COSO

Question 1

Name 3 Objectives of COSO Cube

Answer 1

Compliance
Reporting
Efficient Operations

Question 2

5 Components of COSO Cube

Answer 2

Control Environment
Risk Assessment
Control Activities
Information/Technology
Monitoring

Question 3

5 Components of COSO ERM

Answer 3

Governance
Strategy/Objective Setting
Performance
Review/Revision
Info/Communication Reporting

Question 4

Board Oversight
Make Operating Structures
Define Desired Culture
Demonstrate Core Values
Attract/Retain Capable Individuals

Answer 4

Governance

Question 5

Analyze Business Context
Define Risk Appetite
Evaluate Alternative Strategies
Form Business Objectives

Answer 5

Strategy/Objective Setting

Question 6

Identify Risk
Assess Risk Severity
Prioritize Risks
Implement Risk Responses
Develop Portfolio View

Answer 6

Performance

Question 7

Assess Change
Review Risk and Performance
Pursue Improving ERM

Answer 7

Review/Revision

Question 8

Leverage Info/Tech
Communicate Risk Info
Report on Risk Culture/Performance

Answer 8

Info/communication reporting

Question 9

Tone at Top
BOD
Management
Competence
Accountability

Answer 9

Control Environment

Question 10

Objectives
Assessment
Fraud
Change Management

Answer 10

Risk Assessment

Question 11

Risk Reduction
Technology
Policies

Answer 11

Control Activities

Question 12

Quality
Internal
External

Answer 12

Information/Communication

Question 13

Ongoing and Periodic

Address Deficiencies

Answer 13

Monitoring

Question 14

assessing aspects of risk to determine which risks are most and least important

Answer 14

Performance

Question 15

systematic analysis of the political, economic, social, technological, legal, and environmental conditions
PESTLE

Answer 15

Strategy/Objective Setting

Question 16

reporting on the organization’s risk, culture, and performance (Whistle blower hotline)

Answer 16

Information/Communication/Reporting

Question 17

meetings with its investors, management, and employees to help identify its risk culture

Answer 17

Governance

Question 18

company recently issued a report on its investment philosophy and risk management culture

Answer 18

Information/Communication/Reporting

Question 19

Development of Strategy

Answer 19

Risk Appetite

Question 20

Implementation of Strategy

Answer 20

Tolerance

Question 21

They help an entity create and maintain reliable data

Answer 21

Process and Controls

Question 22

determine which data is collected and how it is stored, arranged, integrated

Answer 22

Data Management Architecture

Question 23

management’s philosophy and operating style

Answer 23

Control Environment

Question 24

process of identifying, analyzing, and managing the risks involved in achieving the organization’s objectives

Answer 24

Risk Assessment

Question 25

ongoing activities and separate evaluations

Answer 25

Monitoring

Question 26

routine controls over business processes and transactions

Answer 26

Control Activities

Question 27

policies and procedures that ensure that management’s directives are carried out

Answer 27

Control Activities

Question 28

general control rather than a transaction control activity
.Technology development policies and procedures.
.Reconciliations.
.Physical controls over assets.
.Controls over standing data.

Answer 28

Technology development policies and procedures

Question 29

the goal of proper measurement of transactions

Answer 29

Information and communication

Question 30

addresses the need to respond in an organized manner to significant changes resulting from international exposure, acquisitions, or executive transitions

Answer 30

Risk Assessment

Question 31

organizational objectives primarily relate to which fundamental component

Answer 31

Risk Assessment (help define risk)

Question 32

types of control plans is particular to a specific process or subsystem, rather than related to the timing of its occurrence

Answer 32

Application

Question 33

organization’s security awareness manual would be an example of which of the following types of controls

Answer 33

Preventive