Fraud Risk Management Quiz Notes

Question 1

List the five fraud risk management principles in order (1-5)?

Answer 1

1. Establishing fraud risk management program (Control Environment)
2. Perform a comprehensive fraud risk assessment (risk assessment)
3. Select, developing, and deploying fraud controls (Control Activities)
4. Establish a communication program to obtain information about potential frauds (information & communication)
5. Select, developing, and deploying evaluation and monitoring processes (monitoring)

Question 2

What are some things that mitigates management override of controls?

Answer 2

1. Effective internal auditor function
2. Corporate culture with integrity & ethical values
3. Effective & anonymous whistleblower program

Question 3

What are some things that constitute corruption & illegal acts?

Answer 3

Bribes & kickbacks

Question 4

What are the four categories of fraud risk and provide an explanation for each?

Answer 4

1. Reporting fraud: financial - Intentional misstatement of accounting information
2. Reporting fraud: non-financial - Manipulating and falsifying non-financial reports
3. Misappropriation of assets - Theft or misuse of tangible/intangible assets
4. Illegal acts & corruption - Bribes, kickbacks, gratuities, etc.

Question 5

When company discourages employees from sharing computer passwords, what fraud management principle is impacted?

Answer 5

Principle #3 (Control Activities). This relates to a specific fraud risk control.

Question 6

When a company uses a fraud risk heat map for fraud risk assessment, which principle is impacted?

Answer 6

Principle #2 (Risk Assessment)

Question 7

When employees report suspected improprieties, which principle is impacted?

Answer 7

Principle #4 (Information & Communication)

Question 8

When present with a question where you need to determine the appropriate fraud risk principle, what is the best thing to think of when solving these?

Answer 8

Think of five COSO internal control principles because each of these is related to one of the fraud management principles.

Question 9

What are the five steps in a data analytics plan in order & provide an brief explanation for each?

Answer 9

1. Analytics Design - Assess fraud risk, map risks to data sources, create work plan (determining the risk)
2. Data Collection - Map data to planned analytics test (screen & validate data)
3. Data organization & calculation - Execute work plan, adapt analytics to available data. Text mining & statistical analysis.
4. Data Analysis - Evaluate analytics results. Implement scoring models to prioritize risks. Adapt & tune model to improve relevance of results
5. Findings, observations, and remediation - Request supporting documentation, determining triage/escalation procedures.