BEC

Question 1

What are the 7 cybersecurity framework (CSF) implementation steps?

Answer 1

1. Prioritize and scope
2. Orient
3. Create a current profile
4. Conduct a risk assessment
5. Create a target profile
6. Determine, analyze, and prioritize gaps
7. Implement action plan

Upon conclusion of the 7 steps for CSF implementation, organization should proceed with
-CSF Action Plan Review and
-CSF Life Cycle Management

Question 2

What is the Business Intelligence system? (BI)

Answer 2

Business intelligence (BI) is a system that provides immediate information about an organization’s critical success factors.

BI is not a program for providing top-management with advice and answers from a knowledge-based (expert) system.

Question 3

Identify the 3 ASEC (Assurance Services Executive Committee) criteria for defining a set of data and evaluating its integrity?

Answer 3

1. Includes the purpose of the data
2. Is complete and accurate
3. Identifies any information that has not been included within the set of data or the description but is necessary for understanding
   each data element and the population.

Question 4

What are the supporting aspects of the COSO ERM Framework?

Answer 4

• Governance and Culture
• Information, Communication, and Reporting

Question 5

What are the process components of the ERM Framework?

Answer 5

• Strategy and Objective-setting
• Performance
• Review and Revision

Question 6

What are the COSO ERM business objectives?

Answer 6

According to COSO ERM Framework, business objectives are:
- Specific
- Measurable or observable
- Obtainable
- Relevant

Question 7

Limitations of the ERM model?

Answer 7

• Faulty human judgement
• Cost-benefit considerations
• Simple errors or mistakes
• Collusion
• Management override of ERM decisions

Question 8

How is ERM defined?

Answer 8

ERM is best defined as the culture, capabilities, and practices that organizations rely on to manage risk in creating, preserving, and realizing value.

Question 9

What are the COSO ERM Governance and Culture principals?

Answer 9

• Exercises board risk oversight
• Establishes operating structures
• Defines desired culture
• Demonstrates commitment to core values
• Attracts, develops, and retains capable individuals

Question 10

What are the COSO ERM Strategy and Objective-Setting principals?

Answer 10

• Analyzes business context
• Defines risk appetite
• Evaluates alternative strategies
• Formulates business objectives

Question 11

What are the COSO ERM Performance principals?

Answer 11

• Identifies risk
• Assesses severity of risk
• Prioritizes risk
• Implements risk responses
• Develops portfolio view

Question 12

What are the COSO ERM Review and Revision Principals?

Answer 12

• Assesses substantial change
• Reviews risk and performance
• Pursues improvement in enterprise risk management

Question 13

What are the COSO ERM Information, Communication, and Reporting principals?

Answer 13

• Leverages information systems
• Communicates risk information
• Reports on risk, culture, and performance

Question 14

Query order

Answer 14

SELECT * FROM inventory_table WHERE Item = “Kitchen Faucet”;

Question 15

Query order

Answer 15

SELECT “Column Name” – Can select more than one column – simply list all names separated by comma
FROM “Table Name”
WHERE “Condition”;

Question 16

What are the 4 main categories of objectives that ERM model is geared toward achieving?

Answer 16

Strategic
Operations
Reporting
Compliance

Question 17

Limitations of COSO?

Answer 17

• Human judgment can be faulty and subject to bias
• Breakdowns and failures occur as long as humans are involved, even from simple errors
• Management can override internal controls
• Management or other personnel can get around controls through collusion - -There will always be external events that are simply beyond management’s control
• Objectives for controls must be suitable as a precondition to internal control (unrealistic or improbable objectives can be set that internal controls can’t fully address)

Question 18

Components of COSO?

Answer 18

● Control environment
● Risk assessment
● Information and communication
● Monitoring
● Control activities

Question 19

Control Environment Principles of COSO?

Answer 19

Control Environment Principles:
● The organization needs to demonstrate a commitment to integrity and ethical values
● The board of directors demonstrates independence from management and exercises oversight of the development and performance of internal control
● Management establishes, with board oversight, structures, reporting lines, and appropriate authorities and responsibilities in pursuit of the objectives
● The organization demonstrates a commitment to attract, develop, and retain competent individuals in alignment with objectives
● The organization holds individuals accountable for their internal control responsibilities in pursuit of objectives

Question 20

Risk Assessment Principles of COSO?

Answer 20

Risk Assessment Principles
● The organization specifies objectives with sufficient clarity to enable the identification and assessment of risk relating to objectives
● The organization identifies risks to the achievement of its objectives across the entity and analyzes risks as a basis for determining how the risks should be managed
● The organization considers the potential for fraud in assessing risks to the achievement of objectives
● The organization identifies and assesses changes that could significantly impact the system of internal control

Question 21

Control Activities Principles of COSO?

Answer 21

Control Activities Principles
● The organization selects and develops control activities that contribute to the mitigation of risks to the achievement of objectives to acceptable levels
● The organization selects and develops general control activities over technology to support the achievement of objectives
● The organization deploys control activities through policies that establish what is expected and procedures that put policies into action

Question 22

Information and Communication Principles of COSO?

Answer 22

Information and Communication Principles
● The organization obtains or generates and uses relevant, quality information to support the functioning of internal control
● The organization internally communicates information, including objectives and responsibilities for internal control, necessary to support the functioning of internal control
● The organization communicates with external parties regarding matters affecting the functioning of internal control

Question 23

Monitoring Activities Principles of COSO?

Answer 23

Monitoring Activities Principles
● The organization selects, develops, and performs ongoing and/or separate evaluations to ascertain whether the components of internal control are present and functioning
● The organization evaluates and communicates internal control deficiencies in a timely manner to those parties responsible for taking corrective action, including senior management and the board of directors, as appropriate

Question 24

Non-Attest Services which CANNOT be provided by external auditors

Answer 24

Auditors are not allowed to touch or help with any part of the financial statements or accounting records, because it creates a conflict of interest in the client’s accounting.

Question 25

Monetary policy

Answer 25

Monetary policy refers to an effort to control and stabilize the economy by controlling the availability of money to companies and consumers.

The purpose of monetary policy is to achieve full employment, noninflationary level of total output.

Question 26

Variable costing

Answer 26

Variable (direct) costing includes variable manufacturing costs only: direct materials, direct labor, and variable manufacturing overhead.

Fixed manufacturing overhead and selling expenses are treated as period costs.

Question 27

As required by GAAP, the fixed portion of the semivariable cost of electricity for a manufacturing plant is a …

Answer 27

Product cost

A product cost is inventoried. A period cost is expensed when incurred. Electricity costs are a part of manufacturing overhead. Manufacturing overhead is a product cost, not a period cost.

Question 28

Which of the following statements is correct regarding variable costing and absorption costing income statements for a company that has no beginning inventory and whose production exceeds sales for the current period?

Answer 28

Net income is higher if absorption costing is used.

Under absorption costing, product cost includes all manufacturing costs, both fixed and variable. Thus, the fixed portion of manufacturing overhead is included in the cost of each product. Under variable costing, product cost includes only variable manufacturing costs; the fixed costs are expensed immediately. When production exceeds sales, ending inventory increases. Because some fixed costs are included in ending inventory under absorption costing while the entire fixed costs are expensed under variable costing, net income is higher under absorption costing.

Question 29

In an income statement prepared for internal reporting using variable cost method, fixed selling & admin expenses are …

Answer 29

Used in the computation of operating income but not in the computation of the contribution margin.

Question 30

External and internal use costing methods

Answer 30

EXTERNAL = absorption (Gross Margin)

ABSORPTION:

Sales - Var COGS - Fixed COGS = Gross Margin

Gross Margin - Var SG&A - Fixed SG&A = Operating Income

INTERNAL = variable (direct) (Contribution Margin)

VARIABLE:

Sales - Var COGS - Var SG&A = Contribution Margin

Contribution Margin - Fixed COGS - Fixed SG&A = Operating Income

Question 31

Absorption costing (full costing)

Answer 31

Under absorption costing, the fixed portion of manufacturing overhead is included in the cost of each product. Product cost includes all manufacturing costs, both fixed and variable.

Absorption-basis COGS is subtracted from Sales to arrive at Gross Profit (Gross Margin).

This method is required under GAAP for external reporting purposes and under the IRC for tax purposes.

Question 32

Variable costing (direct costing or contribution costing)

Answer 32

Appropriate for internal reporting. Product cost includes only variable manufacturing costs.

Variable COGS and the variable portion of S&A expenses are subtracted from Sales to arrive at Contribution Margin.

When production is greater that sales, operating income is higher under absorption costing than under variable costing.

Question 33

Joint Cost Allocation Methods

Answer 33

Physical quantity method - uses physical measure such as volume, weight, or length.

Sales-value at split-off method - is based on the relative sales values of the separate products at split-off.

Estimated net realizable value (NRV) method - allocated joint costs based on the relative market values of the products after an additional process to make the products salable is performed.

Question 34

COGS for retailers

Answer 34

Beg. Inv + Purchases - End. Inventory

Question 35

COGS for manufacturers

Answer 35

Beg. WIP + Total manufacturing costs - End. WIP

Total manufacturing costs =
Beg. Finished goods inventory - End. Finished goods inventory