Home › CA Final › auditing › Special Aspects of Auditing in an Automated Environment › Which is NOT a "Type 1" automated environment ri…
Which is NOT a "Type 1" automated environment risk?
AUser-acceptance test sign-off documentation gaps
BUnauthorised changes to programs
CInadequate segregation in IT roles
DWeak password policies
Answer & Solution
Correct answer: A. User-acceptance test sign-off documentation gaps
1. Type 1 risks relate to access, change management and IT operations.
2. UAT sign-off documentation gaps are a project-management deficiency, not a Type 1 IT risk.
3. The other three map directly to standard GITC categories.
_Source: ICAI BoS CA Final Paper 3, Ch 4 "Special Aspects of Auditing in an Automated Environment"_
Related questions
When evaluating an "Information Produced by the Entity" (IPE) report used as audit evidencA "single ID with admin privileges shared across the IT operations team" is a classic violA robotic process automation (RPA) bot performs three-way matching of PO/GRN/Invoice in thIn data-driven audit, the False-Positive Rate of an exception flag is HIGH. The auditor's Which of the following findings would most likely indicate a Material Weakness in IT generWhich is the BEST control to detect ghost employees in an automated payroll system?A cloud-based accounting application is hosted by a third-party SaaS provider. Under SA 40For Big Data analytics on the audit of a bank's loan portfolio, the MOST informative analy