B1 - M1: Internal Control Framework

Question 1

The components of the Fraud Triangle are:

Answer 1

Incentive, Opportunity, and Rationalization

Question 2

Evaluating internal control procedures in a large public corporation is the responsibility of:

Answer 2

Internal Audit Staff reporting to the Board of Directors

Question 3

The Organizational Structure principle stresses:

Answer 3

Reporting relationships. Reporting relationships should not undermine effective financial reporting, Independence of the board, internal auditors

Question 4

The Board of Directors principle stresses:

Answer 4

Leadership. The board oversees the implementation fo financial reporting and internal controls

Question 5

The Human Resources principle stresses:

Answer 5

Policy, procedure, competence

Question 6

The Authority and Responsibility principle stresses:

Answer 6

Appropriate delegation to maintain effective internal controls

Question 7

The concept of Management’s Philosophy and Operating style deal primary with:

Answer 7

Work Ethic and Commitment to effective Financial Reporting

Question 8

The primary purpose of Monitoring Internal Control is:

Answer 8

To verify that an internal control system is adequate to address changes in RISK

Question 9

Under COSO, is the Approval of high-dollar transactions by supervisors a Monitoring Activity?

Answer 9

No, because this action IS THE CONTROL and does not represent monitoring.

Question 10

Under COSO, is the Investigation of variances between actual and expected results a Monitoring Activity?

Answer 10

Yes, because this could detect a failure

Question 11

Under COSO, is Following Up on customer and vendor complaints regarding amounts dued/owed a Monitoring Activty?

Answer 11

Yes, because this could detect a failure

Question 12

Under COSO, is Comparing information from various sources in the organization a Monitoring Activity?

Answer 12

Yes, because this could detect a failure

Question 13

Under COSO Internal Control Framework, the action of Setting Baseline Expections for Employee Performance is an example of:

Answer 13

Control Environment Component, specifically the Accountability Principle

Question 14

The relationship between a Board of Directors and its company is defined as:

Answer 14

Fiduciary

Question 15

Prioritize Findings is a part of which Component of COSO Integrated Framework?

Answer 15

Assess-and Report phase of Monitoring Internal Controls

Question 16

Prioritize Risks is a part of which Component of COSO Integrated Framework?

Answer 16

Risk Assessment Component

Question 17

Identify Controls is a part of which Component of COSO Integrated Framework?

Answer 17

Control Activities Component

Question 18

Tone at the top is a part of which Component of COSO Integrated Framework?

Answer 18

Control Environment Component

Question 19

When programmers have the ability to implement application code changes into production without monitoring or Quality Assurance functions, this is an example of what type of definciency?

Answer 19

Change Control

Question 20

What are the Five Components of Internal Control under COSO?

Answer 20

CRIME; C-ontrol Environment, R-isk Assessment,
I-nformation & Communication, M-onitoring,
E-xisting Control Activities

Question 21

What are the objectives of Risk Assessment (CRIME -5 components of Internal Control, COSO)?

Answer 21

Financial Reporting Objectives, Risks, Fraud Risk

Question 22

What are the objectives of Existing Control Activities (CRIME -5 components of Internal Control, COSO)?

Answer 22

Policy, Procedure, Info Tech

Question 23

What are the objectives of Control Environment (CRIME -5 components of Internal Control, COSO)?

Answer 23

Ethics, Independence, Oversight, Org Structure, Competence, Accountability

Question 24

What are the objectives of Information and Communication (CRIME -5 components of Internal Control, COSO)?

Answer 24

Internal communication, External communication, Obtain and Use information

Question 25

What are the objectives of Monitoring (CRIME -5 components of Internal Control, COSO)?

Answer 25

Internal Control Performance over time, Design and Operation of Controls

Question 26

Why is having one employ Enter and Approve Purchase Orders a violation of Segregation of Duties?

Answer 26

Because the employee could enter false purchase data and then approve it, resulting fraudulent payments. Having an Independent Approver makes this less likely.

Question 27

What is Positive Pay (Banking)?

Answer 27

Positive Pay is a tool used for fraud detection, matching key attributes of a check (i.e. check #, check amt, acct #) to an inventory of authorized checks issued by the company