Ch8 Practise Q's - Internal Controls I

Question 1

What part of an organisation determines the corporate governance?(LO1)

A Shareholders.
B Board of directors.
C Employees.
D Government.

Answer 1

B Board of directors.

Question 2

What could be the result of poor corporate governance in an organisation?(LO1)

A Poor returns on investment for minority shareholders.
B Bad publicity from environmental groups.
C Company failure and potential damage to economy.
D Managers who are influenced by self-interest rather than the longevity of the company.

Answer 2

C Company failure and potential damage to economy.

Question 2

In Australia, it is recommended that the board is made up of:(LO2)

A full time employees of the company.
B a mixture of executive and independent directors.
C CEO plus external directors who are not involved in the business.
D accountants, auditors and executive directors.

Answer 2

B a mixture of executive and independent directors.

Question 3

Protecting the IT resources and ensuring the reliable and continuous operations are all aspects of:(LO3)

A IT governance.
B corporate governance.
C managing risk.
D IT management.

Answer 3

A IT governance.

Question 3

IT governance must respond to the dual forces of:(LO3)

A business pressures and business IT needs.
B business strategy and IT proposals.
C IT opportunities and IT capabilities.
D IT management and IT projects.

Answer 3

A business pressures and business IT needs.

Question 3

The requirement to promote ethical and responsible decision making includes the need to:(LO2)

A hold training courses on risk analysis for all senior managers.
B have an ethics committee that reviews all decisions worth more than $1000.
C have a code of conduct for employees and management.
D employ an equal cross section of gender, racial, religious, disabled minorities.

Answer 3

C have a code of conduct for employees and management.

Question 4

COBIT5.0 is a framework for the governance and management of enterprise IT (information technology). Which of the following is NOT a major principle of COBIT5.0:(LO4)

A meeting stakeholder needs.
B integrating governance and management.
C applying a single integrated framework.
D enabling a holistic approach.

Answer 4

B integrating governance and management.

Question 5

COBIT5.0 is a framework for the governance and management of enterprise IT (information technology) which has evolved and extended its scope over 20 years to cover all of the following areas:(LO4)

A Audit, Control, Infrastructure Management, IT Governance and Governance of Enterprise IT.
B Audit, Control, Management, IT Infrastructure and Governance of Enterprise IT.
C Audit, Control, Management, IT Governance and Governance of Enterprise IT.
D Audit, Control, IT Security, Management and Enterprise IT.

Answer 5

C Audit, Control, Management, IT Governance and Governance of Enterprise IT.

Question 6

Which of the following is the most important requirement of internal control?(LO5)

A Effectiveness and efficiency of operations.
B Reliability of financial reporting.
C Compliance with applicable laws and regulations.
D Systems and procedures that help to manage risk and achieve objectives.

Answer 6

D Systems and procedures that help to manage risk and achieve objectives.

Question 7

Which of the following statements is true?(LO5)

A Only the COSO definition states that internal controls can provide reasonable assurance.
B Only the ASA definition states that internal controls can provide reasonable assurance.
C Both COSO and ASA definitions state that internal controls can provide reasonable assurance.
D Neither COSO nor ASA definition states that internal controls can provide reasonable assurance.

Answer 7

C Both COSO and ASA definitions state that internal controls can provide reasonable assurance.

Question 8

The COSO is a control framework for the management of financial controls within an organisation. Expectations for internal control and standards of conduct are set by the Board of Directors and senior management. There are five (5) COSO principles for the control environment – which of these is NOT a COSO principle:(LO6)

A establishment of structures and reporting lines by senior management, in collaboration with the Board of Directors.
B demonstrating a commitment to integrity and ethical values.
C establishment of appropriate authorities and responsibilities by senior management, in collaboration with the Board of Directors.
D establishment of structures and reporting lines to ensure the interdependence between senior management and the Board of Directors.

Answer 8

D establishment of structures and reporting lines to ensure the interdependence between senior management and the Board of Directors.

Question 9

The COSO is a control framework for the management of financial controls within an organisation. The framework outlines the following three (3) key objectives - Operations Objectives; Reporting Objectives; and Compliance Objectives - that provide organisations with different perspectives of internal control. In order for these three (3) objectives to be achieved, we require the following five (5) integrated control components:(LO6)

A control environment, risk assessment, control activities, information and communication and monitoring.
B control environment, risk activities, control assessment, information and communication and monitoring.
C control environment, risk assessment, control activities, information and communication and maintenance.
D control environment, risk assessment, control activities, information and networking and monitoring.

Answer 9

A) control environment, risk assessment, control activities, information and communication and monitoring.

Question 10

If sales have not been entered into the Accounting Information System, this is an example of which type of transaction risk?(LO7)

A Occurrence.
B Completeness.
C Accuracy.
D Cut-off.

Answer 10

B Completeness.

Question 11

To which of the following risks are organisations that depend on the Internet for trading through e-commerce particularly vulnerable:(LO7)

A risk of network disruption.
B risk of key suppliers moving to other organisations.
C risk of new competitors taking market position.
D risk of unauthorised access to online systems.

Answer 11

A risk of network disruption.

Question 12

The COSO and COBIT frameworks are seen as complementary and compatible. One of the main underlying concepts of both frameworks is the:(LO8)

A interdependence of board members and IT and corporate governance.
B separation of IT from corporate governance.
C independence of management and IT from corporate governance.
D integration of IT into corporate governance.

Answer 12

D integration of IT into corporate governance.

Question 13

Corporate governance is:(LO2)

an internal control tool.

a factor influencing internal control.

a substitute for internal control.

part of the control environment.

Answer 13

a factor influencing internal control.

Question 14

An internal control system includes the control environment component. This is best described as:(LO5)

the overall attitude of awareness and actions of management to internal control.

the environment in which the business operates that it wishes to control to negate any business risks.

management’s response to the risks that an organisation faces.

the provision of sufficient information to enable employees to effectively operate in their roles.

the monitoring of performance to ensure that the organisation’s control system is still relevant and up to date.

Answer 14

the overall attitude of awareness and actions of management to internal control.

Question 15

In which component of the internal control system would you see a concern with hiring and recruitment policies?(LO5), (LO6)

Control environment

Risk assessment

Control activities

Information and communication

Monitoring

Answer 15

Control environment

Question 15

IT governance is concerned with:(LO3)

ensuring that the correct IT investment is always made.

controlling the use of IT within the organisation.

mandating selection procedures for new IT investments.

policies and procedures helping to align the use of IT and strategy.

Answer 15

policies and procedures helping to align the use of IT and strategy.

Question 16

In which component of the internal control system would you see a concern with reviewing the existing control system operation?(LO5), (LO6)

Control environment

Risk assessment

Control activities

Information and communication

Monitoring

Answer 16

Monitoring

Question 17

Which financial statement assertion is threatened when the organisation has recorded sales that didn’t take place?(LO7)

Occurrence

Completeness

Accuracy

Classification

Answer 17

Occurrence

Question 18

The assertion of cut-off would be at risk when:(LO7)

the accounting information system accepts a value that is incorrect (e.g. 122 instead of 22).

the accounting information system accepts a fictitious sale.

the accounting information system includes a sale for the next financial year in this year’s revenue figure.

a revenue item is classified as an expense when entering the transaction.

Answer 18

the accounting information system includes a sale for the next financial year in this year’s revenue figure.

Question 19

Which of the following statements regarding risks for a business is false?(LO7)

Risks can come from both internal and external factors.

Risks faced by an organisation will always have consequences for the financial statements.

Management needs to be aware of and evaluate the risks that the organisation faces.

The risks identified will have varying probabilities of eventuating.

Answer 19

Risks faced by an organisation will always have consequences for the financial statements.