Fraud Risk Management Flashcards
Which of the following types of customer due diligence (CDD) procedures should an organization engage in when determining whether to conduct business with a higher-risk customer who wants to pay on credit?
A. Standard CDD
B. International CDD
C. Simplified CDD
D. Enhanced CDD
D. Enhanced CDD
An organization’s fraud risk management program should include which of the following components?
A. Whistleblower protection policies
B. A way to disclose conflicts of interest
C. Quality assurance activities
D. All of the above
D. All of the above
A fraud risk management program must include systems specifically designed to monitor, identify, and address breaches in compliance.
A. True
B. False
True
As part of its vendor due diligence procedures, an organization should avoid revealing that it is seeking information about potential vendors prior to starting a relationship with them.
A. True
B. False
False
According to the Committee of Sponsoring Organizations of the Treadway Commission (COSO), _________ is the culture, capabilities, and practices, integrated with strategy-setting and its performance, that organizations rely on to manage risk in creating, preserving, and realizing value.
A. Fraud prevention
B. Internal control
C. Corporate governance
D. Enterprise risk management
D. Enterprise risk management
When a customer presents a higher risk for engaging in illegal activity, which of the following customer due diligence (CDD) activities would be MOST APPROPRIATE for an organization to engage in?
A. Scrutinizing the customer’s method of payment
B. Analyzing the customer’s overall net worth
C. Quantifying the customer’s expected purchasing pattern
D. All of the above
D. All of the above
Fraud risk management programs should focus on activities that:
A. Prevent fraud by proactively identifying, assessing, and addressing fraud risks
B. Respond to identified fraud by investigating the incident and taking remedial action
C. Detect fraud by identifying occurrences as soon as possible after they begin
D. All of the above
D. All of the above
According to the Fraud Risk Management Guide, a joint publication by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and the ACFE, who has responsibility for managing fraud risk?
A. Executive management
B. Personnel at all levels of the organization
C. The board of directors
D. Internal audit
B. Personnel at all levels of the organization
potential customer has little opportunity to commit fraud and therefore presents a minimal risk of engaging in illegal activity?
A. Identifying the customer
B. Analyzing the customer’s net worth
C. Verifying the customer’s identity
D. Contacting the customer’s bank
A. Identifying the customer
Which of the following is one of the eight principles for risk management provided by International Organization for Standardization (ISO) 31000:2018?
A. The risk management program is structured and comprehensive
B. The risk management program facilitates continuous improvement
C. The risk management program is integrated into all organizational activities
D. All of the above
D. All of the above
In defining the objectives of the fraud risk management program, management should express risk appetite in a manner that is appropriate for the organization’s culture and operations.
A. True
B. False
True
As part of an organization’s fraud risk management program, employees at all levels should:
A. Understand how noncompliance might create an opportunity for fraud to occur
B. Cooperate in investigations into suspected or alleged fraud incidents
C. Provide input into the design and implementation of fraud control activities when requested by management
D. All of the above
D. All of the above
Which of the following is NOT one of the components of the Committee of Sponsoring Organizations of the Treadway Commission’s (COSO) Enterprise Risk Management—Integrating with Strategy and Performance?
A. Information, communication, and reporting
B. Risk tolerance
C. Strategy and objective-setting
D. Review and revision
B. Risk tolerance
Before agreeing to do business with a new vendor, it is recommended that an organization’s management inquire about the vendor’s internal audit department and the types of audits the vendor is subject to.
A. True
B. False
True
Management must assign both a quantitative and qualitative measure to its risk appetite so that it can accurately measure the fraud risk management program’s effectiveness.
A. True
B. False
False
Risk management includes which of the following activities involving the risks that threaten an organization?
A. Identification
B. Treatment
C. Monitoring
D. All of the above
D. All of the above