OK Becker drives me friggin batty sometimes. First question below says auditors don't have to continuously monitor an embedded audit module. 2nd question below says that's the most likely thing to do out of the 4 options? How does that make sense? Insight anyone? Thanks!
CPA-02917
Which of the following is the primary reason that many auditors hesitate to use embedded audit modules?
a.Embedded audit modules cannot be protected from computer viruses.
b.Embedded audit modules can easily be modified through management tampering.
c.Auditors are required to monitor embedded audit modules continuously to obtain valid results.
d.Auditors are required to be involved in the system design of the application to be monitored
Choice “c” is INcorrect. Auditors are not required to monitor embedded audit modules continuously to obtain valid result. Correct was D fyi.
Ok. Noted – don't have to continuously monitor an embedded module.
2 questions later:
CPA-02922
Which of the following strategies would a CPA most likely consider in auditing an entity that processes most of its financial data only in electronic form, such as a paperless system?
a.Increased reliance on internal control activities that emphasize the segregation of duties.
b.Verification of encrypted digital certificates used to monitor the authorization of transactions.
c.Continuous monitoring and analysis of transaction processing with an embedded audit module.
d.Extensive testing of firewall boundaries that restrict the recording of outside network traffic.
Choice “c” is correct. In a paperless system, the CPA would most likely need to continuously monitor and analyze transaction processing to ensure that controls were operating effectively throughout the period under audit. An embedded audit module is one way to achieve this goal.
BEC - 74, 77
FAR - 72, 71 (retake 7/29)
REG - 69
AUD - Q4 '16
CA Candidate