Loose-leaf For Auditing & Assurance Services: A Systematic Approach
11th Edition
ISBN: 9781260687637
Author: William F Messier Jr, Steven M Glover Associate Professor, Douglas F Prawitt Associate Professor
Publisher: McGraw-Hill Education
expand_more
expand_more
format_list_bulleted
Question
Chapter 21, Problem 21.29MCQ
To determine
Concept Introduction:
SOC 3 reports on the same matters as SOC 2 does. SOC 3 has details that are not confidential. SOC 3 is same as SOC 2 has five trust categories:
1. Security
2. Confidentiality
3. Process Integrity
4. Availability
5. Privacy
The thing that differentiates SOC 3 with SOC 2 is that the report of SOC 3 can be published openly on the website of the company.
To choose:The condition under which the online data company would be more likely to opt for SOC 3 report.
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solution
Students have asked these similar questions
ased on an assessment of audit risk, the auditors are concerned with the following two risks:
The risk that that the client might be making duplicate payments to vendors.
The risk that the client’s accounting clerk might be making unauthorized payments to himself.
Required:
a. Assuming that the client has a manual accounting system, describe how the auditors can design a test to identify the duplicate payments and unauthorized payments.
b. Assuming that the client has an IT accounting system, describe how the auditors might use data analytic software to design a test to identify the duplicate payments and the unauthorized payments.
b. Assuming that the client has an IT accounting system, describe how the auditors might use data analytic software to design a test to identify the duplicate payments and the unauthorized payments.
The IT auditor can MOST (select one) effectively help a company deal with increasing IT-related risk by:
a) Alerting management and the Audit Committee of the risks related to IT, and making audit recommendations that are focused on the root cause.
b) Performing a weekly review of system-based audit logs to determine if the company has been breached.
c) Ensuring that the company has a log-in banner that warns unauthorized users that they may be subject to criminal prosecution and penalties.
d) Conducting an audit of the company's network security and pointing out weak firewall configuration settings in the audit report.
An internal auditor is examining the effectiveness of procedures management established to protect customer data from cyberattacks and whether those procedures are cost effective. This is an example of an operational audit.
Question options:
True
False
Chapter 21 Solutions
Loose-leaf For Auditing & Assurance Services: A Systematic Approach
Ch. 21 - Prob. 21.1RQCh. 21 - Prob. 21.2RQCh. 21 - Prob. 21.3RQCh. 21 - Prob. 21.4RQCh. 21 - Prob. 21.5RQCh. 21 - Prob. 21.6RQCh. 21 - Prob. 21.7RQCh. 21 - Prob. 21.8RQCh. 21 - Prob. 21.9RQCh. 21 - Prob. 21.10RQ
Ch. 21 - Prob. 21.11RQCh. 21 - Prob. 21.12RQCh. 21 - Prob. 21.13RQCh. 21 - Prob. 21.14RQCh. 21 - Prob. 21.15MCQCh. 21 - Prob. 21.16MCQCh. 21 - Prob. 21.17MCQCh. 21 - Prob. 21.18MCQCh. 21 - Prob. 21.19MCQCh. 21 - Prob. 21.20MCQCh. 21 - Prob. 21.21MCQCh. 21 - Prob. 21.22MCQCh. 21 - Prob. 21.23MCQCh. 21 - Prob. 21.24MCQCh. 21 - Prob. 21.25MCQCh. 21 - Prob. 21.26MCQCh. 21 - Prob. 21.27MCQCh. 21 - Prob. 21.28MCQCh. 21 - Prob. 21.29MCQCh. 21 - Prob. 21.30PCh. 21 - Prob. 21.31PCh. 21 - Prob. 21.32PCh. 21 - Prob. 21.33PCh. 21 - Prob. 21.34PCh. 21 - Prob. 21.35P
Knowledge Booster
Similar questions
- 2arrow_forwardBased on an assessment of audit risk, the auditors are concerned with the following two risks: The risk that that the client might be making duplicate payments to vendors. The risk that the client’s accounting clerk might be making unauthorized payments to himself. Required: a. Assuming that the client has a manual accounting system, describe how the auditors can design a test to identify the duplicate payments and unauthorized payments. b. Assuming that the client has an IT accounting system, describe how the auditors might use data analytic software to design a test to identify the duplicate payments and the unauthorized payments. c. Describe the advantages of using data analytics software to identify unusual transactions or entries.arrow_forwardResearch a company that had a fraud event happen due to inadequate accounting procedures. Review the fraud event that happened in the company in detail and identify at least two accounting control procedures that were deficient in this event. Propose an internal control system that would have eliminated the fraud, using the ERP system.arrow_forward
- answer quicklyarrow_forwardInternal controls are critical for any organization's risk of fraudulent activity. Additionally, new technology assists accountants in minimizing fraud. Demonstrate how an advanced technology transaction processing system may help any organization minimize fraudulent activity.arrow_forwardWhich of the following statements is most accurate? a. ERP systems are commercial software packages that are sometimes called turnkey systems because they can be implemented by the user with little or no modification. b. Substantive tests provide evidence focused on the system controls. c. Public accounting firms that provide attest services are not allowed under SOX to offer IT advisory services. d. Both small and large firms that have standardized information needs are potential customers for commercial software. e. External auditors may rely on the work of internal auditors only if they report to the controller or the CEO of the client company.arrow_forward
- Which of the following is false about accounting information systems? A. They provide reports that people analyze. B. They prevent errors and stop employees from stealing inventory. C. They are designed to gather data about the companys transactions. D. They consist of processes that involve input of data from source documents, processing, output, and storage.arrow_forwardWhich of the following statements is NOT correct? a. EAMs capture transactions during processing without removing the application from service. b. EAMs support continuous monitoring of controls. c. EAMs have the potential to corrupt corporate databases d. EAMs decrease operational performance. e. All of the above are correct statements.arrow_forwardInternal control is said to be the backbone of all businesses. Which of the following is the best description of internal controls? A. Internal controls ensure that the financial statements published are correct. B. The only role of internal controls is to protect customer data. C. Internal controls and company policies are important to protect and safeguard assets and to protect all company data and are designed to protect the company from fraud. D. Internal controls are designed to keep employees from committing fraud against the company.arrow_forward
- The answer is just without explanation A or B or C or D ???arrow_forwardAuditors can engage in the activity of tracing by looking the audit trail to make sure there are no irregularities. Essentially an audit trail is a detailed chronological record of accounting records, transactions or other financial data. In many enviroments like the financial sector is a required to maintain one for auditing, but it is generally good to have one regardless because it makes for a cheaper and stress-free audit for the company. Thankfully with the help of technology, an audit trail can be developed and updated automatically making the process of maintaing one less time consuming. As far as the reliability of evidence is concerned, which types of procedures used to obtain evidence generally provide the most highly reliable evidence?arrow_forwardMatch the following terms with their definitions. (Use each definition only once.) A (Consider the following definitions.) Term Definition More Info 1. Internal control 2. Control procedures 3. Firewalls a. Two or more people working together to overcome internal controls. 4. Encryption b. Part of internal control that ensures resources are not wasted. 5. Environment c. Requires companies to review internal control and take responsibility for the accuracy and completeness of their financial reports. 6. Information system d. Should be prenumbered to prevent theft and inefficiency. 7. Separation of duties e. Limits access to a local network. 8. Collusion f. Example: The person who opens the bank statement should not also be the person who is reconciling cash. 9. Documents g. Identification of uncertainties that may arise due to a company's products, services or operations. 10. Audits h. Examination of a company's financial statements and accounting system by a trained accounting…arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Principles of Accounting Volume 1AccountingISBN:9781947172685Author:OpenStaxPublisher:OpenStax CollegeBusiness/Professional Ethics Directors/Executives...AccountingISBN:9781337485913Author:BROOKSPublisher:Cengage
Auditing: A Risk Based-Approach (MindTap Course L...AccountingISBN:9781337619455Author:Karla M Johnstone, Audrey A. Gramling, Larry E. RittenbergPublisher:Cengage Learning
Accounting Information SystemsAccountingISBN:9781337619202Author:Hall, James A.Publisher:Cengage Learning,
Principles of Accounting Volume 1
Accounting
ISBN:9781947172685
Author:OpenStax
Publisher:OpenStax College
Business/Professional Ethics Directors/Executives...
Accounting
ISBN:9781337485913
Author:BROOKS
Publisher:Cengage
Auditing: A Risk Based-Approach (MindTap Course L...
Accounting
ISBN:9781337619455
Author:Karla M Johnstone, Audrey A. Gramling, Larry E. Rittenberg
Publisher:Cengage Learning
Accounting Information Systems
Accounting
ISBN:9781337619202
Author:Hall, James A.
Publisher:Cengage Learning,