BEC Homework Flashcards
According to COSO, which of the following is the most effective method to transmit a message of ethical behavior throughout an organization?
a. Strengthening internal audit’s ability to deter and report improper behavior.
b. Demonstrating appropriate behavior by example.
c. Specifying the competence levels for every job in an organization and translating those levels to requisite knowledge and skills.
d. Removing pressures to meet unrealistic targets, particularly for short-term results.
Choice “b” is correct. According to COSO, demonstrating appropriate behavior by example is the most effective method to transmit a message of ethical behavior throughout an organization. The commitment to ethical behavior begins with the tone at the top, and is best established by management’s demonstrated commitment to ethical behavior.
Within the COSO Internal Control - Integrated Framework, which of the following components is designed to ensure that internal controls continue to operate effectively?
a. Monitoring
b. Risk assessment
c. Control environment
d. Information and communication
Choice “a” is correct. The monitoring component or function of the internal control framework is designed to ensure that internal controls continue to operate effectively. Monitoring internal control effectiveness is done to provide an assessment of the performance of the system of internal control over time. Monitoring is designed to ensure that internal controls operate effectively.
According to COSO, an effective approach to monitoring internal control involves each of the following steps, EXCEPT:
a. Increasing the reliability of financial reporting and compliance with applicable laws and regulations.
b. Establishing a foundation for monitoring.
c. Designing and executing monitoring procedures that are prioritized on risks to achieve organizational objectives.
d. Assessing and reporting the results, including following up on corrective action where necessary.
Choice “a” is correct. Increasing the reliability of financial reporting and compliance with applicable laws and regulations is an approach to promoting a management philosophy and style that is contingent with effective financial reporting and control, not monitoring. Monitoring internal control may involve establishing a foundation for monitoring, prioritization of monitoring procedures based on risk to achieve organization objectives, and assessing reporting results following up as appropriate with corrective actions.
According to COSO, which of the following is a compliance objective?
a. To maintain accounting principles that conform to GAAP.
b. To maintain a safe level of carbon dioxide emissions during production.
c. To maintain material price variances within published guidelines.
d. To maintain adequate staffing to keep overtime expense within budget.
Choice “b” is correct. Maintaining safe (mandated by regulation) carbon dioxide emissions during production is a compliance objective. Compliance objectives include adherence to the laws, rules, and regulations associated with operations, including environmental regulations and other laws.
A not-for-profit organization periodically conducts focus groups of employees, service beneficiaries and governance board members to reevaluate its mission vision and values to determine the accuracy of the strategic statements to refine them where necessary. This activity relates to which component of internal control?
a. Information and communication.
b. Control activities.
c. Risk assessment.
d. Monitoring.
Choice “d” is correct. Periodically comparing and updating the mission vision and values of a not-for-profit could best be classified as a monitoring activity.
Generally, an organization will not operate beyond the limits of their risk appetite. Risk appetite has generally been exceeded when:
a. The likelihood and impact of positive events is within the residual risk.
b. The likelihood and impact of positive events is significantly below residual level.
c. The likelihood and impact of positive events exceed residual risks.
d. The likelihood and impact of positive events significantly exceeds residual risks.
Choice “d” is correct. Generally, an Organization’s risk appetite has been exceeded when the combined likelihood and impact of negative events significantly exceed residual risk. Residual risk represents the risk that remains after management has taken actions to mitigate negative events. If the likelihood and impact of those negative events significantly exceeds the residual risk, the operation is likely to exceed the organization’s risk appetite.
Strategic objectives for the mission and vision of the organization are generally linked to related objectives. All of the following objectives are typically regarded as related objectives EXCEPT:
a. Information technology objectives.
b. Reporting objectives.
c. Compliance objectives.
d. Operations objectives.
Choice “a” is correct. Objectives related to strategy are typically operations and reporting and compliance objectives. Information technology objectives may be a subset of one of these objectives, but is typically not a separate objective.
A significant component of risk assessment is the identification of events that might impede the achievement of objectives. The technique characterized by the department of a listing of potential events common to a specific industry or functional area is known as a(n):
a. Interview
b. Facilitated workshop
c. Event inventory
d. Questionnaire
Choice “c” is correct. Lists of potential events are known as event inventories. Often they are generic lists related to an industry.
