4/30

Question 1

Requirements of Audit Committees

Answer 1

SOX requires 1 financial expert w/ understanding of GAAP and Fin Stmts & exp in preparing or auditing F/S & experience with internal auditing controls & understanding of audit committee functions

Question 2

What did Dodd-Frank do re: a whistleblowers right to sue for retaliation accorded by SOX?

Answer 2

1. Extended time to file a complaint with OSHA from 90 to 180 days
2. Extended right to sue to whistleblowing employees of private subsidiaries controlled by public companies.
3. Granted whistleblowers the right to a jury trial in retaliation cases that are properly filed in federal court

Question 3

Reward under Doddd-Frank act in providing info to authorities in re: to fraud in company

Answer 3

10%-30% of sanctions imposed

Question 4

By amending SOX, Dodd-Frank protects whistleblowers in nonpublic subsidiaries of public companies from retaliation.

Answer 4

fact

Question 5

Can SEC enforce the whistleblower retaliation provisions of Dodd-Frank?

Answer 5

Yes!

Question 6

General Control

Answer 6

Apply to all functions, not just specific accounting applications. General controls help ensure that data integrity is maintained.

Question 7

Detective Control

Answer 7

“After the fact” controls. ie data entry edits, recon of batch control totals

Question 8

Preventive Control

Answer 8

“Before the fact” controls designed to stop an error or irregularity from occurring. Examples of preventive controls include locks on building and doors, password protected access to files, and segregation of duties.

Question 9

Corrective Control

Answer 9

Allows users to recover from a problem once identified ie. disaster recover plans, insurance, backup files

Question 10

Feed-Forward Controls

Answer 10

A process in which future results are projected based on current and past information and, if the future results are undesirable, the inputs to the system are changed to avoid the projected outcome. Many inventory ordering systems are essentially feed-forward controls: the system projects product sales over the relevant time period, identifies the current inventory level, and orders inventory sufficient to fulfill the sales demand.

Question 11

Feedback Controls

Answer 11

A procedure in which the results of a process are evaluated and, if the results are undesirable, the process is adjusted to correct the results; most detective controls are also feedback controls.

Question 12

Risk Assesment

Answer 12

This is the process of identifying, analyzing, and managing the risks involved in achieving the organization’s objectives.

Question 13

Which is the component of I.C. that concerns testing the system and data

Answer 13

Monitoring

Question 14

COSO cube Model?

Answer 14

Monitoring, Control Activities, Risk Assesment, Info

& Communications, control environment

Question 15

Control Objectives

Answer 15

1. Compliance
2. Operations
3. Reporting

Question 16

Control Activities

Answer 16

Policies & procedures that ensure actions taken are to address risks related to achievment of mgmts objectives, technology controls, and policies

Question 17

Risk Assesment

Answer 17

Relates to organizational objectives, risk assessment, fraud, and change mgmt

Question 18

Monitoring - COSO control Principal

Answer 18

Relates to establishing ongoing and periodic evaluations, & addressing control deficiencies

Most core, underlying control.

Question 19

Info & Comm - COSO control principal

Answer 19

Relates to quality of information supporting controls, and internal and external communication

Question 20

Risk Response

Answer 20

Managements decision to avoid, accept, reduce, or share risk and to develop set of actions to align risk with entity’s risk preferences

Question 21

How many objectives does COSO model have? COSO ERM?

Answer 21

5,8

Question 22

What is expected value?

Answer 22

calculates and integrates likelihood of losses w/amt of losses.

Question 23

What are the two main attributes of effective evaluators that are identified by COSO?

Answer 23

Competence and Objectivity

Question 24

What is compensating Control?

Answer 24

A control that accomplishes the same objective as another control

Question 25

Change Identification

Answer 25

Monitoring for change process that would include ongoing and separate evaluations intended to identify and address changes in IC effectiveness

Question 26

In large public corp, evaluating IC procedures should be responsibility of?

Answer 26

Internal audit staff who reports to board of directors

Question 27

The IIA’s Definition of Internal Auditing

Answer 27

Helps an org accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

Question 28

Term that identifies the characteristics of organizations and individuals performing internal audit services?

Answer 28

Attribute Standards

Question 29

Term that identifies the type of internal auditing stds used to measure quality of internal auditors conduct in delivering internal audit services?

Answer 29

Performance Standards

Question 30

Which Principle of code of ethics does this rule of conduct relate to?
“Internal auditors shall perform internal audit services in accordance with the International Standards for the Professional Practice of Internal Auditing.”

Answer 30

Competency

Question 31

What does the mandatory guidance consist of? for the IIA’s Intl Professional Practices Framework

Answer 31

1) Definition of Internal Auditing; (2) Code of Ethics; and (3) International Standards.

Question 32

The key words associated with the four Principles comprising the IIA’s Code of Ethics are

Answer 32

(1) Integrity; (2) Objectivity; (3) Confidentiality; and (4) Competency.

Question 33

The primary themes associated with the Attribute Standards are

Answer 33

(1) Purpose, Authority, and Responsibility; (2) Independence and Objectivity; (3) Proficiency and Due Professional Care; and (4) Quality Assurance and Improvement Program.

Question 34

The Attribute Standards related to an internal audit activity’s Quality Assurance and Improvement Program must include periodic external assessments. How often is an external assessment required?

Answer 34

At least every 5 years

Question 35

hat term identifies the guidance in the International Standards for the Professional Practice of Internal Auditing that distinguishes between requirements for “assurance” services and “consulting” services?

Answer 35

Implementation Standards

Question 36

In the COSO “cube” model, this component of internal control enables an organization’s people to identify, process, and exchange the information needed to manage and control operations.

Answer 36

Information and Communication