Internal Control Framework

Question 1

What are the 5 components of internal control?

Answer 1

Control Environment
Risk Assessment
Information and Communication
Monitoring
(Existing) Control Activities
Think CRIME

Question 2

Committee of Sponsoring Organizations (COSO) is a private organization that was established to:

Answer 2

Study factors that lead to fraud

Question 3

What is one way to apply the organizational structure principle?

Answer 3

Maintaining reporting independence of the internal auditor

Question 4

“Tone at the top” helps a company establish:

Answer 4

Compliance, Accountability, and Communication

Question 5

Code of conduct that communicates the “tone at the top” to employees will not allow:

Answer 5

Exceptions to ethical behavior or the law in the name of competition

Question 6

What kind of responsibility do Board of directors have to act on behalf of and in the best interest of the corporation?

Answer 6

Fiduciary

Question 7

What would be an example of a company developing ethical values and ensuring that those values are understood and taken seriously?

Answer 7

A compliance program that includes both ethics training and a hotline for anonymous reporting

Question 8

In the Internal Control Framework, which principle and which component are baseline expectations included in?

Answer 8

Accountability principle within the Control environment

Question 9

Internal controls should ALWAYS be monitored for the purpose of:

Answer 9

Addressing changes to risks

Question 10

Risk assessment component includes principles such as:

Answer 10

Financial reporting objectives, risks and fraud risk

Question 11

On the COSO cube, what is shown on the 3rd dimension?

Answer 11

Organizational Structure (entity level, division, operating unit, function)

Question 12

What is residual risk?

Answer 12

The risk that an organization incurs AFTER management takes action to mitigate the impact of an event

Question 13

The Committee on Sponsoring Organizations prepared the Internal Control Integrate Framework to

Answer 13

Help businesses assess internal control

Question 14

Name 3 categories of deficiencies used by auditors when evaluating internal controls

Answer 14

1. Material weaknesses
2. Control deficiencies
3. Significant deficiencies

Question 15

What is the objective of monitoring?

Answer 15

Assess the design and operation of internal controls on a timely basis and to take any necessary corrective actions

Question 16

Give an example of an issue that would lead to a great concern regarding the effectiveness of an entity’s internal control

Answer 16

Errors from control failures that were NOT detected timely by the routine monitoring procedures

Because having routine monitoring procedures in place is important, but errors from control failures not detected in a timely manner by these procedures is problematic

Question 17

Name 3 principles of the Control Environment

Answer 17

Board independence and oversight
Organizational structure
Accountability

Question 18

What are the 3 primary factors that lead to fraud in the workplace?

Answer 18

Pressure/motivation
Opportunity
Rationalization

Question 19

What kind of approach is the Integrated Framework built on and what does this allow managers to do?

Answer 19

Principles-based. It allows management to use judgement and flexibility in applying internal controls