Question

Internal auditors and management have become increasingly concerned about computer fraud. Which of the following control procedures is least important in preventing computer fraud?

A. Segregation of duties between the applications programmer and the program librarian function.
B. Segregation of duties between the programmer and systems analyst.
C. Program change control requiring a distinction between production programs and test programs.
D. Testing of new applications by users during the systems development process.

Answer 1

Option D, user testing of new applications, is the least important control procedure in preventing computer fraud as it does not directly focus on fraud prevention like the other options which deal with segregation of duties and program change control.

Step-by-step explanation:

Management and internal auditors prioritize several control procedures to prevent computer fraud. Of the options provided, the least important in preventing fraud is likely D. Testing of new applications by users during the systems development process.

While user testing is essential for ensuring applications meet business requirements and are user-friendly, it doesn’t directly focus on fraud prevention like the segregation of duties or program change control does. Separation of programmer and systems analyst roles (Option B) and segregation between applications programmers and the program librarian function (Option A) both reduce the risk of unauthorized access or changes to systems. Control over program changes (Option C) enforces a transparent system for production and test programs and reduces the risk of fraudulent program manipulations.