Which of the following testing procedure is used by an auditor to check whether a firm is following the rules and regulations applicable to an activity or practice?
Click on the arrows to vote for the correct answer
A. B. C. D.A.
Audit undertaken to confirm whether a firm is following the rules and regulations (prescribed by its internal authority or control system) applicable to an activity or practice.
Compliance testing is basically an audit of a system carried out against a known criterion.
A compliance test may come in many different forms dependent on the request received but basically can be broken down into several different types: Operating Systems and Applications: A verification that an operating system and/or applications are configured appropriately to the companies needs and lockdown requirements, thus providing adequate and robust controls to ensure that the Confidentiality, Integrity and Availability of the system will not be affected in its normal day to day operation.
Systems in development: A verification that the intended system under development meets the configuration and lockdown standards requested by the customer.
Management of IT and Enterprise Architecture: A verification that the in-place IT management infrastructure encompassing all aspects of system support has been put in place.
This is to ensure effective change control, audit, business continuity and security procedures etc.
have been formulated, documented and put in place.
Interconnection Policy: A verification that adequate security and business continuity controls governing the connection to other systems, be they Telecommunications, Intranets, Extranets and Internet etc.
have been put in place, have been fully documented and correspond to the stated customer requirements.
The following answers are incorrect: Substantive testing - A procedure used during accounting audits to check for errors in balance sheets and other financial documentation.
A substantive test might involve checking a random sample of transactions for errors, comparing account balances to find discrepancies, or analysis and review of procedures used to execute and record transactions.
Sanity testing - Testing to determine if a new software version is performing well enough to accept it for a major testing effort.
If application is crashing for initial use, then system is not stable enough for further testing and build or application is assigned to fix.
Recovery testing " Testing how well a system recovers from crashes, hardware failures, or other catastrophic problems.
http://www.wikijob.co.uk/wiki/substantive-testingThe correct answer is A. Compliance testing.
Compliance testing is a type of testing procedure that is used by an auditor to determine whether an organization is following the rules and regulations applicable to an activity or practice. This type of testing is typically performed to ensure that the organization is complying with legal and regulatory requirements, as well as internal policies and procedures.
During compliance testing, the auditor will review the relevant laws, regulations, and internal policies and procedures to identify the requirements that are applicable to the activity or practice being tested. The auditor will then gather evidence to determine whether the organization is following these requirements. This evidence may include documentation, interviews with personnel, observation of processes, and testing of controls.
Compliance testing can be performed as a standalone audit procedure or as part of a larger audit. The results of the compliance testing can be used to identify areas where the organization is not in compliance and to make recommendations for improving compliance.
Sanity testing, on the other hand, is a type of software testing that is used to determine whether a new or updated software application is working as intended. Recovery testing is a type of testing that is used to determine how well a system can recover from a disaster or other catastrophic event. Substantive testing is a type of audit testing that is used to obtain evidence about the completeness and accuracy of the financial statements.