SAU620S - SYSTEMS AUDIT - 2ND OPP - JAN 2024 :: NUST past examination papers between 2020 and 2024

Expand document

Collapse document

SAU620S - SYSTEMS AUDIT - 2ND OPP - JAN 2024

1 Page 1

2 Page 2

SAU620S - SYSTEMS AUDIT - 2ND OPP - JAN 2024

1 Page 1

▲back to top

n Am I BI A u n IVER s ITY

OF SCIEnCE Ano TECHnOLOGY

FACULTY OF COMPUTING AND INFORMATICS

DEPARTMENT OF INFORMATICS

QUALIFICATIONS: Bachelor of Computer Science

QUALIFICATION CODE: 07BACS

LEVEL: 6

COURSECODE: SAU620S

COURSE: System Audit

DATE: January 2024

SESSION: 1

DURATION: 3 Hours

MARKS: 100

SUPPLEMENTARY/SECOND OPPORTUNITY EXAMINATION QUESTION PAPER

EXAMINERS:

MODERATOR(S):

Dr Munyaradzi Maravanyika

Mr Julius Silaa

THIS MEMORANDUM CONSISTS OF 2 PAGES

(INCLUDING THIS FRONT PAGE)

INSTRUCTIONS FOR THE EXAMINER/MODERATOR

1. Answer all questions.

2. When writing, consider the following: The style should be to inform rather than

impress.

3. Information should be brief and accurate.

4. Please ensure that your writing is legible, neat and presentable.

2 Page 2

▲back to top

1. List and describe the four main objectives of an IT Audit.

[25 marks]

2. What are CAATsin auditing?

[5 marks]

3. A software development company has existed for only two years. Because the company is new,

programmers are working extra hours and spending much time developing new products that can

be sold to customers. All the programmers are busy, leaving little time for manager-employee

interviews and oversight. Programmers are appointed on a contract basis and paid a fixed rate

per hour. Performance bonuses are paid annually based on the programmers' contribution to new

products during the year. The company does not advertise for new programmers, as they have a

pool of friends and family of existing staff members to select from. The culture of the company is

trusting, with very few rules. A new person starting there only has to sign an agreement not to

transfer company software secrets to other organisations. A staff member was fired recently, but

although the reason was rumoured to be fraudulent behaviour, nobody knew why.

REQUIRED

Identify the weaknesses in the software company's operating procedures that would encourage

fraudulent behaviour and briefly describe why this would be the case for each weakness. (20

marks)

4. The term end-user computing refers to the situation where users have intelligent computers

on their desktops {i.e., computers with their own CPU processing capabilities) and

applications that allow them to develop their own processing and reporting systems. End-

user computing has given users greater control over the processing and presentation of their

data. Conversely, end-user computing has reduced the control exercised by central IT

departments.

a) Discussthe risks and challenges associated with end-user computing, clearly outlining the

auditor's role in mitigating some risks.

[25 marks]

b) What are some of the controls an auditor may encounter in auditing Network and Internet

Controls

(25 marks]

END OF PAPER