IT Control Monitoring Methods
12 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the purpose of control monitoring?

  • To identify where active monitoring may be useful
  • To check if the control itself is operational
  • To ensure compliance with enterprise policies only
  • To verify whether the control is effectively addressing the risk (correct)
  • How should the monitoring of controls be based?

  • On irrelevant data
  • On irrelevant data or through self-assessment
  • On data that are relevant to the risk and overall performance (correct)
  • On data that are not relevant to the risk and overall performance
  • When risk action plans are required, what should be monitored?

  • Appropriate risk management practices in alignment with enterprise risk appetite and tolerance (correct)
  • The effectiveness of the firewall
  • Control requirements
  • Employee compliance with policies
  • How is control monitoring conducted?

    <p>Through self-assessment or independent assurance reviews</p> Signup and view all the answers

    What is the main benefit of continuous audit techniques?

    <p>Reducing the time lag between system misuse and detection</p> Signup and view all the answers

    Which type of automated evaluation technique embeds specially written audit software in the enterprise host application system?

    <p>Systems control audit review file (SCARF)</p> Signup and view all the answers

    How do continuous audit techniques affect the confidence in the reliability of an IT system?

    <p>They improve the security of a system and provide timely detection of failures</p> Signup and view all the answers

    What is the purpose of snapshots as an automated evaluation technique?

    <p>To take pictures of the processing path of a transaction</p> Signup and view all the answers

    What is the purpose of the integrated test facility (ITF) technique?

    <p>To set up dummy entities and include them in production files for testing transactions</p> Signup and view all the answers

    What is the main function of audit hooks in application systems?

    <p>To function as red flags and alert IT auditors to act before an error or irregularity occurs</p> Signup and view all the answers

    What does continuous and intermittent simulation (CIS) involve during a process run of a transaction?

    <p>Simulating the instruction execution of the application and auditing transactions based on predetermined criteria</p> Signup and view all the answers

    How does an IT auditor verify the correctness of computer-processed data using the ITF technique?

    <p>By comparing the output with the data that have been independently calculated</p> Signup and view all the answers

    More Like This

    Use Quizgecko on...
    Browser
    Browser