IT Control Monitoring Methods
12 Questions
1 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to Lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the purpose of control monitoring?

  • To identify where active monitoring may be useful
  • To check if the control itself is operational
  • To ensure compliance with enterprise policies only
  • To verify whether the control is effectively addressing the risk (correct)

How should the monitoring of controls be based?

  • On irrelevant data
  • On irrelevant data or through self-assessment
  • On data that are relevant to the risk and overall performance (correct)
  • On data that are not relevant to the risk and overall performance

When risk action plans are required, what should be monitored?

  • Appropriate risk management practices in alignment with enterprise risk appetite and tolerance (correct)
  • The effectiveness of the firewall
  • Control requirements
  • Employee compliance with policies

How is control monitoring conducted?

<p>Through self-assessment or independent assurance reviews (B)</p> Signup and view all the answers

What is the main benefit of continuous audit techniques?

<p>Reducing the time lag between system misuse and detection (D)</p> Signup and view all the answers

Which type of automated evaluation technique embeds specially written audit software in the enterprise host application system?

<p>Systems control audit review file (SCARF) (A)</p> Signup and view all the answers

How do continuous audit techniques affect the confidence in the reliability of an IT system?

<p>They improve the security of a system and provide timely detection of failures (C)</p> Signup and view all the answers

What is the purpose of snapshots as an automated evaluation technique?

<p>To take pictures of the processing path of a transaction (B)</p> Signup and view all the answers

What is the purpose of the integrated test facility (ITF) technique?

<p>To set up dummy entities and include them in production files for testing transactions (A)</p> Signup and view all the answers

What is the main function of audit hooks in application systems?

<p>To function as red flags and alert IT auditors to act before an error or irregularity occurs (C)</p> Signup and view all the answers

What does continuous and intermittent simulation (CIS) involve during a process run of a transaction?

<p>Simulating the instruction execution of the application and auditing transactions based on predetermined criteria (D)</p> Signup and view all the answers

How does an IT auditor verify the correctness of computer-processed data using the ITF technique?

<p>By comparing the output with the data that have been independently calculated (C)</p> Signup and view all the answers

More Like This

Use Quizgecko on...
Browser
Open
Browser
Browser