1、A firm is constructing a risk analysis to quantify the exposure of its data center to various types of threats. Which one of the following situations would represent the highest annual loss exposure after adjustment for insurance proceeds?
|
Frequency of
occurrence (years) |
Loss amount |
Insurance (% coverage) |
A. |
1 |
$15,000 |
85 |
B. |
8 |
$75,000 |
80 |
C. |
20 |
$200,000 |
80 |
D. |
100 |
$400,000 |
50 |
2、 Which of the following is true of control risk?
A. Control risk is an assessment of the likelihood that misstatements exceeding an acceptable level will not be detected by internal control
B. Control risk is an assessment of the likelihood that misstatements exceeding an acceptable level will not be deterred by an internal audit
C. Control risk is dependent on detection risk
D. Control risk is measured in combination with safeguarding risk to determine overall risk
3、The audit committee can contain all of the following except
A. The company president
B. The chairman of the board of directors
C. A member of the board of directors who owns a separate business not related to the business of the company
D. The president of the local chamber of commerce
4、From a modern internal auditing perspective, which one of the following statements represents the most important benefit of an internal auditing activity to management?
A. Assurance that published financial statements are correct
B. Assurance that fraudulent activities will be detected
C. Assurance that the organization is complying with legal requirements
D. Assurance that there is reasonable control over day-to-day operations
5、The proper organizational role of internal auditing is to
A. Assist the external auditor in order to reduce external audit fees
B. Perform studies to assist in the attainment of more efficient operations
C. Serve as the investigate arm of the board
D. Serve as an independent, objective assurance and consulting activity that adds value to operations
6、In an organization of the information system function the most important separation of duties is
A. Not allowing the data librarian to assist in data processing operations
B. Assuring that those responsible for programming the system do not have access to data processing operations
C. Having a separate information officer at the top level of the organization outside of the accounting function
D. Using different programming personnel to maintain utility programs from those who maintain the application programs
7、Data processed by a computer system are usually transferred to some form of output medium for storage. However, the presence of computerized output does not, in and of itself, assure the output’s accuracy, various controls are needed. The major types of controls for this area include
A. Transaction controls, general controls, and printout controls
B. Activity listings, echo checks, and pre-numbered forms
C. Tape and disk output controls and printed output controls
D. Input controls, tape and disk output controls, and printed output controls
8、 In order to prevent, detect, and correct errors and unauthorized tampering, a payroll system should have adequate controls. The best set of controls for a payroll system includes
A. Batch and hash totals, record counts of each run, proper separation of duties, passwords and user codes, and backup copies of activity and master files
B. Employee supervision, batch totals, record counts of each run, and payments by check
C. Passwords and user codes, batch totals, employee supervision, and record counts of each run
D. Batch totals, record counts, user codes, proper separation of duties, and online edit checks
9、An employee in the receiving department keyed in a shipment from a remote terminal and inadvertently omitted the purchase order number. The best systems controls to detect this error would be
A. Batch total
B. Completeness test
C. Sequence check
D. Reasonableness test
CMA中英文智能题库免费使用,史上最全,考试必备://cma.gaodun.cn/tiku/