SHAIKH BILAL HAQUE

Control, Security and Audit.

9. Control Design to prevent errors from happening in the first place. I.e. Checking invoices from
suppliers against goods received notes before paying the invoices. This is the example of .....................
Control.
A. Correct
B. Detect
C. Prevent
D. Administrative.

10. Designed identify errors once they have happened. I.e. Bank reconciliation and physical checks of
inventory against inventory records. Are example of .............................. Control procedure.
A. Detect
B. Prevent
C. Correct
D. Discretionary

11....................... Controls are designed to minimize or negate the defect of errors... E.g. back up of
computer input at the end of the day.
A. Backup
B. Correct
C. Accounting
D. Detect.
E. Prevent.

12. .......................... Control is required by law and imposed by external authorities.

A. General
B. Mandated
C. Discretionary
D. Voluntary.

13. .................... Controls are provided automatically by the system and cannot be overridden. E.g.
entering a pin in ATM
A. Financial
B. Manual
C. General
D. Non- Discretionary

14. A .................... Is a list that is drawn up before any processing takes place?
A. Post list
B. Pre List
C. Total List
D. Job list.

SHAIKH BILAL HAQUE Page 1

 SHAIKH BILAL HAQUE

15. Acknowledgment of work means Person who carries out a particular job should acknowledge their
work by getting the signature of its senior manager
A. True
B. False

16. Funds and property of the company should be kept under proper custody. Access to assets should be
limited to........................
A. Directors
B. None Executive Directors
C. Authorized personal.
D. Bankers or lenders

17. ................. Is a part of internal control system?

A. External Audit.
B. Management investigation
C. Special Checking team
D. Internal Audit

18. Internal Audit need is depending on the following (state which is the wrong one.)
A. Problem with the internal Control system
B. An increased number of unexplained or unacceptable events
C. Cost benefit considerations
D. When management is satisfied with the internal control system.

19. Internal Auditors seeks to monitor the financial activity of a company only.
A. True
B. False

20. Operation Audit is also known as management, efficiency or value for money audit.
A. True
B. False

21. ........................ Objective is to monitoring of management's performance at every level to ensure

optimal functioning according to pre determine data.
A. Management Investigation
B. Operational Audit
C. System Audit
D. Transactions Audit

22. ........................ Is based on a testing and evaluation of the internal controls within an organization so
that those controls may be relied on to ensure that resources are being managed effectively and
information provided accurately
A. System Audit
B. Value of Money
C. Operational Audit
D. Social Audit.

SHAIKH BILAL HAQUE Page 2

 SHAIKH BILAL HAQUE

23. Which of the following is not a type of Internal Audit?

A. Management Investigation
B. Operational Audit
C. Legal Audit
D. Transactions Audit
E. Social Audit.
F. System Audit.

24. ............................ Seeks evidence that the internal controls are being applied as prescribed.
A. Compliance Test
B. Substantive Test
C. Error detection Test
D. Productivity test.

25. ........................... Test is used to check the entries in the figures in accounts. They are used to
discover errors and omissions.
A. Error and Omission
B. Accounts
C. Casting
D. Substantive

26. A Transactions or Probity Audit aims to detect fraud and uses only substantive tests.
A. True
B. False

27. Internal Auditors are Answerable and Accountable to...................

A. Senior Manager.
B. Senior Auditor
C. Company Financial Head
D. Highest Executive Level

28. This is wrong Perception that Independence is vital for the work and productivity for Internal
Auditors.
A. True
B. False

29. External Auditor has a much wider scope then the Internal Auditors.
A. True
B. False

30. External Auditors works relates to the Operations of the Organization.

A. True
B. False.

31. The external auditors do not have a specific duty to detect fraud.

SHAIKH BILAL HAQUE Page 3

 SHAIKH BILAL HAQUE

A. True
B. False.

32. A .............. Can be maintained of unauthorized attempts to gain access to a computer system.
A. Database
B. Log
C. Password
D. Register
33. It is in practice.................... To prevent all threats cost effectively.
A. Impossible
B. Possible
C. Logical
D. Practical.

34. Physical access control is design to prevent...................... Getting near to computer equipment or
storage media.
A. Managers
B. IT Workers
C. Intruders
D. Operators.

35. An ................... Is a record showing who has accessed a computer system and what operations he
has perform.
A. A Fraud Trial
B. Password Trial
C. Computer Trial
D. Audit Trail

36. The internal auditors are not required to consider fraud.

A. True
B. False

37. The intention of the Audit Trial is to ..................... And.....................

A. Detect Fraud
B. Detect input and output record
C. Identify User
D. Identify errors
E. System performance.

38. An Audit trial should be provided so that every transaction on a file contain a...........................
A. Audit Mark
B. Unique Reference
C. Internal control ref.
D. Software Ver. Detail

39. Archiving provide a legally acceptable ......................... While freeing up.......................

SHAIKH BILAL HAQUE Page 4

 SHAIKH BILAL HAQUE

A. Accountability
B. Password
C. Business History
D. Employees time
E. Hard disk space.

40. Archiving mean moving data from primary storage to..........................

A. Short term storage.
B. Paper Storage
C. Computer logs
D. Portable media or long term Storage.

41. A Contingency is an unscheduled interruption of computing services that requires measures outside
the day to day routine operation procedure.
A. True
B. False

42. A …………... Audit aims to detect fraud and uses only substantive tests.
A. Transactions or probity
B. Compliance
C. Working Audit
D. Tax Audit.

43. To whom is the external auditor primarily accountable?

A. The directors of the company
B. The Company as a separate entity
C. The shareholders of the company
D. The employees of the company

44. An organization has a policy of checking all invoices from suppliers against goods received notes
before paying the invoices. This is an example of what type of control procedure?
A. Accounting controls
B. Correct controls
C. Detect controls
D. Prevent controls

45. Below are few factors that influenced the control environment. Which of the following one is
incorrect?
A. Management attitude toward control.
B. Organization Structure.
C. Stakeholder perception.
D. Values and ability of employee\s.

46. Control Environment. Which of the two control classifications are related to reduce of risk associated
to computer environment?
A. General.

SHAIKH BILAL HAQUE Page 5

 SHAIKH BILAL HAQUE

B. Application.
C. Manual.
D. Voluntary.

47. ……………..are the controls which are subject to human discretion.

A. General.
B. Application.
C. Manual.
D. Discretionary.

48. Arithmetical internal check includes the following three steps. Which of the following is not correct?
A. Pre-list.
B. Post-list.
C. Segregate tasks
D. Control total.

49. The main responsibility of the external auditor is to ensure that the financial statements of the client
are
A. Accurate and free from bias.
B. Should reach the Govt. Authorities on time.
C. Should have a detail report on the performance of internal auditors performance
D. Gave a true and fair view of the company activities.

50. External auditor should also see whether the management and the directors has act on the
recommendations of the internal auditors in their report about the weakness and other areas of the
company.
A. True.
B. False.

51. One of the main responsibilities of the external auditor is to ensure that company complies with the
regulations relating to preparing the financial statement on time and submit the copy to the govt.
authorities.
A. True.
B. False.

52. Substantive test are tests by an auditor to establish whether a figure in the financial statement is
correct or not.
A. True.
B. False.

53. Physical threats to computer security may be natural or man made.

A. True.
B. False.

54. Destruction of data can be even more costly than the destruction of hardware. Company data is
more important than hardware.

SHAIKH BILAL HAQUE Page 6

 SHAIKH BILAL HAQUE

A. True.
B. False.

55. Physical access of intruders to the computer equipment and data can be control by the following
way. State the one incorrect?
A. Personal control like security guards or watch man etc.
B. Door locks and Cameras
C. Sign of no entry.
D. Intruders Alarms.

56. Modern computer equipments are safe from theft due to their extra large size.
A. True.
B. False.

57. Which of the following two are the most important aspect of physical access control to the computer
equipment.
A. Personal control like security guards or watch man etc.
B. Door locks
C. Card entry system. .
D. Intruders Alarms

58. .in the context of security is preserved when data is the same as in source documents and has not
been accidentally or intentionally altered destroyed or disclosed.
A. System integrity
B. Risk control
C. Data redundancy.
D. Data integrity

59. ………………. Mean a same data in two or more places. System database through data integration
reduce/delete duplicate data.
A. System integrity
B. Risk control
C. Data redundancy.
D. Data integrity

60. Back-up control in computer data protection aims to maintain system and data integrity.
A. True.
B. False.

61. A ………………can provide a restorable history from one day to several years, depending on the needs
of the business. A. Old unused computer.
B. Tape rotation scheme
C. Physical hard copies of record.
D. Company accountant.

SHAIKH BILAL HAQUE Page 7

 SHAIKH BILAL HAQUE

62. The key objective of the internal Audit is to protect and report for the benefits of the stakeholders.
A. True.
B. False.

SHAIKH BILAL HAQUE Page 8