Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CIA Challenge Exam (CPA) > Essentials: Fraud Risks > Flashcards

Essentials: Fraud Risks Flashcards

1
Q

Over the course of a decade, a manager of a lumbering operation has been diverting a small amount of cut timber removed from forest tracts licensed from the state. Each load is slightly under the actual amount, but it is accurately documented and signed for by all parties. The loss in a single accounting period is immaterial, but, over the years, the fraud is significant. Which of the following audit strategies and tools would be most likely to uncover this issue?

  1. Review of accounting policies
  2. Independent confirmation of work orders and load statements
  3. Interviews with truck drivers
  4. Continuous auditing tools and analytics
A

4- Continuous auditing tools and analytics

Rationale
While all of the methods listed can be used, continuous auditing tools and analytics would be the tool most likely to discover this trend. Then other tests could be applied.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

In regard to risk management and/or internal control, the chief audit executive (CAE) is responsible for

  1. designing and monitoring control processes.
  2. overseeing the establishment, administration, and assessment of the system of risk management and control.
  3. communicating an overall judgment of the organization’s enterprise risk management (ERM) process effectiveness to management.
  4. providing oversight of the organization’s risk management and control processes.
A

3- communicating an overall judgment of the organization’s enterprise risk management (ERM) process effectiveness to management.

Rationale
Performance Standard 2120, “Risk Management,” states, “The internal audit activity must evaluate the effectiveness and contribute to the improvement of risk management processes.” The CAE is responsible for communicating an overall judgment of the organization’s ERM process effectiveness to management and the audit committee. Oversight is the board’s responsibility; establishment, administration, and assessment are senior management’s responsibility; and designing and monitoring control processes is operational management’s responsibility.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following control procedures would be effective in preventing frauds in which purchase orders are issued to fictitious vendors?

  1. Requiring that all purchases be made from an authorized vendor list maintained independently of the individual placing the purchase order
  2. Requiring single-use contracts (purchase orders) with all major vendors from whom production components are purchased
  3. Requiring that total purchases from all vendors for a month not exceed the total budgeted purchases for that month
  4. Requiring that a three-way match process occur between the receiving record, the invoice, and the purchase order
A

1- Requiring that all purchases be made from an authorized vendor list maintained independently of the individual placing the purchase order

Rationale
Use of an authorized vendor list would be an effective control. Long-term contracts with major vendors would also be effective so requiring only use of purchase orders would be too restrictive a control. Requiring that purchases from all vendors for a month not exceed the total budgeted purchases for that month would be ineffective, because it controls the total amount of expenditures but not where the purchase orders are placed or whether there is receipt of goods for the items purchased. A three-way match is an important control to detect other types of fraud but a fictitious vendor would not be detected in this way.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

A payroll clerk creates a fictitious employee and files a false time card each week, sending payment automatically to an account in the name of her spouse. What type of fraud is this an example of?

  1. Cash theft
  2. Misuse of assets
  3. Financial statement fraud
  4. Disbursement fraud
A

4- Disbursement fraud

Rationale
This is an example of disbursement fraud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Three factors are consistently present when people commit fraud. Which is the only one that organizations can control directly?

  1. Pressure
  2. Rationalization
  3. Opportunity
  4. Incentive
A

3- Opportunity

Rationale
Management can design internal controls to try to prevent opportunities for fraud and to detect fraudulent activities if they occur.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Besides the definitions of fraud from the Standards and from “Managing the Business Risk of Fraud, A Practical Guide” by The IIA, AICPA, and ACFE, what else do internal auditors need to understand fraud?

  1. Formal training in fraud investigations to develop the necessary expertise
  2. Sufficient knowledge of fraud to declare when fraud is occurring
  3. The legal definition of fraud in relevant jurisdictions
  4. Nothing else is needed; the auditors would be in conformance with the Standards for understanding fraud.
A

3- The legal definition of fraud in relevant jurisdictions

Rationale
In addition to the definitions mentioned in the question, each jurisdiction under which the organization operates may have a specific legal definition of fraud. Internal auditors are not expected to be experts in fraud investigations, nor are they the proper persons to declare when fraud is occurring. Rather, internal auditors should have sufficient knowledge of fraud to identify red flags indicating that fraud may have been committed. Professional fraud investigators would be responsible for declaring the existence of fraud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

In regard to fraud detection, each internal auditor should be competent at which of the following levels as they are defined in The IIA’s International Professional Practices Framework?

  1. Each internal auditor should be sufficiently trained in fraud detection to be able to devise controls to identify and prevent the major types of fraud likely to occur in a given organizational activity.
  2. Each internal auditor is responsible only for knowing The IIA’s definition of fraud and being able to identify the fraud detection experts relied upon by the internal audit activity.
  3. Each internal auditor should be proficient in fraud detection so as to be able to conduct an investigation with a high statistical probability of discovering at least one instance of fraud, if fraud is being perpetrated.
  4. Each internal auditor should have sufficient knowledge of fraud to recognize conditions that indicate the need for further action or a fraud investigation.
A

4- Each internal auditor should have sufficient knowledge of fraud to recognize conditions that indicate the need for further action or a fraud investigation.

Rationale
Each internal auditor is responsible for a sufficient knowledge of fraud to be able to identify the red flags that indicate the presence of fraud and to be able to recommend appropriate next steps for determining the likelihood of fraud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

During the year, a company switches to a new supplier for a service. The accounting clerk continues to submit fraudulent invoices from the old supplier. Because contracting for services and approval of supplier invoices has been delegated to the clerk, it is possible for the clerk to continue billings from the old supplier and deposit the subsequent checks, which the clerk is responsible for mailing, into a new account the clerk has opened in the name of the old supplier. Which of the following audit procedures would most likely lead to the detection of the fraud?

  1. Tracing a sample of receiving documents to invoices and checks disbursed
  2. Tracing a sample of checks disbursed to approved invoices for services
  3. Taking a sample of paid invoices and verifying receipt of services by the departments involved
  4. Performing a bank reconciliation and accounting for all outstanding checks
A

3- Taking a sample of paid invoices and verifying receipt of services by the departments involved

Rationale
Confirming the receipt of services that have been paid for with the departments involved would uncover the fraud. The fraudulent invoices are approved by the clerk, and each check will, therefore, be supported by an approved invoice. Bank reconciliations do not test the validity of the cash payments. The fraudulent payments would not be detected if the test begins with valid receiving reports.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Management of a property and casualty insurance company has two major concerns about the efficiency and effectiveness of the claims-processing activities:

  • Some claims are being paid that should not be paid or are being paid in amounts in excess of the policy.
  • Many claims are not being paid on a timely basis.

In preparing for an audit of the area, the internal auditor decides to perform a preliminary survey to gather more information about the nature of processing and potential problems. After informing management, the auditor is directed to go ahead with a fraud investigation. The auditor has identified the parties most likely to have been involved in the fraud, if indeed one is taking place. The auditor sends each potential participant a personal email indicating the nature of the investigation and urges the individual to come forward and explain the nature of the fraud. The auditor states that this is strictly an audit investigation and legal authorities are not involved. A major problem with this particular communication is

  1. the medium. Personal interviews should have been used instead of email.
  2. the nature of the message. The auditor should have detailed the specific allegations against each employee and allowed them the opportunity to respond. The message, as written, is too general.
  3. the medium. A paper-based document, such as a letter, should have been used instead of email.
  4. the nature of the communication. The auditor should have sent a questionnaire to each employee rather than seeking an open-ended response.
A

1- the medium. Personal interviews should have been used instead of email.

Rationale
The nature of the communication is highly sensitive and personal. A more personal form of communication, such as a direct interview, should have been used to elicit the response from the employees. The auditor is not in a position to detail the allegations against each specific employee.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The Standards require the internal audit activity to assess fraud risks at the ___________________ levels.

  1. system and entity
  2. organizational and engagement
  3. enterprise and operational
  4. business and departmental
A

2- organizational and engagement

Rationale
The Standards require the internal audit activity to assess fraud risks at the organizational and engagement levels. To ensure adequate review of the risks relevant to each engagement, internal auditors should conduct a fraud risk assessment as part of engagement planning. Over time, the knowledge the internal audit activity obtains during individual engagements can be compiled into a more robust and comprehensive organization-wide fraud risk assessment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following best describes the timing for a fraud risk assessment?

  1. Annually
  2. In response to compliance enforcement
  3. In conjunction with a fraud response plan
  4. Ongoing
A

4- Ongoing

Rationale
A fraud risk assessment should be ongoing and dynamic and reflect the organization’s current business conditions. Change is constant and circumstances are not static; the risk assessment does not signal the end of the process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which is an example of something that usually tends to be present in people who have committed fraud?

  1. They believe no real reason is needed for what they did.
  2. They believe that they are still normal people.
  3. They believe that the opportunity they took means that the rules support their act.
  4. They believe that they are bad people and will be less likely to repeat the fraud.
A

2- They believe that they are still normal people.

Rationale
Fraud perpetrators must be able to justify their actions to themselves as a psychological coping mechanism, allowing them to believe they have done nothing wrong and are “normal people.”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An organization’s chief audit executive (CAE) feels that his team lacks the knowledge, skills, or other competencies needed to perform a fraud investigation. Implementation Standard 1210.A1 and Implementation Guide 2050 indicate that the CAE should

  1. outsource the forensic review to a team with the proper industry experience.
  2. refer the matter to the legal department.
  3. contact appropriate government investigative authorities.
  4. train the staff in forensic auditing prior to reviewing the particular case.
A

1- outsource the forensic review to a team with the proper industry experience.

Rationale
Implementation Standard 1210.A1 states that “the chief audit executive must obtain competent advice and assistance if the internal auditors lack the knowledge, skills, or other competencies needed to perform all or part of the engagement.” Implementation Guide 2050 advises the CAE to consider a service provider’s professional certifications, memberships in professional associations, reputation, experience, and familiarity with the organization’s industry or business. In addition, the CAE must ensure the independence and objectivity of the service provider.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What three factors are consistently present when people commit fraud?

  1. Pressure, effective controls, and explanation
  2. Opportunity, due professional care, and justification
  3. Experience, proficiency, and rationalization
  4. Opportunity, motive, and rationalization
A

4- Opportunity, motive, and rationalization

Rationale
Three factors are consistently present when people commit fraud:
* Opportunity, a combination of circumstances or conditions that enable fraud to occur
* Motive, an actual or perceived need that provides a reason for the fraud
* Rationalization, a concocted, convincing, and plausible justification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Internal auditors must have __________ knowledge to evaluate the risk of fraud.

  1. expert
  2. legal
  3. specialist
  4. sufficient
A

4- sufficient

Rationale
While internal auditors must have sufficient knowledge to evaluate the risk of fraud and how it is managed by the organization, they are not expected to have the expertise of a person whose primary responsibility is detecting and investigating fraud (Standard 1210.A2).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

While screening proposals for a contract, a bid solicitor overlooks the fact that a company has no references and minimal related work history and qualifications. The bid solicitor helps the company falsify its documentation in exchange for a cut of the contract. What type of fraud is this an example of?

  1. Fraudulent disbursement
  2. Bribery
  3. Misuse of assets
  4. Cash theft
A

2- Bribery

Rationale
This is an example of bribery, in the form of kickbacks. Money was paid to influence the bid solicitor to make a decision that benefited the bribe payer.

17
Q

An internal audit team is preparing to audit a function in charge of the transfer of completed components and products between divisions in a global organization. No actual transfer of funds occurs, nor is the function involved in the shipping and/or receiving of product. Employee performance is based on responsiveness and productivity. One member asks about the potential for fraud in this area. What would be an appropriate response?

  1. The function is sufficiently removed from the performance of transactions that fraud risk is low.
  2. There is potential for fraud that could benefit the organization.
  3. This question should be referred to the manager of the business function being audited.
  4. An employee could divert product for personal gain.
A

2- There is potential for fraud that could benefit the organization.

Rationale
The process of transfer pricing could allow the values of transferred goods to be misstated in order to lower tax liabilities or to manipulate the financial statements of divisions within the organization.

18
Q

A third-party pension plan consultant working for a large retailer steals a computer. A file on the stolen equipment includes names, dates of birth, addresses, Social Security numbers, salary, and other information for nearly 100,000 current and former employees. This breach involving personal data is an example of what type of fraud?

  1. Cash theft
  2. Corruption
  3. Fraudulent disbursement
  4. Misuse of assets
A

4- Misuse of assets

Rationale
This is an example of misuse or theft of assets (embezzlement). In addition to the computer itself, information is also considered an asset.

19
Q

How does fraud awareness training support fraud prevention?

  1. It reduces opportunities to commit fraud.
  2. It helps develop credible responses to potential risks.
  3. It limits rationalization.
  4. It facilitates the testing of controls.
A

3- It limits rationalization.

Rationale
Rationalization is how an individual justifies fraudulent actions. Human nature is such that most people will not commit fraud unless they can rationalize it to themselves. Fraud awareness training minimizes rationalization by supporting the ethical “tone at the top,” promoting an anti-fraud environment, and sending the message that the organization will not tolerate misconduct of any kind.

20
Q

Internal auditing has reviewed a new acquisition and flagged a few problems with the computer systems that run operations. A new financial controller discovers that the organization is being defrauded and is losing a significant amount of money in the acquired operation due to the flaws in the computer systems. Senior executives blame internal auditing. Which of the following statements applies to fraud detection in this situation?

  1. External auditors have signed off on the accounts, so they are at fault.
  2. Internal auditing has assumed primary responsibility in conducting the review.
  3. Primary responsibility rests with management.
  4. The software manufacturer is to blame, and a lawsuit should be used to recover the funds.
A

3- Primary responsibility rests with management.

Rationale
The primary responsibility for fraud prevention, detection, and investigation rests with management, which also has the responsibility to manage the risk of fraud. Standard 1210.A2 states, “Internal auditors must have sufficient knowledge to evaluate the risk of fraud and the manner in which it is managed by the organization, but are not expected to have the expertise of a person whose primary responsibility is detecting and investigating fraud.” Fraud is an area where the services of outside experts are often retained.

21
Q

Forensic auditors need to have significant knowledge and experience in what area?

  1. Using intuition to fill gaps in suspected perpetrators’ stories
  2. Practices and policies of the business activity being audited
  3. Case law
  4. COSO Internal Control—Integrated Framework
A

2- Practices and policies of the business activity being audited

Rationale
By necessity, forensic auditing requires not only understanding of accounting standards and practices but also familiarity with the practices and policies of the business activity being audited and expertise in investigative techniques and the rules and standards of legal proceedings. Forensic auditors do need to identify gaps in suspected perpetrators’ stories but will follow trails to find the missing information.

22
Q

Which of the following fraudulent entries is most likely to be made to conceal the theft of an asset?

  1. Debit expenses and credit the asset.
  2. Debit another asset account and credit the asset.
  3. Debit the asset and credit another asset account.
  4. Debit revenue and credit the asset.
A

1- Debit expenses and credit the asset.

Rationale
Most fraud perpetrators would attempt to conceal their theft by charging it against an expense account. For an asset or an expense, a debit increases the account and a credit decreases the account. Thus, expenses increase in the records and the asset account decreases in value.

23
Q

When interviewing an individual suspected of a fraud, the interviewer should

  1. ensure that the suspect’s supervisor is present.
  2. ask if the suspect committed the fraud.
  3. pay attention to the wording choices and behaviors of the suspect.
  4. lock the door to ensure that no one will interrupt the interview.
A

3- pay attention to the wording choices and behaviors of the suspect.

Rationale
Some behaviors during interviews may become fraud indicators or signs that the interviewee is lying or withholding information. Examples include restlessness, posture, reluctance to make eye contact, or signs of anxiety. Answers provided by the interviewee may also be fraud indicators, such as inappropriate attitudes (candor or sarcasm), sudden change in attitude about answering questions, or changes in answers given to questions during the interview. Wording choices, such as shifts in the use of pronouns and verbs, may indicate areas of dishonesty or fabrication.

24
Q

An auditor suspects a disbursements fraud whereby an unknown employee is submitting and approving invoices for payment. Before discussing the potential fraud with management, the auditor decides to gather additional evidence. Which of the following procedures would be most helpful in providing the additional evidence?

  1. Taking a sample of invoices received during the past month, examining them to determine if they were properly authorized for payment, and tracing them to underlying documents such as receiving reports
  2. Selecting a sample of payments made during the year and investigating each one for approval
  3. Using audit software to develop a list of vendors with post office box numbers or other unusual features and selecting a sample of those items and tracing them to supporting documents such as receiving reports
  4. Selecting a sample of receiving reports representative of the period under investigation, tracing them to approved payments, and noting any items not properly processed
A

3- Using audit software to develop a list of vendors with post office box numbers or other unusual features and selecting a sample of those items and tracing them to supporting documents such as receiving reports

Rationale
The use of audit software would be the most effective procedure, since it would focus on the items that would most likely be fraudulent.

25
Which of the following is true about interviewing an individual during an investigation of suspected fraud? 1. Internal auditors are authorized to waive punishment of the employee if the employee restores the item(s) stolen. 2. Internal auditors should be empowered to confine fraud suspects to the office, but only for the purpose of interviewing them. 3. The internal auditor's role involves collecting facts. 4. The internal auditor's role involves attempting to obtain confessions of guilt.
3- The internal auditor's role involves collecting facts. Rationale Internal auditors mainly gather facts during a fraud investigation. The right to punish or forgive a criminal act is reserved for the state. Confining suspects is considered false imprisonment, and interrogations are the role of an investigator.
26
When investigating potential fraud related to possible collusion between a purchasing employee and a vendor, the fraud investigation team notices that there is no email correspondence between the two parties, even though this is not the case for the purchasing employee's other vendor contacts. What should the team do next? 1. Contact the vendor to request a copy of the emails. 2. Look for a different suspect that did communicate with the vendor. 3. Use computer forensics to attempt to recover deleted emails. 4. Use interviewing techniques to secure a confession in a confrontational manner.
3- Use computer forensics to attempt to recover deleted emails Rationale In this case, the absence of emails where they were expected is a red flag that important emails were deleted. Computer forensic technology and software packages are available to assist in the investigation of fraud, for example, to recover deleted emails. Contacting the vendor may not be the best first choice, especially if the vendor does not yet know about the fraud investigation. Securing a confession is a type of interrogation technique, not an interviewing technique.
27
A receiving department receives copies of purchase orders for use in identifying and recording inventory receipts. The purchase orders list the name of the vendor and the quantities of the materials ordered. A possible error that this system could allow is 1. payment for unauthorized purchases. 2. payment to unauthorized vendors. 3. overpayment for partial deliveries. 4. delay in recording purchases.
3- overpayment for partial deliveries. Rationale The risk of telling the receiving department the quantities ordered is that the receiving department may fail to make an accurate count of the materials received. The receiving department needs to know quantities, but the receiving clerk counting materials received does not.
28
When a forensic auditor suspects fraud and is aware of the potential perpetrator, who might it be best to interview first? 1. Employees from other departments who the potential perpetrator has interacted with 2. The suspected perpetrator's supervisor if not also a suspect 3. The suspected perpetrator 4. Any vendors that the potential perpetrator has interacted with, especially if also suspects
2- The suspected perpetrator's supervisor if not also a suspect Rationale A fraud interview could involve the suspected perpetrator, potential witnesses and victims, those who may have aided the perpetrator, or those who can provide background information about the area, activity, or perpetrator. Forensic auditors must be able to ensure that evidence is not lost, destroyed by the perpetrator, or mishandled in some way so that it will no longer be considered reliable in court. For this reason, interviews often are private, and the interviewer seeks to maintain low visibility, especially to suspected perpetrators. The perpetrator's supervisor is a good place to start to uncover information.
29
An internal auditor uses Benford's Law analysis to search for potential fraud. This probability principle is the cornerstone of 1. trend analysis. 2. numerical analysis. 3. multidimensional analysis. 4. regression analysis.
2- numerical analysis. Rationale Most auditing programs performing numerical analysis are based on Benford's Law, a probability principle using observations about the frequency of occurrence of the leading digit in a series of numbers.
30
What characteristic makes fraud risk unique? 1. Rationalization 2. Proficiency 3. Intent 4. Experience
3- Intent Rationale While many definitions exist, The IIA defines fraud as "any illegal act characterized by deceit, concealment, or violation of trust." This definition captures the characteristic that makes fraud unique among risks: intent. Fraudulent acts involve people who intend to circumvent controls or exploit weaknesses in the organization.
31
Which is an essential skill for a forensic auditor? 1. Ability to persuade others through selective choice of information to withhold 2. Commitment to discussing the principles of accounting without prejudice to the case 3. Awareness of evidence requirements in criminal but not civil cases 4. Ability to track down and recover evidence
4- Ability to track down and recover evidence Rationale A forensic auditor has special skills apart from a knowledge of accounting practices, including understanding evidence requirements in civil and criminal courts, uncovering evidence, and assembling the evidence into a convincing narrative. Withholding key information would not be ethical. Forensic auditors are not impartial.
32
Which of the following procedures would be most helpful in providing additional evidence when an auditor suspects that an unidentified employee is submitting and approving invoices for payment? 1. Select a sample of receiving reports representative of the period under investigation and trace to approved payment. Note any items not properly processed. 2. Review all payments made during the year and investigate each one for approval. 3. Select a sample of invoices paid during the past month and trace them to appropriate vendor accounts. 4. Use generalized audit software to identify invoices with post office box numbers or other unusual features. Select a sample of those invoices and trace to supporting documents such as receiving reports.
4- Use generalized audit software to identify invoices with post office box numbers or other unusual features. Select a sample of those invoices and trace to supporting documents such as receiving reports. Rationale An auditor should consider the potential impact and use of technology, for example, the use of continuous monitoring software or enterprise management systems, which can aid in the detection of fraudulent wire transfers or payments. By comparing flagged transactions with receipts and logs, an auditor would be better placed to identify fraudulent payments.
33
Which is a condition for fraud related to fraud opportunity? 1. Dealing with market expectations that pose threats to the business's financial stability 2. Having performance bonuses tied to contingent compensation systems 3. Facing personal pressure to pay for lifestyle or vices 4. Having valuable near-cash assets
4- Having valuable near-cash assets Rationale Opportunity is the favorable circumstance that allows fraud to occur. Having valuable near-cash assets represents an opportunity and can increase an organization's vulnerability. The other answer choices relate to fraud motive.
34
Analyzing matches between vendor and employee addresses could identify what type of fraud risk? 1. Fictitious vendors 2. Fixed bidding 3. Ghost employees 4. Inflated prices
1- Fictitious vendors. Rationale Per Global Technology Audit Guide 13, "Fraud Prevention and Detection in an Automated World," fictitious vendors could be discovered by running a check to uncover post office boxes used as addresses and to find any matches between vendor and employee addresses and/or phone numbers.
35
What is the distinction between hotline anonymity and confidentiality? 1. The two terms are synonyms. 2. Anonymity provides nondisclosure of the caller's identity, and confidentiality removes reference to gender or other identifying information, even if a name is not provided. 3. Anonymity can be maintained only within the limits allowed by law, while promises of confidentiality must be kept. 4. Anonymity does not disclose the caller's identity, while confidentiality discloses it securely.
4- Anonymity does not disclose the caller's identity, while confidentiality discloses it securely. Rationale Confidentiality and anonymity are mutually exclusive.
36
Which type of fraud involves persons authorized to spend the organization's money and often does not leave a paper trail or require changing the books improperly and so is best uncovered by offering a confidential whistleblower hotline? 1. Misuse or theft of assets 2. Corruption 3. Information misrepresentation 4. Disbursement fraud
2- Corruption Rationale Corruption is the misuse of entrusted power for private gain. It includes bribery and other improper uses of power. It is often an off-book fraud, meaning that there is little financial statement evidence available to prove that the crime has occurred. Corrupt employees do not have to fraudulently change financial statements to cover up their crimes; they simply receive cash payments under the table. In most cases, these crimes are uncovered through tips or complaints from third parties, often via a fraud hotline. Corruption often involves the purchasing function.
37
Which is the best way listed to detect bid rigging? 1. Interview the bid evaluator. 2. Do a market scan for the given good or service. 3. Compare the winning bid to the other bids received. 4. Interview losing bidders.
2- Do a market scan for the given good or service. Rationale Bid rigging involves the collusion of a limited number of bidders in which they all submit high bids. The bid winner may provide subcontracts to the other bidders; the bid evaluator may also be in on the collusion. Doing a market scan can provide a ballpark cost for the type of good or service to see if the winning bid seems appropriate. The other answer choices would fail to reveal whether this practice is occurring. For example, talking to the bid evaluator would be unlikely to reveal the fraud if that person was colluding in it.
38
At what point in the engagement process should the auditor direct attention to fraud risks? 1. During results analysis 2. When creating the annual audit plan 3. During the planning process 4. When conducting on-site interviews and tests
3- During the planning process Rationale The potential for fraud in the specific engagement area should be considered during the planning phase, and assessing related controls should be an engagement objective.
39
If external auditors find that weak controls have contributed to the occurrence of financial fraud in an organization, the maximum extent of the internal audit function's responsibility is best identified by which of the following statements? 1. Failure to develop and implement more effective controls designed to prevent financial fraud 2. Failure to identify the financial fraud when auditing the financial function 3. Failure to prevent the financial fraud from occurring 4. Failure to fully document the evaluation of controls and recommend development of more effective measures to prevent financial fraud
4- Failure to fully document the evaluation of controls and recommend development of more effective measures to prevent financial fraud Rationale The internal audit function is responsible for fully documenting controls and recommending that management address any weaknesses. Internal audit is also responsible for recognizing the indicators of fraud, such as weak internal controls. Management decides what controls to implement and bears responsibility for preventing fraud.

CIA Challenge Exam (CPA) (13 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions