Question Tag: IT Controls

Search 500 + past questions and counting.

  • Filter by Professional Bodies

  • Filter by Subject

  • Filter by Series

  • Filter by Topics

  • Filter by Levels

  • 20 Marks

AAA – Nov 2020 – L3 – Q4 – Audit of IT Systems and Data Analytics

Discuss IT controls and the five-step revenue recognition model in a retail environment adapting to online sales.

Holloway Interiors Limited operates a large shop at Garki, Abuja. The company’s year-end is April 30. It sells high-end furniture and provides interior decoration services. Typically, sales begin with a customer signing an invoice prepared by a sales clerk, who then records the sale in the system and prints a receipt in duplicate, one for the customer and one for filing. The customer either takes the product or arranges for delivery by the company.

Due to the COVID-19 lockdown in Abuja, Holloway Interiors closed its physical showroom, shifted all sales online, and allowed delivery after payment or on a cash-on-delivery basis. Delivery may take up to a week after the online sale is initiated.

You are the Audit Manager for Holloway Interiors Limited.

Required:
a. Discuss the general IT controls expected in Holloway Interiors. (10 Marks)
b. Explain the FIVE steps model for recognizing revenue under IFRS 15: Revenue from Contracts with Customers. (10 Marks)

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "AAA – Nov 2020 – L3 – Q4 – Audit of IT Systems and Data Analytics"

  • 20 Marks

AAA – Nov 2018 – L3 – Q2 – Regulatory Investigations and Disciplinary Actions

Assessment of joint audit advantages, agenda setup, and addressing regulatory issues in audit planning

Yusuf Olatunji & Co., (Chartered Accountants) have been auditors to XBC Bank Limited. There has been some regulatory and compliance issues for which the bank was sanctioned and paid penalties to both the Central Bank of Nigeria and the Financial Reporting Council of Nigeria. At the board of directors meeting to consider the last annual report audited by the firm, some of the problems caused by the auditors were raised. Following the reoccurrence of such issues, it was proposed that another audit firm be engaged in addition to the present firm. To achieve their objective, a bigger firm that has international affiliation was considered to take a leading position in a joint audit arrangement and to ensure appropriate compliance.

Your firm has been approached for the appointment. A meeting was scheduled between your firm, Yusuf Olatunji & Co., and the executive management of the bank. In preparation for the meeting, you are informed that you will address the meeting on the advantages and disadvantages of joint audit, being an area some members of the management team have expressed concerns.

After the meeting, your firm was subsequently appointed, and the necessary formalities were properly followed. Your partner has directed that you liaise with Yusuf Olatunji & Co. to obtain the necessary materials for the preparation of the audit and that you review your firm’s audit manual with respect to the concerns of management on joint audit.

Your assessment of the documents obtained from the other auditor revealed the following, amongst others:

  1. Part of the penalty was on improper disclosure relating to a material property, plant, and equipment (PPE) acquired during the previous year and a substantial loan above the limit authorised for a sector of the economy;
  2. The classification of unresolved transactions as debit balances in the statement of financial position, resulting in an increase in operating profit and the payment of higher taxes than projected;
  3. The IT operations of the bank had weak controls such that it was possible for some staff to over-ride some of them;
  4. The net current assets have continued to fall and, in the preceding year, have fallen below industry average despite an increase in gross earnings.

Required:

a. Evaluate the advantages and disadvantages of joint audit. (8 Marks)

b. Prepare an agenda for the scheduled meeting between the two audit firms. (4 Marks)

c. Develop the appropriate audit approach to address each of the issues identified from the review of the documents obtained from Yusuf Olatunji & Co. (8 Marks)

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "AAA – Nov 2018 – L3 – Q2 – Regulatory Investigations and Disciplinary Actions"

  • 20 Marks

AAA – May 2018 – L3 – SB – Q3 – Auditor’s Legal Liability

Evaluate necessary IT general and application controls for a fully computerized hotel to ensure data integrity and security.

A new hotel opened for operations on February 1, 2016, in Abuja. The directors at their board meeting in September 2016 selected December as the hotel’s year-end. Also, from the conception of the hotel, it was decided to fully computerize the hotel and its operations. This will make the hotel stand out and attract clientele in the federal capital territory where there are many other hotels with strong competition.

The room doors are electronically operated and use electronic cards for opening. If a customer does not specify his/her duration and has the lock properly programmed, the door will lock at 12 noon, requiring the customer to go back to the reception for access. Furthermore, all accounting and other processes are computerized.

The IT company that handled the computerization agreed to leave a member of staff who will train the hotel’s staff for three months and ensure that the system operates efficiently. Management believes that the staff will familiarize themselves with the system within that period. The server handles all doors, accounting processes including billing, and the determination of room occupancy rate on a daily basis. Various units of the hotel have desktop units which key employees use in both ordering and communication between themselves. The server is located next to the operations manager’s office, who is responsible for overseeing it in addition to other duties.

The last quarterly report on the hotel activities was not consistent with expectations, and the occupancy rate did not match turnover. The management of the hotel approached your firm of chartered accountants to be engaged as auditors to the hotel. Your review and interactions as the leader of the audit team revealed the information disclosed above.

Required:

Evaluate and apply the relevant general and application controls necessary to be installed in the hotel’s information environment.
(Total 20 Marks)

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "AAA – May 2018 – L3 – SB – Q3 – Auditor’s Legal Liability"

  • 15 Marks

AAA – Nov 2017 – L3 – Q7 – Audit of IT Systems and Data Analytics

Assess key controls for an online trading business, evaluate associated risks with electronic data interchange, and suggest effective risk mitigation controls.

Young Entrepreneur Trading (YET) is an online trading business established by Yemisi Tumfere. YET sources household goods from various local and international manufacturers, placing orders online with suppliers. Customers also place online orders, and invoices are processed and sent to stores for dispatch through a network of delivery centers across the country.

YET, dissatisfied with its previous auditors, has approached your firm for the audit engagement, with professional clearance obtained. As the audit manager, you are responsible for the engagement, with several new trainees under your supervision who are unfamiliar with controls for online businesses.

Requirements:
a. Discuss FIVE controls an auditor should focus on to assess the effectiveness of controls in an online system like YET. (5 Marks)
b. Evaluate FOUR risks associated with YET’s use of electronic data interchange in an online business and recommend FOUR effective controls to minimize these risks. (10 Marks)

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "AAA – Nov 2017 – L3 – Q7 – Audit of IT Systems and Data Analytics"

  • 7 Marks

AA – Nov 2016 – L2 – Q6a – Auditing in a Computerized Environment

This question outlines the control systems that should be in place to minimize risks in an online and real-time airline ticketing system.

Hypermart Plc operates a chain of modern hyper stores, an on-line and real-time
airline ticketing agency and a mail order section selling goods over the internet.

Required:
a. Analyse the controls that should be in place to minimise risks that may arise
from the operations of the on-line and real-time airline ticketing system.

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "AA – Nov 2016 – L2 – Q6a – Auditing in a Computerized Environment"

  • 20 Marks

AA – Nov 2020 – L2 – Q1a – Auditing in a Computerized Environment

List five general IT control areas and provide examples of controls within each area.

Aladdin Insurance Nigeria Limited is a private company that provides life and non-life insurance services. The company has annual gross premium of N15 billion.
Ordinarily, the underwriting process is manual and is initiated when a customer
walks into a branch and fills a proposal form requesting for an insurance policy (or
an agent fills in the form at the request of the customer). The proposal form
requires information relating to the subject matter of the insurance policy/cover
required by the customer as this will aid the company in assessing the risks
attached and will also help the underwriter to quote a reasonable premium
amount. The prospective insured must disclose all material and relevant
information. The policy proposal form requires important information, such as:

• The name and address of the customer;
• Occupation of the customer;
• Details of the property being proposed for insurance. This could be vehicle
details (for motor insurance) property (for burglary or fire) or other details
relating to life insurance, etc;
• Value of the property being proposed for insurance; and
• Previous insurance history of the client.

The underwriter reviews the information in the proposal form and assesses the risks
inherent in the contract with a view to making a recommendation as to whether to
accept or reject the proposal; if the recommendation is to accept, how much
premium should be charged. For external and complex risks, external inspectors are
engaged. After inspection, the report is sent to the underwriter to review and
consider if any risk recommendations should be made to the customer (usually on
how to properly manage risks) or if an amendment to the policy wordings is
required. The proposal form and the recommendation of the underwriter is passed
on to an approving authority based on the approval limits.
On approval of the policy, the policy terms are communicated to the customer for
review and acceptance. On acceptance, the customer signs the proposal form and pays the premium. Payment method includes cash, cheques, bank transfers. The
details of the policy are recorded in the system by the underwriters who also act as
the accountants. Based on NAICOM‟s requirements, premium should be paid before
the insurance cover starts.
However, due to the COVID 19 pandemic, the Federal Government announced a
lock down of Lagos, thereby imposing a restriction on movement of goods and
persons in the state. In response to this, the company bought a new underwriting
system and automated its entire underwriting process.

Required:

a. List FIVE control areas for General Information Technology (IT) Controls and examples of controls that can be found in each area.

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "AA – Nov 2020 – L2 – Q1a – Auditing in a Computerized Environment"

  • 1 Marks

MI – May 2024 – L1 – SA – Q18 – Information Systems Development and Security

Differentiates between IT general controls and another category of IT controls.

IT controls are often described in TWO categories or types namely: IT general controls and which of the following controls?

A. System
B. Software
C. Hardware
D. Application
E. Program

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "MI – May 2024 – L1 – SA – Q18 – Information Systems Development and Security"

  • 10 Marks

BMIS – May 2019 – L1 – Q6a – Introduction to information technology and information systems

Identify and explain controls for network and communication security.

In a sophisticated business environment, computer systems are exposed to security risks that threaten the security and integrity of both the system and the data held in it. The risks associated with hackers, eavesdroppers, and viruses can be minimized through a variety of controls that provide network and communication security.

Required:
Identify FIVE (5) controls that can provide network and communication security and comment on each one of them. (10 marks)

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "BMIS – May 2019 – L1 – Q6a – Introduction to information technology and information systems"

  • 20 Marks

AAA – Nov 2020 – L3 – Q4 – Audit of IT Systems and Data Analytics

Discuss IT controls and the five-step revenue recognition model in a retail environment adapting to online sales.

Holloway Interiors Limited operates a large shop at Garki, Abuja. The company’s year-end is April 30. It sells high-end furniture and provides interior decoration services. Typically, sales begin with a customer signing an invoice prepared by a sales clerk, who then records the sale in the system and prints a receipt in duplicate, one for the customer and one for filing. The customer either takes the product or arranges for delivery by the company.

Due to the COVID-19 lockdown in Abuja, Holloway Interiors closed its physical showroom, shifted all sales online, and allowed delivery after payment or on a cash-on-delivery basis. Delivery may take up to a week after the online sale is initiated.

You are the Audit Manager for Holloway Interiors Limited.

Required:
a. Discuss the general IT controls expected in Holloway Interiors. (10 Marks)
b. Explain the FIVE steps model for recognizing revenue under IFRS 15: Revenue from Contracts with Customers. (10 Marks)

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "AAA – Nov 2020 – L3 – Q4 – Audit of IT Systems and Data Analytics"

  • 20 Marks

AAA – Nov 2018 – L3 – Q2 – Regulatory Investigations and Disciplinary Actions

Assessment of joint audit advantages, agenda setup, and addressing regulatory issues in audit planning

Yusuf Olatunji & Co., (Chartered Accountants) have been auditors to XBC Bank Limited. There has been some regulatory and compliance issues for which the bank was sanctioned and paid penalties to both the Central Bank of Nigeria and the Financial Reporting Council of Nigeria. At the board of directors meeting to consider the last annual report audited by the firm, some of the problems caused by the auditors were raised. Following the reoccurrence of such issues, it was proposed that another audit firm be engaged in addition to the present firm. To achieve their objective, a bigger firm that has international affiliation was considered to take a leading position in a joint audit arrangement and to ensure appropriate compliance.

Your firm has been approached for the appointment. A meeting was scheduled between your firm, Yusuf Olatunji & Co., and the executive management of the bank. In preparation for the meeting, you are informed that you will address the meeting on the advantages and disadvantages of joint audit, being an area some members of the management team have expressed concerns.

After the meeting, your firm was subsequently appointed, and the necessary formalities were properly followed. Your partner has directed that you liaise with Yusuf Olatunji & Co. to obtain the necessary materials for the preparation of the audit and that you review your firm’s audit manual with respect to the concerns of management on joint audit.

Your assessment of the documents obtained from the other auditor revealed the following, amongst others:

  1. Part of the penalty was on improper disclosure relating to a material property, plant, and equipment (PPE) acquired during the previous year and a substantial loan above the limit authorised for a sector of the economy;
  2. The classification of unresolved transactions as debit balances in the statement of financial position, resulting in an increase in operating profit and the payment of higher taxes than projected;
  3. The IT operations of the bank had weak controls such that it was possible for some staff to over-ride some of them;
  4. The net current assets have continued to fall and, in the preceding year, have fallen below industry average despite an increase in gross earnings.

Required:

a. Evaluate the advantages and disadvantages of joint audit. (8 Marks)

b. Prepare an agenda for the scheduled meeting between the two audit firms. (4 Marks)

c. Develop the appropriate audit approach to address each of the issues identified from the review of the documents obtained from Yusuf Olatunji & Co. (8 Marks)

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "AAA – Nov 2018 – L3 – Q2 – Regulatory Investigations and Disciplinary Actions"

  • 20 Marks

AAA – May 2018 – L3 – SB – Q3 – Auditor’s Legal Liability

Evaluate necessary IT general and application controls for a fully computerized hotel to ensure data integrity and security.

A new hotel opened for operations on February 1, 2016, in Abuja. The directors at their board meeting in September 2016 selected December as the hotel’s year-end. Also, from the conception of the hotel, it was decided to fully computerize the hotel and its operations. This will make the hotel stand out and attract clientele in the federal capital territory where there are many other hotels with strong competition.

The room doors are electronically operated and use electronic cards for opening. If a customer does not specify his/her duration and has the lock properly programmed, the door will lock at 12 noon, requiring the customer to go back to the reception for access. Furthermore, all accounting and other processes are computerized.

The IT company that handled the computerization agreed to leave a member of staff who will train the hotel’s staff for three months and ensure that the system operates efficiently. Management believes that the staff will familiarize themselves with the system within that period. The server handles all doors, accounting processes including billing, and the determination of room occupancy rate on a daily basis. Various units of the hotel have desktop units which key employees use in both ordering and communication between themselves. The server is located next to the operations manager’s office, who is responsible for overseeing it in addition to other duties.

The last quarterly report on the hotel activities was not consistent with expectations, and the occupancy rate did not match turnover. The management of the hotel approached your firm of chartered accountants to be engaged as auditors to the hotel. Your review and interactions as the leader of the audit team revealed the information disclosed above.

Required:

Evaluate and apply the relevant general and application controls necessary to be installed in the hotel’s information environment.
(Total 20 Marks)

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "AAA – May 2018 – L3 – SB – Q3 – Auditor’s Legal Liability"

  • 15 Marks

AAA – Nov 2017 – L3 – Q7 – Audit of IT Systems and Data Analytics

Assess key controls for an online trading business, evaluate associated risks with electronic data interchange, and suggest effective risk mitigation controls.

Young Entrepreneur Trading (YET) is an online trading business established by Yemisi Tumfere. YET sources household goods from various local and international manufacturers, placing orders online with suppliers. Customers also place online orders, and invoices are processed and sent to stores for dispatch through a network of delivery centers across the country.

YET, dissatisfied with its previous auditors, has approached your firm for the audit engagement, with professional clearance obtained. As the audit manager, you are responsible for the engagement, with several new trainees under your supervision who are unfamiliar with controls for online businesses.

Requirements:
a. Discuss FIVE controls an auditor should focus on to assess the effectiveness of controls in an online system like YET. (5 Marks)
b. Evaluate FOUR risks associated with YET’s use of electronic data interchange in an online business and recommend FOUR effective controls to minimize these risks. (10 Marks)

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "AAA – Nov 2017 – L3 – Q7 – Audit of IT Systems and Data Analytics"

  • 7 Marks

AA – Nov 2016 – L2 – Q6a – Auditing in a Computerized Environment

This question outlines the control systems that should be in place to minimize risks in an online and real-time airline ticketing system.

Hypermart Plc operates a chain of modern hyper stores, an on-line and real-time
airline ticketing agency and a mail order section selling goods over the internet.

Required:
a. Analyse the controls that should be in place to minimise risks that may arise
from the operations of the on-line and real-time airline ticketing system.

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "AA – Nov 2016 – L2 – Q6a – Auditing in a Computerized Environment"

  • 20 Marks

AA – Nov 2020 – L2 – Q1a – Auditing in a Computerized Environment

List five general IT control areas and provide examples of controls within each area.

Aladdin Insurance Nigeria Limited is a private company that provides life and non-life insurance services. The company has annual gross premium of N15 billion.
Ordinarily, the underwriting process is manual and is initiated when a customer
walks into a branch and fills a proposal form requesting for an insurance policy (or
an agent fills in the form at the request of the customer). The proposal form
requires information relating to the subject matter of the insurance policy/cover
required by the customer as this will aid the company in assessing the risks
attached and will also help the underwriter to quote a reasonable premium
amount. The prospective insured must disclose all material and relevant
information. The policy proposal form requires important information, such as:

• The name and address of the customer;
• Occupation of the customer;
• Details of the property being proposed for insurance. This could be vehicle
details (for motor insurance) property (for burglary or fire) or other details
relating to life insurance, etc;
• Value of the property being proposed for insurance; and
• Previous insurance history of the client.

The underwriter reviews the information in the proposal form and assesses the risks
inherent in the contract with a view to making a recommendation as to whether to
accept or reject the proposal; if the recommendation is to accept, how much
premium should be charged. For external and complex risks, external inspectors are
engaged. After inspection, the report is sent to the underwriter to review and
consider if any risk recommendations should be made to the customer (usually on
how to properly manage risks) or if an amendment to the policy wordings is
required. The proposal form and the recommendation of the underwriter is passed
on to an approving authority based on the approval limits.
On approval of the policy, the policy terms are communicated to the customer for
review and acceptance. On acceptance, the customer signs the proposal form and pays the premium. Payment method includes cash, cheques, bank transfers. The
details of the policy are recorded in the system by the underwriters who also act as
the accountants. Based on NAICOM‟s requirements, premium should be paid before
the insurance cover starts.
However, due to the COVID 19 pandemic, the Federal Government announced a
lock down of Lagos, thereby imposing a restriction on movement of goods and
persons in the state. In response to this, the company bought a new underwriting
system and automated its entire underwriting process.

Required:

a. List FIVE control areas for General Information Technology (IT) Controls and examples of controls that can be found in each area.

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "AA – Nov 2020 – L2 – Q1a – Auditing in a Computerized Environment"

  • 1 Marks

MI – May 2024 – L1 – SA – Q18 – Information Systems Development and Security

Differentiates between IT general controls and another category of IT controls.

IT controls are often described in TWO categories or types namely: IT general controls and which of the following controls?

A. System
B. Software
C. Hardware
D. Application
E. Program

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "MI – May 2024 – L1 – SA – Q18 – Information Systems Development and Security"

  • 10 Marks

BMIS – May 2019 – L1 – Q6a – Introduction to information technology and information systems

Identify and explain controls for network and communication security.

In a sophisticated business environment, computer systems are exposed to security risks that threaten the security and integrity of both the system and the data held in it. The risks associated with hackers, eavesdroppers, and viruses can be minimized through a variety of controls that provide network and communication security.

Required:
Identify FIVE (5) controls that can provide network and communication security and comment on each one of them. (10 marks)

Login or create a free account to see answers

Login
Register

Find Related Questions by Tags, levels, etc.

Report an error
Report an error

You're reporting an error for "BMIS – May 2019 – L1 – Q6a – Introduction to information technology and information systems"

Elevate your professional expertise across key business domains with our comprehensive training programs

Our offerings

Contact Info

  • +233203701923
    +233543919232
  • info@nbcinstitute.com

Customer

Get In Touch

Follow us on our social media and get daily updates.

Facebook-f Twitter Linkedin-in Envelope
error: Content is protected !!
Oops!

This feature is only available in selected plans.

Click here to view all plans

Click on the login button below to login if you’re already subscribed to a plan or click on the upgrade button below to upgrade your current plan.

Login
Upgrade Plan

If you’re not subscribed to a plan, click on the button below to choose a plan

Subscribe to a plan