but if the sentence false please correct it.

Information Technology Auditing

True-False Questions

1. One problem with internal auditing is that it is akin to self-regulation (i.e., the auditor cannot be impartial because both the auditor and the subsystem being audited work for the same company).

2. Both the internal audit and the external audit have the same primary objective (i.e., to verify that the financial records of the company have been prepared according to generally accepted accounting principles).

3. Many of the assurance services auditors offer today involve information technology.

4. The main objective of information technology auditing is to evaluate the computer’s role in achieving audit and control objectives.

5. If control procedures over a company’s computerized financial accounting system are particularly strong, auditors will not need to perform any substantive testing.

6. Computer assisted audit techniques are used primarily when auditing around the computer.

7. A career in information technology auditing requires both specialized skills and a broad-based set of technical knowledge.

8. Certified Information Systems Auditors must have an accounting degree.

9. The focus in an audit should be primarily on business risk rather than on internal control.

10. An information systems risk assessment is as concerned with errors and accidents as it is with fraud.

11. When the costs of protecting against a business risk exceed the cost of the risk multiplied by its probability, an auditor will generally recommend against installing the specific control.

12. Public companies are required to adopt the Control Objectives for Information and Related Technology framework under SOX.

13. The Electronic Systems Assurance and Control model provides a framework for evaluating controls over email systems.

14. An auditing around the computer approach pays little or no attention to the control procedures within an IT environment.

15. Normal transactions rather than exception transactions are of most interest to auditors.

16. Embedded audit modules and audit hooks are examples of continuous auditing techniques.