CITP Exam | Questions & Answers (100 %Score) Latest Updated 2024/2025
Comprehensive Questions A+ Graded Answers | With Expert Solutions
Application Controls - Internal controls around applications that operate at a transaction
level and ensure authorization, protect against unauthorized access, errors,
unauthorized reporting, and extra care around high-rise transactions
Artificial Intelligence (AI) - Computer science that involves automated reasoning and
problem solving, emulating human intelligence
Assertion Level Risks - Risks limited to one or more specific assertions in an account or
in several accounts; addressed by nature, timing, and extent of further audit procedures;
Includes inherent and control risk
Asset Misappropriation - Use of one's occupation for personal gain through the
deliberate misuse or theft of the employing organization's resources or assets
Attribute - Characteristic of something in a data file (ie. part number of an inventory
item)
Automated Control - Involves leveraging technology to build and enforce internal
controls with the least manual intervention possible
Balanced Scorecard - Holistic performance measuring and managing methodology
combining financial, customer, internal processes, and learning/growth objectives into a
single report
Business Activity Monitoring (BAM) - Software that assists management in monitoring
business activities, especially automated processes; Aggregating, analyzing, and
presenting business process performance
Business Intelligence (BI) - Structure and process that combines information
architecture, databases, analytical tools, reporting tools, and other applications to gather
and communicate business information for strategic and tactical purposes
Business Performance Management (BPM) - Measures and analyzes enterprise
performance, operational and financial, to achieve strategic advantages
Business Process Management (BPrM) - Holistic management approach to managing
business processes at the enterprise level to promote efficiency and effectiveness,
while stressing improvements, innovation, and integration with technology
Commercial Off-the-shelf Software (COTS) - Software that is published and mage
commercially available to the general public
,Conceptual Schema - View of information requirements before it is converted into an
actual database; composite view of all user views / schemas
Control Risk - Risk that a material misstatement will not be detected or prevented by the
entity's internal control on a timely basis; considered individually and in the aggregate
with other misstatements
Corruption Schemes - Set of fraud schemes that involves someone inside the victim
organization working with someone outside the entity to defraud the entity
Critical Success Factors (CSF) - Structure and process that measures and analyzes
enterprise performance, operational and financial, to achieve strategic advantages
Dashboard - Visual presentation of information that allows for quick assimilation of the
facts, and understanding of significance or importance of the information
Data - Raw facts; apart from outside manipulation, data is virtually meaningless
Data Mart - Subset of data warehouse database that is useful to one or more users for
reporting or analyzing
Data Mining - Data processing using large data sets and sophisticated data search
capabilities and statistical tools to discover patterns or correlations, or to make
predictions based on historical data.
Data Warehouse (DW) - Data repository of historical and current data
Database - A closely related collection data files where the data is shared among users
Database Management System (DBMS) - System of software for creating, updating,
and querying a database
Decision Support System (DSS) - A system of applications, data, and usually
dashboards that supports managers, often modeling data or problems to facilitate
effective decisions
Detection Risk (DR) - the risk that the auditor will not detect a material misstatement in
the financial statements of the entity being audited
e-Discovery - Discovery in civil litigation which deals with the exchange of information in
electronic format, often referred to as electronically stored information (ESI)
Electronic Commerce - Electronic business applications or processes that facilitate
commercial transactions
, End-user Computing (EUC) - A function developed using common desktop tools, like
spreadsheets, that are used in financial processes for purposes of determining amounts
used for accounting and financial purposes
Enterprise Resource Planning (ERP) - Integrates internal and external systems across
the entire organization, integrating financial, accounting, manufacturing, sales, service,
customer relationship management, and supply chain management systems
Entity-Relationship Model (ER) - A data model that focuses on the relationship between
two data files and two the records of one file relate to the other; Documenting the
relationship is called an ER diagram
Extract, Transform, Load (ETL) - A database process especially applied to data
warehouses; Extracts data from outside data sources, transforms to fit organizational
needs, and loads data into the target database or warehouse
Field - See attribute; also referred to as a column in a relational database
Financial Statement Level Risks - Risks that may affect many different accounts and
several assertions; typically require an overall response such as more supervision or
unpredictability
Fraud - Intentionally harming the entity for personal, financial gain
Fraud Risk Factors - Identifiers, indicators, situations, behaviors, and other evidence
that a fraud has occurred, is occurring, or will occur; See AU 316 for specific list
Fraud Triangle - Pressure/incentive, opportunity, rationalization/attitude
Fraud Tree - A study by ACFE determined the taxonomy of fraud resembles a tree with
asset misappropriations, fraudulent financial reporting, and corruption as its main
branches
Information Lifecycle Management (ILM) - The structure and processes associated with
managing information from creation or capture through disposition or destruction;
Identify, capture, organize/manage, access/share/utilize, archive, and destroy
Inherent Risk (IR) - The susceptibility that a relevant assertion could be misstated
assuming that there are no other related controls
Internal Control - A process affected by the board of directors, management, and other
personnel designed to provide reasonable assurance regarding the achievement of
effectiveness and efficiency of operations, reliability of financial reporting, and
compliance with laws and regulations
