Exam 1 Study Guide

Question 1

COSO

Answer 1

Top:
Operations
Financial Reporting
Compliance
Side:
Monitoring
Information and Communication
Control Activities
Risk Assessment
Control Environment

Question 2

Monitoring

Answer 2

internal auditors

Question 3

information & Communication

Answer 3

ERP system, policies and procedures that tell employees how to act

Question 4

control activities

Answer 4

putting in place activities that prevent fraud

Question 5

risk assessment

Answer 5

Entity Level Objectives - organizational view
Activity Level Objectives - activity view
Risks- make assertions, likelihood, impact
Controls - activities that prevent fraud

Question 6

system

Answer 6

a network of parts that work together to make something

Question 7

information system

Answer 7

converts data into information

Question 8

batch processing

Answer 8

.requires that all similar transactions are grouped together for a specified time, and then this group of transactions is processed as a batch

Question 9

Real Time/OL

Answer 9

the transaction is processed immediately

Question 10

data levels

Answer 10

bit, byte, field, file/tables, relational

Question 11

management information system

Answer 11

provides info that tells how the managers are doing

Question 12

accounting information system

Answer 12

comprises the processes, procedures, and systems that capture accounting data from business processes; record the accounting data in the appropriate records; process the detailed accounting data by classifying, summarizing, and consolidating; and report the summarized accounting data to internal and external users

Question 13

COSO

Answer 13

Committee of Sponsoring Organizations

Question 14

COBIT

Answer 14

.Control Objectives for Information and related Technology

Question 15

ERM

Answer 15

Enterprise risk management, includes methods to manage risk

Question 16

AIS Flow

Answer 16

Source Documents
Journals: special, general
Ledgers: sub, GL
Closing
Reporting

Question 17

Audit Trail

Answer 17

source document, involves numbering of documents and authorization

Question 18

Control Environment

Answer 18

tone of the organization, code of ethics
elements:
integrity and ethical values
Corp governance
Management Philosophy
Org Structure
Assignment of Authority
HR Policy and Practices

Question 19

corporate governance

Answer 19

an elaborate system of checks and balances whereby a company’s leadership is held accountable for building shareholder value and creating confidence in the financial reporting process

Question 20

Audit Commitee

Answer 20

structures: component of the board that is independent of the company, not paid by the organization
roles: hires external/internal auditors and oversees audit activity

Question 21

Code of Ethics

Answer 21

SOX requires that all public companies have a code of ethics stated

Question 22

Whistleblowing

Answer 22

Dodd Frank,

SOX 806: made a way for whistleblowers to tell on their companies

Question 23

Risk Prevention what can we do

Answer 23

Have Stewardship(safeguarding of assets)
Provide fair and transparent and full reporting and disclosure
Design and implement internal controls
Enforce a code of Ethics

Question 24

Types of fraud

Answer 24

misstatement

misappropriation

Question 25

misstatement

Answer 25

manipulation of records

Question 26

collusion

Answer 26

two people working together to commit fraud

Question 27

misappropriation

Answer 27

taking assets

Question 28

fraud triangle

Answer 28

Incentive Opportunity and rationalization

Question 29

categories of fraud

Answer 29

management - override
employee - taking assets
customer - returning stolen goods
vendor - shipping, getting paid more than earned

Question 30

Examples of fraudulent financial reporting

Answer 30

smooth earnings - saving earnings for next quarter
revenues - making it up
omitted disclosures/exp
Window dressing
Pad assets
Off balance sheet

Question 31

examples of why people commit fraud

Answer 31

company man
promotion
bonus
keep bank off back
meet analyst

Question 32

types of employee fraud

Answer 32

take inventory take cash(skimming - before being entered, larceny - after entered), AP manipulation, AR manipulation, payroll fraud, expense account/purchase card

Question 33

customer fraud

Answer 33

credit cards, bad checks, refunds

Question 34

vendor fraud

Answer 34

duplicate invoices, collusion/bribes, push unwanted inventory, bill for goods/services not delivered

Question 35

Internal Computer fraud

Answer 35

improper access, change account info, change financial info

Question 36

External Computer Fraud

Answer 36

hacking, spoofing/phishing

Question 37

Code of Ethics

Answer 37

required by SOX 2002, 
obey laws and regs
honest, fair trustworthy conduct
avoid conflicts of interest
safe work environment
protect external environment
books and records
signed statement

Question 38

internal control objectives

Answer 38

safeguard assets
accurate and fair accounting
operational efficiency
comply with laws/ regs

Question 39

types of controls

Answer 39

preventative
detective
corrective

Question 40

COSO framework

Answer 40

Monitoring 
Info and Comm (AIS)
Control Activities 
Risk Assessment
Control Environment

Question 41

risk can we get rid of it?

Answer 41

we can’t reduce it to zero, but we can mitigate it

Question 42

risk assessment

Answer 42

entity-wide objectives - organization objectives
Activity wide objectives - department objectives
Risks - what is the likelihood and impact
Managing Change - keeping up with changes

Question 43

process

Answer 43

procedures that originate, transfer or change accounting data
ex:
take an order
calculate payroll
apply standard costs
prepare financial statements

Question 44

controls

Answer 44

procedures designed to prevent or detect errors resulting from the processing of accounting information.

Question 45

documentation of processes

Answer 45

internal control

Question 46

data flow diagrams

Answer 46

use symbols to represent processes, etc, represents the logical elements of a system, not the physical system, the entity is a box the process is a N over a process description

Question 47

document flowcharts

Answer 47

illustrate relationship among processes and the documents that flow between them, contains more detail than data flow diagrams, clearly depicts the separation of functions in a system

Question 48

systems flowcharts

Answer 48

represent relationship between key elements input sources, programs, and output products of a computer system, have to know
hard copy symbol: rectangle with piece ripped off the bottom
computer process: complete rectangle
terminal input/output device: rectangle with the top cut off diagonally
direct access storage device - cylinder

Question 49

assertions

Answer 49

revenue - existence
AP - Completeness
Inventory - existence
Inventory - valuation

Question 50

How many members of a board must not be and cannot have been CPA’s

Answer 50

3

Question 51

How many audits must a firm conduct to require annual quality reviews by the PCAOB

Answer 51

100

Question 52

To whom can document and info related to PCAOB investigations and proceedings be made available?

Answer 52

SEC, US Attorney General, and federal agencies

Question 53

Penalties for certifying a misleading or fraudulent financial report?

Answer 53

20 yrs of prison 5M

Question 54

If a foreign accounting firm only audits part of a US company and the primary auditor relies on their work, is the foreign firm subject to registrations with the board?

Answer 54

Yes

Question 55

By whom are the boards findings and sanctions subject to review?

Answer 55

the SEC and any advisory groups convened in connection with standard setting

Question 56

What are the 5 requirements a standard setting body must meet in order for the SEC to recognize its standards as “generally accepted”?

Answer 56

(1) be a private entity;
(2) be governed by a board of trustees (or equivalent body), the majority of whom are not or have not been associated persons with a public accounting firm for the past 2 years;
(3) be funded in a manner similar to the Board;
(4) have adopted procedures to ensure prompt consideration of changes to accounting principles by a majority vote;
(5) consider, when adopting standards, the need to keep them current and the extent to which international convergence of standards is necessary or appropriate.

Question 57

What type of companies may make loans to its directors and executive officers?
Sec 402(a)

Answer 57

Consumer credit companies may make home improvement and consumer credit loans and issue credit cards to its directors and executive officers if it is done in the ordinary course of business on the same terms and conditions made to the general public.

Question 58

How long do a director, officer, and 10% owner have to report transactions involving management and principal stockholders?

Answer 58

by the end of the second business day on which the transaction occured

Question 59

When may the pre-approval requirement be waived for non-audit services?
Sec 201

Answer 59

The pre-approval requirement is waived with respect to the provision of non-audit services for an issuer if the aggregate amount of all such non-audit services provided to the issuer constitutes less than 5 % of the total amount of revenues paid by the issuer to its auditor (calculated on the basis of revenues paid by the issuer during the fiscal year when the non-audit services are performed), such services were not recognized by the issuer at the time of the engagement to be non-audit services; and such services are promptly brought to the attention of the audit committee and approved prior to completion of the audit.

Question 60

payroll process

Answer 60

separate authorization, recording, and process
initiation - hiring an employee
authorization - something that starts this
processing
recording
custody - giving power to individuals, custody of assets, ex: power to get assets
review/recon
duty

Question 61

control activities

Answer 61

authorization(preventative)
documentary controls(audit trail)
safeguarding of assets
reconciliation and review of analysis

Question 62

revenue

Answer 62

existence assertion
risks
significance, likelihood
follow the cycle to see the document trail
cycle 
assertion
risk

Question 63

Management Assessment of Internal Controls.

Answer 63

Requires each annual report of an issuer to contain an “internal control report”, which shall:
(1) state the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting; and
(2) contain an assessment, as of the end of the issuer’s fiscal year, of the effectiveness of the internal control structure and procedures of the issuer for financial reporting.
Each issuer’s auditor shall attest to, and report on, the assessment made by the management of the issuer. An attestation made under this section shall be in accordance with standards for attestation engagements issued or adopted by the Board. An attestation engagement shall not be the subject of a separate engagement.
The language in the report of the Committee which accompanies the bill to explain the legislative intent states, “—the Committee does not intend that the auditor’s evaluation be the subject of a separate engagement or the basis for increased charges or fees.
Directs the SEC to require each issuer to disclose whether it has adopted a code of ethics for its senior financial officers and the contents of that code.
Directs the SEC to revise its regulations concerning prompt disclosure on Form 8-K to require immediate disclosure “of any change in, or waiver of,” an issuer’s code of ethics.

Question 64

Corporate Responsibility for Financial Reports.

Answer 64

The CEO and CFO of each issuer shall prepare a statement to accompany the audit report to certify the “appropriateness of the financial statements and disclosures contained in the periodic report, and that those financial statements and disclosures fairly present, in all material respects, the operations and financial condition of the issuer.” A violation of this section must be knowing and intentional to give rise to liability.

Question 65

Corporate Responsibility for Financial Reports

Answer 65

criminal penalties for certifying a misleading or fraudulent financial report. Under SOX 906, penalties can be upwards of $5 million in fines and 20 years in prison.

Question 66

felony to knowingly

Answer 66

destroy financial documents

Question 67

whistle blowers

Answer 67

are protected and they can go to an organization and let them know about the fraud