions are entered and
prints such occurrences on a report.
D. A second-level password must be entered before a price
exception can be processed.
- 1 Answers
- 4956 Views
- I also Faced
- E-Mail Answers
Answer / guest
Answer: D
"Automated control should ensure that the system processes
the price exceptions only on approval of another user who is
authorized to approve such exceptions. A second-level
password would ensure that price exceptions will be approved
by a user who has been authorized by management. Visual
verification of all amounts by a data entry clerk is not a
control, but a basic requirement for any data entry. The
user being able to visually verify what has been entered is
a basic manual control. Entry of price exceptions twice, is
an input control. This does not ensure that exceptions will
be verified automatically by another user. The system
beeping on entry of a price exception is only a warning to
the data entry clerk
it does not prevent proceeding further. Printing of these
exceptions on a report is a detective (manual) control."
| Is This Answer Correct ? | 5 Yes | 0 No |
The MAJOR concern for an IS auditor when reviewing an organization's business process reengineering (BRP) efforts is: A. cost overrun of the project. B. employees resistance to change. C. key controls may be removed from a business process. D. lack of documentation of new processes.
Which of the following testing methods is MOST effective during the initial phases of prototyping? A. System B. Parallel C. Volume D. Top-down
Which of the following is a substantive audit test? A. Verifying that a management check has been performed regularly B. Observing that user IDs and passwords are required to sign on the computer C. Reviewing reports listing short shipments of goods received D. Reviewing an aged trial balance of accounts receivable
An IS auditor conducting an access controls review in a client-server environment discovers that all printing options are accessible by all users. In this situation, the IS auditor is MOST likely to conclude that: A. exposure is greater since information is available to unauthorized users. B. operating efficiency is enhanced since anyone can print any report, any time. C. operating procedures are more effective since information is easily available. D. user friendliness and flexibility is facilitated since there is a smooth flow of information among users.
A control log basic to a real-time application system is a(n): A. audit log. B. console log. C. terminal log. D. transaction log.
E-mail message authenticity and confidentiality is BEST achieved by signing the message using the:
An advantage of using sanitized live transactions in test data is that: A. all transaction types will be included. B. every error condition is likely to be tested. C. no special routines are required to assess the results. D. test transactions are representative of live processing.
When reviewing a system development project at the project initiation stage, an IS auditor finds that the project team is following the organization's quality manual. To meet critical deadlines the project team proposes to fast track the validation and verification processes, commencing some elements before the previous deliverable is signed off. Under these circumstances, the IS auditor would MOST likely: A. report this as a critical finding to senior management. B. accept that different quality processes can be adopted for each project. C. report to IS management the team's failure to follow quality procedures. D. report the risks associated with fast tracking to the project steering committee.
An IS auditor doing penetration testing during an audit of Internet connections would: A. evaluate configurations. B. examine security settings. C. ensure virus-scanning software is in use. D. use tools and techniques that are available to a hacker.
An IS auditor is auditing the controls relating to employee termination. Which of the following is the MOST important aspect to be reviewed? A. The related company staff are notified about the termination B. User ID and passwords of the employee have been deleted C. The details of employee have been removed from active payroll files D. Company property provided to the employee has been returned
Which of the following is a strength of a client-server security system? A. Change control and change management procedures are inherently strong. B. Users can manipulate data without controlling resources on the mainframe. C. Network components seldom become obsolete. D. Access to confidential data or data manipulation is controlled tightly.
Which of the following is critical to the selection and acquisition of the correct operating system software? A. Competitive bids B. User department approval C. Hardware-configuration analysis D. Purchasing department approval
Cisco Certifications 
