Curioustab Logo Curioustab
Home » Computer Science » Management Information Systems

EDP/IT auditing competence: An effective EDP auditor should primarily be expert in which domain to properly review controls and evaluate risks in computerized environments?

Difficulty: Easy

Correct Answer: computerized business systems

Explanation:


Introduction / Context:
EDP (Electronic Data Processing) auditors evaluate control design and operating effectiveness in IT systems. While familiarity with accounting and programming helps, the core competency is understanding how computerized business systems process, store, secure, and report information—across applications, databases, platforms, and networks—so audit objectives can be met.


Given Data / Assumptions:

  • Audits cover application controls, IT general controls, interfaces, and data integrity.
  • Auditors must assess risks from authentication, authorization, changes, and operations.
  • Breadth of systems knowledge outweighs deep coding expertise for audit purposes.


Concept / Approach:
Expertise in computerized business systems enables auditors to map processes to controls (input, processing, output), evaluate segregation of duties, inspect logs, and test configurations. Accounting knowledge supports financial audits, and systems analysis skills help understand requirements, but the audit focus is whether computerized processes reliably achieve business and compliance objectives, which is wider than programming alone.


Step-by-Step Solution:

Identify the audit scope: applications, databases, OS, network controls. Match required expertise to evaluating these components holistically. Recognize that coding skill is helpful but not central for audits. Select “computerized business systems.”


Verification / Alternative check:
Audit frameworks encourage IT auditors to understand systems architecture, control catalogs, and risk models rather than serve as developers.


Why Other Options Are Wrong:

  • Accounting systems: Important, but a subset of the broader computerized systems domain.
  • Systems analysis: Useful skill, not the primary audit expertise.
  • Computer programming: Depth in coding is not required to assess controls across diverse platforms.
  • None: Incorrect because a clear domain is identified.


Common Pitfalls:
Overemphasizing code reviews while neglecting access, change, and operations controls; failing to understand data flows across systems.


Final Answer:
computerized business systems

← Previous Question Next Question→

More Questions from Management Information Systems

Discussion & Comments

No comments yet. Be the first to comment!
Join Discussion