CGIC

Question 1

To qualify as a “financial expert” under the Sarbanes-Oxley Act, an individual must possess all of the following except:

a. An understanding of internal controls and procedures for financial reporting.
b. An understanding of how to conduct an audit of financial statements.
c. An understanding of audit committee functions.
d. An understanding of generally accepted accounting principles and financial statements.

Answer 1

An understanding of how to conduct an audit of financial statements.

Question 2

An important benefit of an enterprise risk management system is

Answer 2

Alignment of management risk taking with shareholder risk appetite.

Question 3

Keller Company has implemented an enterprise risk management system and has responded to a particular risk by adding internal controls. Such a response is
characterized by COSO’s Enterprise Risk Management Framework as:

Answer 3

Reduction.

Question 4

Which of the following is not an advantage of the employment of an enterprise risk management (ERM) system?

a. Improves the deployment of capital.
b. Allows an organization to eliminate all risks.
c. Reduces operational surprises.
d. Helps an organization seize opportunities.

Answer 4

Allows an organization to eliminate all risks.

Question 5

Under the Sarbanes-Oxley Act, which of the following officers must certify to the accuracy and truthfulness of the periodic financial reports of an issuer company?

a. The corporate treasurer.
b. The corporate controller.
c. The chief financial officer.
d. The corporate secretary.

Answer 5

The chief financial officer.

Question 6

Which of the following disclosures is required by the Dodd-Frank Act of 2010?

a. Disclosure of who appoints the external auditors.
b. Disclosure of the number of inside directors on the board.
c. Disclosure of why or why not the chairman of the board is also the chief executive officer.
d. Disclosure of what committee sets compensation policy.

Answer 6

Disclosure of why or why not the chairman of the board is also the chief executive officer.

Question 7

According to COSO, the use of ongoing and separate evaluations to evaluate the design and implementation of changes can best be accomplished in which of the
following stages of the monitoring-for-change continuum?
a. Change identification.
b. Control revalidation/update.
c. Change management.
d. Control baseline.

Answer 7

Change management.

Question 8

Which of the following is more effective as an external monitoring device for a publicly held corporation than the others?

a. Internal auditors.
b. The PCAOB.
c. External auditors.
c. Attorneys.

Answer 8

External auditors.

Question 9

Which of the following is not required of corporations that are listed on the New York Stock Exchange?

a. One member of the audit committee of the board of directors must be a financial expert.
b. The principle executive officer must disclose all significant internal control deficiencies.
c. External auditors must report directly to the audit committee of the board of directors.
d. The chairman of the board of directors cannot also serve as the chief executive officer.

Answer 9

The chairman of the board of directors cannot also serve as the chief executive officer.

Question 10

Which of the following is not a requirement of the Wall Street Reform and Consumer Protection (Dodd-Frank) Act for publicly held corporations registered with the
SEC?
a. The director of internal audit must report directly to the chairman of the audit committee.
b. If it is decided that the CEO should also be appointed chairman of the board, the corporation must disclose why this decision was made.
c. Shareholders must be allowed a nonbinding vote on officer compensation at least every three years.
d. The members of the compensation committee of the board must be independent.

Answer 10

The director of internal audit must report directly to the chairman of the audit committee.

Question 11

Which of the following components of internal control encompass policies and procedures that ensure that management’s directives are carried out?

a. Monitoring.
b. Information and communication.
c. The control environment.
d. Control activities.

Answer 11

Control activities.

Question 12

Which of the following is not a responsibility that should be assigned to the audit committee of the board of directors?

a. Determining the compensation of the external auditor.
b. Mediating differences of opinions regarding accounting matters between the external auditor and management.
c. Appointing the external auditor.
d. Determining the incentive compensation of top management.

Answer 12

Determining the incentive compensation of top management.

Question 13

Which of the following controls is best at addressing the risk of sales to customers who are not able to pay for them?

a. Independent sales department prepares sales orders.
b. Independent credit approval process.
c. Match shipping documents with sales invoices.
d. An individual not involved with the order filling process checks shipments for accuracy.

Answer 13

Independent credit approval process.

Question 14

From a corporate governance standpoint which of the following best describes the main goal of a form of executive compensation?

a. Adequately compensate executives.
b. Align the incentives of executives with those of the corporate shareholders.
c. Motivate management to engage in activities that have the prospect of maximizing corporate profits.
d. Keep management from shirking.

Answer 14

Align the incentives of executives with those of the corporate shareholders.

Question 15

Which of the following is necessary to be an audit committee financial expert according to the criteria specified in the Sarbanes-Oxley Act of 2002?

a. An understanding of corporate governance rules and procedures.
b. An understanding of auditing standards.
c. An understanding of SEC regulations.
d. An understanding of generally accepted accounting principles and financial statements.

Answer 15

An understanding of generally accepted accounting principles and financial statements.

Question 16

Which of the following is not one of the attributes of a financial expert as required in the SEC rules regarding audit committees?

a. An understanding of generally accepted accounting principles.
b. An understanding of audit committee functions.
c. An understanding of generally accepted auditing standards.
d. An understanding of internal controls and procedures for financial reporting.

Answer 16

An understanding of generally accepted auditing standards.

Question 17

From the standpoint of corporate governance which of the following is the most important stakeholder in a corporation?

a. Management.
b. Customers.
c. Society.
d. Shareholders.

Answer 17

Shareholders.

Question 18

Which of the following items is not typically included in a corporation’s articles of incorporation?

a. Name and address of each incorporator.
b. Name of the registered agent of the corporation.
c. How directors are elected.
d. Purpose of the corporation.

Answer 18

How directors are elected.

Question 19

Which of the following executives of an issuer corporation must certify to the accuracy and truthfulness of financial reports filed with the SEC?

a. The chief executive officer and the chief risk officer.
b. The chief risk officer and the chief financial officer.
c. Only the chief financial officer.
d. The chief executive officer and the chief financial officer.

Answer 19

The chief executive officer and the chief financial officer.

Question 20

Which of the following can be the most effective monitoring device for effective corporate governance?

a. Stock analysts.
b. Shareholders.
c. The audit committee of the board of directors.
d. The SEC.

Answer 20

The audit committee of the board of directors.

Question 21

In the COSO framework, individuals within the company that monitor internal controls are referred to as

Answer 21

Evaluators.

Question 22

Internal control systems may breakdown for all of the following reasons except:

a. Management may override the control.
b. Controls may be improperly designed.
c. Controls can be circumvented by collusion.
d. Faulty judgments by personnel.

Answer 22

Controls may be improperly designed.

Question 23

If internal control is properly designed, the same employee should not be permitted to

Answer 23

Prepare disbursement vouchers and sign checks.

Question 24

Which of the following tasks would be included in a document flowchart for processing cash receipts?

a. Authorize and generate a voucher.
b. Record returns and allowances.
c. Compare control and remittance totals.
d. Authorize and generate an invoice.

Answer 24

Compare control and remittance totals.

Question 25

Which of the following tasks would be included in a document flowchart for processing cash receipts?

a. Authorize and generate a voucher.
b. Record returns and allowances.
c. Compare control and remittance totals.
d. Authorize and generate an invoice.

Answer 25

Compare control and remittance totals.

Question 26

Which of the following is not true regarding the director independence rules of the New York Stock Exchange?
a. A director is not independent if s/he was a former partner with the corporation’s external audit firm in the last 5 years.
b. A director is not independent if s/he is an officer of a company that is a significant customer of the corporation.
c. A director is not independent if s/he has been employed by the corporation in the last 5 years.
d. A director is not independent if s/he received $120,000 in payments (not including compensation for serving on the board) from the corporation in a twelve month
period in the last 3 years.

Answer 26

A director is not independent if s/he is an officer of a company that is a significant customer of the corporation.

Question 27

Which of the following is mandated by the New York Stock Exchange rules related to corporate governance?

a. Three-quarters of board members must be independent.
b. Ninety percent of board members must be independent.
c. A majority of board members must be independent.
d. One-quarter of board members must be independent.

Answer 27

A majority of board members must be independent.

Question 28

Which of the following is not required by the Sarbanes-Oxley Act of 2002?
a. It requires management to certify that the company has violated no major laws.
b. It requires management to provide an assessment of the effectiveness of internal control.
c. It requires management to certify that the financial statements fairly present, in all material respects, the financial condition and results of operations of the
company.
d. It requires the principal executive and financial officers to disclose all significant internal control deficiencies to the company’s auditors and audit committee.

Answer 28

It requires management to certify that the company has violated no major laws.

Question 29

Layton Company has implemented an enterprise risk management system and has responded to a particular risk by purchasing insurance. Such a response is
characterized by COSO’s Enterprise Risk Management Framework as:

Answer 29

Sharing.

Question 30

The objective of safeguarding of assets is a subset of which of the following objectives?

a. Compliance.
b. Fraud.
c. Reporting.
d. Operations.

Answer 30

Operations.

Question 31

Which of the following is the least effective device for monitoring management behavior?

a. The internal auditor.
b. Security analysts.
c. The audit committee of the board of directors.
d. The external auditor.

Answer 31

Security analysts.

Question 32

Which of the following bodies has developed a framework for enterprise risk management?

a. The American Institute of Certified Public Accountants (AICPA).
b. The Institute of Risk Management Professionals (IRMP).
c. The Public Company Accounting Oversight Board (PCAOB).
d. The Committee of Sponsoring Organizations (COSO).

Answer 32

The Committee of Sponsoring Organizations (COSO).

Question 33

The reporting objectives as set forth in COSO’s definition of internal control encompass:

Answer 33

Internal informal reporting objectives.

Question 34

Which of the following internal control components includes the principle that the organization evaluates and communicates internal control deficiencies in a timely
manner to those parties responsible for taking corrective action?
a. Information and communication.
b. The control environment.
c. Monitoring.
d. Control activities.

Answer 34

Monitoring.

Question 35

Which of the following is not a principle related to the control environment?

a. The organization identifies and assesses changes that could significantly affect internal control.
b. A commitment to integrity and ethical values.
c. Individuals are held accountable for their control responsibilities.
d. A commitment to attract, develop, and retain competent individuals.

Answer 35

The organization identifies and assesses changes that could significantly affect internal control.

Question 36

The COSO definition of internal control considers control activities a(n):

a. Control objective.
b. Component of internal control.
c. Portion of information and communication.
d. Element of the control environment.

Answer 36

Component of internal control.

Question 37

Which of the following is not a response to a risk as identified by COSO’s Enterprise Risk Management Framework?

a. Avoidance.
b. Sharing.
c. Reduction.
d. Delaying.

Answer 37

Delaying.

Question 38

Which of the following is not a principle related to the risk assessment component of internal control?

a. The organization considers the potential for fraud.
b. The organization evaluates and communicates internal control deficiencies in a timely manner.
c. The organization specifies objectives with sufficient clarity.
d. The organization identifies risks to the achievement of its objectives across the entity.

Answer 38

The organization evaluates and communicates internal control deficiencies in a timely manner.

Question 39

The Dodd-Frank Act of 2010 established a requirement that

Answer 39

All members of the compensation committee of the board of directors be independent.

Question 40

Which of the following components is a set of standards, processes, and structures that provide the basis for carrying out internal control across the organization:

a. Monitoring.
b. Control activities.
c. The control environment.
d. Information and communication.

Answer 40

The control environment.

Question 41

Which of the following is not a statutory requirement regarding the committees of the board of directors of publicly held corporations registered with the SEC?

a. All members of the compensation committee must be independent.
b. Members of the compensation committee must have a human resource management background.
c. All members of the audit committee must be independent.
d. At least one member of the audit committee must be a ‘financial expert.’

Answer 41

Members of the compensation committee must have a human resource management background.

Question 42

Which of the following is true about the Sarbanes-Oxley requirements regarding the audit committee financial expert?

a. The financial expert must have prior experience auditing financial statements.
b. If a firm does not have a financial expert, it must provide an explanation.
c. The financial expert must be an inside director.
d. The financial expert must have prior experience as either an internal or external auditor.

Answer 42

If a firm does not have a financial expert, it must provide an explanation.

Question 43

According to the Institute of Internal Auditors’ Standards, the internal audit function should have all of the following competencies except:

a. Knowledge to evaluate fraud risk.
b. Knowledge of information technology audit techniques.
c. Knowledge of financial reporting.
d. Knowledge of key information technology risks.

Answer 43

Knowledge of financial reporting.

Question 44

Which of the following is not a limitation of an enterprise risk management system?

a. Companies cannot avoid risk.
b. Enterprise risk management is subject to management override.
c. Risk relates to the future that is uncertain.
d. Collusion among two or more individuals can result in enterprise risk management failure.

Answer 44

Companies cannot avoid risk.

Question 45

Which of the following forms of compensation is more likely to result in shirking by management?

a. Base salary and stock grants.
b. Base salary and bonus.
c. Fixed compensation.
d. Base salary and stock options.

Answer 45

Fixed compensation.

Question 46

According to the Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing, the chief audit executive should

Answer 46

Establish a risk-based approach to determine audit priorities.

Question 47

A financial statement audit performed under the requirements of the Sarbanes-Oxley Act of 2002 must include an examination and report upon

Answer 47

Internal control.

Question 48

To protect his or her interest a large minority shareholder would prefer which of the following types of shares?

a. Common stock with cumulative voting rights.
b. Common stock with no voting rights.
c. Preferred shares.
d. Common stock with statutory voting rights.

Answer 48

Common stock with cumulative voting rights.

Question 49

A director of Riley Corporation is made aware of an opportunity that would be advantageous and of interest to the corporation. Which of the following represents his
best course of action?
a. Accept the opportunity on behalf of Riley Corporation.
b. Accept the opportunity on behalf of himself if there is no conflict of interest.
c. Reject the opportunity for both himself and Riley Corporation.
d. Bring the opportunity to Riley Corporation.

Answer 49

Bring the opportunity to Riley Corporation.

Question 50

Which of the following is not a component of COSO’s enterprise risk management framework?

a. Monitoring.
b. Risk Assessment.
c. Information and communication.
d. Risk elimination.

Answer 50

Risk elimination.

Question 51

The definition of internal control developed by the Committee of Sponsoring Organizations (COSO) includes the objectives of reporting, compliance with laws and
regulations and:

Answer 51

Effectiveness and efficiency of operations.

Question 52

According to the lIA International Standards for the Professional Practice of Internal Auditing, the internal audit charter should include all of the following except:

a. The purpose of the internal audit activity.
b. The responsibility of the internal audit activity.
c. The authority of the internal audit activity.
d. The scope of the internal audit activity.

Answer 52

The scope of the internal audit activity.

Question 53

Which of the following components of internal control are characterized by ongoing activities and separate evaluations?

a. Information and communication.
b. Risk assessment.
c. The control environment.
d. Monitoring.

Answer 53

Monitoring.