Explanation:
Detection risks are directly affected by the auditor’s selection of audit procedures and techniques. Inherent risks are not usually affected by an IS auditor. Control risks are controlled by the actions of the company’s management. Business risks are not affected by an IS auditor.

Explanation:
Compliance testing determines whether controls are being applied in compliance with policy. This includes tests to determine whether new accounts were appropriately authorized. Variable sampling is used to estimate numerical values, such as dollar values.
Substantive testing substantiates the integrity of actual processing; such as balances on financial statements. The development of substantive tests is often dependent on the outcome of compliance tests. If compliance tests indicate that there are adequate internal controls, then substantive tests can be minimized. Stop-or-go sampling allows a test to be stopped as early as possible and is not appropriate for checking whether procedures have been followed.

Explanation:
Using a statistical sample to inventory the tape library is an example of a substantive test.

Explanation:
Database snapshots can provide an excellent audit trail for an IS auditor.

Explanation:
A reasonableness check is a data validation edit control that matches input data to an occurrence rate.

Explanation:
Processing controls ensure that data is accurate and complete, and is processed only through authorized routines.

Explanation:
Data edits are implemented before processing and are considered preventive integrity controls.

Explanation:
Hash totals are used as a control to detect loss, corruption, or duplication of data.

Explanation:
Control totals should be implemented as early as data preparation to support data integrity at the earliest point possible.

Explanation:
An application-level edit check to verify availability of funds should be completed at the electronic funds transfer (EFT) interface before an EFT is initiated.