ExpertMedium1 markMultiple Choice
CPA · Question 22 · Area 2: Risk Assessment
Which of the following would be considered a 'General Control' in an IT environment?
Which of the following would be considered a 'General Control' in an IT environment?
Answer options:
A.
A validation check that ensures the 'quantity ordered' field contains only numbers.
B.
Procedures for managing passwords and user access rights across the organization.
C.
Automatic calculation of sales tax by the invoicing software.
D.
A hash total of employee IDs in a payroll batch.
How to approach this question
Distinguish General (Environment/Infrastructure) from Application (Specific Transaction).
Full Answer
B.Procedures for managing passwords and user access rights across the organization.✓ Correct
General controls are policies and procedures that relate to many applications and support the effective functioning of application controls. Examples include data center and network operations, system software acquisition, access security, and application system acquisition, development, and maintenance.
Common mistakes
Confusing input/processing controls (Application) with environmental controls (General).
Practice the full CPA AUD Practice Exam
78 questions · hints · full answers · grading
More questions from this exam
Q01A CPA firm is auditing a large public company. The audit partner's spouse has just been promoted ...HardQ02During the acceptance phase of a new audit engagement for a private company, the successor audito...HardQ03A CPA firm is designing its system of quality control. Which of the following policies would most...MediumQ04An auditor is establishing an understanding with a client regarding the services to be performed ...MediumQ05Under the AICPA Code of Professional Conduct, which of the following fee arrangements is prohibit...Medium