USCPA模拟题：AUD科目选择题练习及解析（三十三）

答案及解析如下

1. When an auditor tests the internal controls of a computerized accounting system, which of the following is true of the test data approach?

a. Test data are processed with the client's computer and the results are compared with the auditor's predetermined results.

b. Test data programs usually consist of all possible valid and invalid conditions regarding compliance with internal controls.

c. Test data programs need not be tailor-made by the auditor for each client's computer applications.

d. Test data are coded to a dummy subsidiary so they can be extracted from the system under actual operating conditions.

Explanation

Choice "a" is correct. The test data approach refers to a technique in which the client's application program is used to process a set of test data, the results of which are already known by the auditor. If the client's program is operating effectively, it should generate the same results determined by the auditor.

Choice "d" is incorrect. An integrated test facility (not a test data approach) utilizes dummy accounts. For example,using an integrated test facility (ITF) approach, test data is initially commingled with live data, but coding to a dummy account allows later extraction from the system under actual operating conditions.

Choice "c" is incorrect. Test data programs should be tailor-made by the auditor for each client's computer applications, to ensure that the data is in an appropriate form for that client's system, and that it includes the types of invalid conditions in which the auditor is interested.

Choice "b" is incorrect. Test data contains the types of valid and invalid conditions in which the auditor is interested (it is not necessary to test all combinations of valid and invalid conditions).

2. Which of the following is a computer-assisted audit technique that permits an auditor to insert the auditor's version of a client's program to process data and compare the output with the client's output?

a. Test data module.

b. Remote node router.

c. Parallel simulation.

d. Frame relay protocol.

Explanation

Choice "c" is correct. This is the definition of parallel simulation. The client's input data is processed through both the auditor's version of the client's program and the client's program and the output is compared.

Choice "a" is incorrect. Test data is data that the auditor develops to test programmed controls. For example, if the client has a programmed control that requires a supervisory approval (a supervisor password) for transactions over $500, the auditor would then create test data to determine if the system would accept a transaction over $500 without a required supervisor password approval.

Choice "d" is incorrect. Frame relay protocol refers to the physical and logical link layers of digital communication channels using packet switching methodology.

Choice "b" is incorrect. A remote node router is not a CAAT; it is a device used to connect physical devices such as terminals and printers not connected to the main network.

3. Which of the following is the primary reason that many auditors hesitate to use embedded audit modules?

a. Embedded audit modules can easily be modified through management tampering.

b. Auditors are required to monitor embedded audit modules continuously to obtain valid results.

c. Embedded audit modules cannot be protected from computer viruses.

d. Auditors are required to be involved in the system design of the application to be monitored.

Explanation

Choice "d" is correct. Embedded audit modules are sections of the application program code that collect transaction data for the auditor. Embedded audit modules are usually built into the application program when the program is developed. This would require that the auditors be involved in the system design of the application to be monitored.

Choice "c" is incorrect. Embedded audit modules can be protected from computer viruses the same way any other application program would be protected.

Choice "b" is incorrect. Auditors are not required to monitor embedded audit modules continuously to obtain valid results.

Choice "a" is incorrect. As long as there are appropriate controls in place, embedded audit modules cannot easily be modified through management tampering.