SU 6 - Fraud Risks Flashcards
1
Q
Any illegal acts characterized by deceit, concealment, or violation of trust.
A
Fraud
2
Q
A term used to refer to indicators of fraud; signs that indicate both the inadequacy of controls in place to deter fraud and the possibility that some perpetrator has already overcome these weak or absent controls to commit fraud.
A
Red Flags
3
Q
The application of auditing skills to gather evidence that may be used in a court of law for a criminal or civil matter.
A
Forensic Auditing
4
Q
The offering, giving, receiving, or soliciting of anything of value to influence an outcome.
A
Bribery
5
Q
A term used to refer to individuals who report fraud and abuse.
A
Whistleblowers
6
Q
The misuse of entrusted power for private gain.
A
Corruption
7
Q
The practice of inflating sales figures by forcing more products through a distribution channel than the channel can actually sell.
A
Channel loading
8
Q
The probability that fraud will occur and the potential severity or consequences to the organization when it occurs.
A
Fraud Risks
9
Q
A set of three conditions that, if present in the right proportions, suggest the possibility of fraud: opportunity, motive, and rationalization.
A
Fraud Triangle
10
Q
Theft of a material amount of an organization’s assets.
A
Misappropriation of assets
11
Q
While reviewing an engagement team’s forensic workpapers, the chief audit executive determined that too much time was being spent reviewing outliers. The use of which techniques is most likely to address this problem.
a) Topic modeling and linguistic analysis.
b) Statistical analysis and machine learning.
c) Data visualization dashboards.
d) Pattern and link analysis.
A
b) Statistical analysis and machine learning.
Rationale
Statistical analysis and machine learning increases the confidence that items identified as outliers warrant additional review, thus limiting the number of false positives and increasing the efficiency of the review process. Pattern and link analysis is a data visualization technique that exposes hidden relationships between data sources. Topic modeling and linguistic analysis help the investigative team to understand what information may have been compromised or the corrupt intent of certain business activities. Data visualization dashboards identify trends and outliers but do not provide information about whether outliers warrant additional review.
12
Q
An organization’s chief audit executive (CAE) feels that his team lacks the knowledge, skills, or other competencies needed to perform a fraud investigation. Implementation Standard 1210.A1 and Implementation Guide 2050 indicate that the CAE should
a) contact appropriate government investigative authorities.
b) outsource the forensic review to a team with the proper industry experience.
c) train the staff in forensic auditing prior to reviewing the particular case.
d) refer the matter to the legal department.
A
b) outsource the forensic review to a team with the proper industry experience.
Rationale
Implementation Standard 1210.A1 states that “the chief audit executive must obtain competent advice and assistance if the internal auditors lack the knowledge, skills, or other competencies needed to perform all or part of the engagement.” Implementation Guide 2050 advises the CAE to consider a service provider’s professional certifications, memberships in professional associations, reputation, experience, and familiarity with the organization’s industry or business. In addition, the CAE must ensure the independence and objectivity of the service provider.
13
Q
A chief audit executive (CAE) uncovers significant fraudulent activity that clearly involves the executive vice president to whom the CAE reports. Which of the following best describes how the CAE should proceed?
a) Carry out an examination for the purpose of determining the extent of the fraud.
b) Report the facts to the chief executive officer and the audit committee of the board of directors.
c) Interview the executive vice president to obtain essential evidence.
d) Notify regulatory authorities and the police.
A
b) Report the facts to the chief executive officer and the audit committee of the board of directors.
Rationale
This is a management decision and a management responsibility. Upon the discovery of fraud, the CAE should inform executive management and the audit committee.
14
Q
Besides the definitions of fraud from the Standards and from “Managing the Business Risk of Fraud, A Practical Guide” by The IIA, AICPA, and ACFE, what else do internal auditors need to understand fraud?
a) Formal training in fraud investigations to develop the necessary expertise
b) Sufficient knowledge of fraud to declare when fraud is occurring
c) The legal definition of fraud in relevant jurisdictions
d) Nothing else is needed; the auditors would be in conformance with the Standards for understanding fraud.
A
c) The legal definition of fraud in relevant jurisdictions
Rationale
In addition to the definitions mentioned in the question, each jurisdiction under which the organization operates may have a specific legal definition of fraud. Internal auditors are not expected to be experts in fraud investigations, nor are they the proper persons to declare when fraud is occurring. Rather, internal auditors should have sufficient knowledge of fraud to identify red flags indicating that fraud may have been committed. Professional fraud investigators would be responsible for declaring the existence of fraud.
15
Q
Which of the following control procedures would be effective in preventing frauds in which purchase orders are issued to fictitious vendors?
a) Requiring single-use contracts (purchase orders) with all major vendors from whom production components are purchased
b) Requiring that a three-way match process occur between the receiving record, the invoice, and the purchase order
c) Requiring that total purchases from all vendors for a month not exceed the total budgeted purchases for that month
d) Requiring that all purchases be made from an authorized vendor list maintained independently of the individual placing the purchase order
A
d) Requiring that all purchases be made from an authorized vendor list maintained independently of the individual placing the purchase order
Rationale
Use of an authorized vendor list would be an effective control. Long-term contracts with major vendors would also be effective so requiring only use of purchase orders would be too restrictive a control. Requiring that purchases from all vendors for a month not exceed the total budgeted purchases for that month would be ineffective, because it controls the total amount of expenditures but not where the purchase orders are placed or whether there is receipt of goods for the items purchased. A three-way match is an important control to detect other types of fraud but a fictitious vendor would not be detected in this way.
16
Q
Analyzing matches between vendor and employee addresses could identify what type of fraud risk?
a) Fixed bidding
b) Inflated prices
c) Ghost employees
d) Fictitious vendors
A
d) Fictitious vendors
Rationale
Per Global Technology Audit Guide 13, “Fraud Prevention and Detection in an Automated World,” fictitious vendors could be discovered by running a check to uncover post office boxes used as addresses and to find any matches between vendor and employee addresses and/or phone numbers.
17
Q
What three factors are consistently present when people commit fraud?
a) Opportunity, motive, and rationalization
b) Opportunity, due professional care, and justification
c) Experience, proficiency, and rationalization
d) Pressure, effective controls, and explanation
A
a) Opportunity, motive, and rationalization
Rationale
Three factors are consistently present when people commit fraud:
- Opportunity, a combination of circumstances or conditions that enable fraud to occur
- Motive, an actual or perceived need that provides a reason for the fraud
- Rationalization, a concocted, convincing, and plausible justification
18
Q
An IT fraud risk assessment usually includes which of the following activities?
a) Identifying potential IT fraud schemes and prioritizing them based on likelihood and impact
b) Remediation of gaps identified in IT general controls
c) Performing an inventory of all IT systems
d) Establishing user access controls for IT applications
A
a) Identifying potential IT fraud schemes and prioritizing them based on likelihood and impact
Rationale
An IT fraud risk assessment usually includes:
- Identifying relevant IT fraud risk factors.
- Identifying potential IT fraud schemes and prioritizing them based on likelihood and impact.
- Mapping existing controls to potential fraud schemes and identifying gaps.
- Testing operating effectiveness of fraud prevention and detection controls.
- Assessing the likelihood and business impact of a control failure and/or a fraud incident.
19
Q
Which is an internal auditing responsibility related to the deterrence of fraud?
a) Internal auditors should determine whether communication channels provide management with adequate and reliable information on the effectiveness of the control system and the occurrence of unusual transactions.
b) The primary means of deterring fraud is through an effective control system designed, but never managed, by internal auditors.
c) Internal auditors should recommend a culture of loyalty to top management so that employees are more likely to report fraud that harms the organization.
d) Internal auditors are responsible for initiating an affirmation or certification process to confirm that employees have read and understand the corporate policies and are in compliance with them.
A
a) Internal auditors should determine whether communication channels provide management with adequate and reliable information on the effectiveness of the control system and the occurrence of unusual transactions.
Rationale
Internal auditing responsibilities related to monitoring include assessing whether deficiencies in the fraud risk management program are communicated effectively and to the appropriate parties, including senior management and the board.
20
Q
Which most accurately describes the “fraud triangle”?
a) Incentive (motivation to for committing fraud); Opportunity (a control weakness or gap that makes fraud possible); Rationalization (justification for committing fraud).
b) Opportunity (weakness or gap that makes fraud possible); Rationalization (justification for committing fraud); Methodology (misappropriation of assets or financial misstatements).
c) Methodology (misappropriation of assets or financial misstatements); Opportunity (weakness or gap that makes fraud possible); Incentive (motivation to for committing fraud); Opportunity (weakness or gap that makes fraud possible).
d) Rationalization (justification for committing fraud); Methodology (misappropriation of assets or financial misstatements); Incentive (motivation to for committing fraud).
A
a) Incentive (motivation to for committing fraud); Opportunity (a control weakness or gap that makes fraud possible); Rationalization (justification for committing fraud).
Rationale
The “fraud triangle” describes the convergence of three factors: Pressure/Incentive (the motivation for committing fraud); Opportunity (a control weakness or other gap that makes it possible to commit fraud); and Rationalization (How an individual or group justifies their fraudulent activities.)
What method the fraudster used (whether the fraudster misappropriated assets or made financial statement misstatements) is not part of the fraud triangle.
21
Q
In regard to fraud detection, each internal auditor should be competent at which of the following levels as they are defined in The IIA’s International Professional Practices Framework?
a) Each internal auditor is responsible only for knowing The IIA’s definition of fraud and being able to identify the fraud detection experts relied upon by the internal audit activity.
b) Each internal auditor should be sufficiently trained in fraud detection to be able to devise controls to identify and prevent the major types of fraud likely to occur in a given organizational activity.
c) Each internal auditor should be proficient in fraud detection so as to be able to conduct an investigation with a high statistical probability of discovering at least one instance of fraud, if fraud is being perpetrated.
d) Each internal auditor should have sufficient knowledge of fraud to recognize conditions that indicate the need for further action or a fraud investigation.
A
d) Each internal auditor should have sufficient knowledge of fraud to recognize conditions that indicate the need for further action or a fraud investigation.
Rationale
Each internal auditor is responsible for a sufficient knowledge of fraud to be able to identify the red flags that indicate the presence of fraud and to be able to recommend appropriate next steps for determining the likelihood of fraud.
22
Q
Which is the best way listed to detect bid rigging?
a) Interview losing bidders.
b) Compare the winning bid to the other bids received.
c) Do a market scan for the given good or service.
d) Interview the bid evaluator.
A
c) Do a market scan for the given good or service.
Rationale
Bid rigging involves the collusion of a limited number of bidders in which they all submit high bids. The bid winner may provide subcontracts to the other bidders; the bid evaluator may also be in on the collusion.
Doing a market scan can provide a ballpark cost for the type of good or service to see if the winning bid seems appropriate.
The other answer choices would fail to reveal whether this practice is occurring. For example, talking to the bid evaluator would be unlikely to reveal the fraud if that person was colluding in it.
23
Q
Which example of fraud is most likely to injure the organization?
a) Intentionally misapplying accounting principles
b) Invoices received for catering services not actually provided
c) Biasing assumptions used to estimate account balances
d) Fictitious journal entries intended to manipulate operating results
A
b) Invoices received for catering services not actually provided
Rationale
Fraud perpetrated to the detriment of the organization is conducted generally for the direct or indirect benefit of an employee, outside individual, or another organization.
The other examples are all more likely to be fraud designed to benefit the organization, such as by exploiting an unfair or dishonest advantage that also may deceive an outside party. The three incorrect answer choices are common examples of manipulating financial statements to deceive investors and lenders into believing that the company is more solvent or more profitable than it actually is.
24
Q
e Standards require the internal audit activity to assess fraud risks at the ___________________ levels.
a) system and entity
b) business and departmental
c) enterprise and operational
d) organizational and engagement
A
d) organizational and engagement
Rationale
The Standards require the internal audit activity to assess fraud risks at the organizational and engagement levels. To ensure adequate review of the risks relevant to each engagement, internal auditors should conduct a fraud risk assessment as part of engagement planning. Over time, the knowledge the internal audit activity obtains during individual engagements can be compiled into a more robust and comprehensive organization-wide fraud risk assessment.
25
Internal auditors must have __________ knowledge to evaluate the risk of fraud.
a) specialist
b) expert
c) sufficient
d) legal
c) sufficient
Rationale
While internal auditors must have sufficient knowledge to evaluate the risk of fraud and how it is managed by the organization, they are not expected to have the expertise of a person whose primary responsibility is detecting and investigating fraud (Standard 1210.A2).
26
Which would most likely be considered a red flag?
a) An individual who has been in a cash-handling job for an extended period always takes a long vacation in February.
b) The organization has a third-party-operated whistleblower hotline in place, but no one has ever used it.
c) Managers never override controls, even if this sometimes harms profitability.
d) Just after management resolves one crisis, the next always seems to pop up.
d) Just after management resolves one crisis, the next always seems to pop up.
Rationale
An atmosphere of constant crisis can create the opportunity for fraud.
While a red flag for fraud is employees who never take vacations, the situation of an employee taking a vacation at the same time each year would not necessarily be a red flag, since the vacation period reduces the opportunity for fraud. The person taking over temporarily would create a window to observe how the operation occurs when the other person is not present. (An exception could be if the operation were shut down during that period or some other situation-specific event, but this isn't mentioned in the question.)
The fact that no one has used a whistleblower hotline is not a red flag in itself.
Managers frequently overriding controls—not avoiding doing so—is a red flag.
27
When communicating fraud audit outcomes, the internal auditor should
a) provide an opinion regarding the culpability of the fraud suspect.
b) provide an opinion on how management should discipline the perpetrators.
c) conduct fraud training with staff in the same position as the perpetrator to indicate how the person was detected.
d) cite relevant laws and regulations that may be applicable to the case at hand.
d) cite relevant laws and regulations that may be applicable to the case at hand.
Rationale
The communication should be written in a systematic and organized manner to enhance clarity and comprehension. It is inappropriate to interject any personal opinions or speculation. The determination of culpability is a function of the legal system and typically outside the scope of the internal auditor.
28
How does fraud awareness training support fraud prevention?
a) It limits rationalization.
b) It reduces opportunities to commit fraud.
c) It helps develop credible responses to potential risks.
d) It facilitates the testing of controls.
a) It limits rationalization.
Rationale
Rationalization is how an individual justifies fraudulent actions. Human nature is such that most people will not commit fraud unless they can rationalize it to themselves. Fraud awareness training minimizes rationalization by supporting the ethical "tone at the top," promoting an anti-fraud environment, and sending the message that the organization will not tolerate misconduct of any kind.
29
Which of the following statements correctly characterizes red flags?
a) Many red flags are subjective in nature, but they still should come to the auditor's attention during the course of an audit if it is properly planned and conducted in accordance with the Standards.
b) Red flags are items or actions that are almost always associated with fraudulent conduct.
c) Training all personnel in the organization's ethical code tends to reduce red flags but not actual instances of fraud.
d) The auditor should document all red flags that may have been noted in an audit engagement even if the chief audit executive determines that no fraud investigation is warranted.
d) The auditor should document all red flags that may have been noted in an audit engagement even if the chief audit executive determines that no fraud investigation is warranted.
Rationale
The auditor should document all red flags that may have been noted in an audit engagement even if the chief audit executive determines that no fraud investigation is warranted. This will show that the auditor is fully disclosing all information gathered, and such information may become relevant on a future audit if the patterns continue or get worse. However, many red flags are personal in nature and would not necessarily come to the attention of the auditor. These would include items such as the excessive living style of a manager or excessive gambling.
30
Management of a property and casualty insurance company has two major concerns about the efficiency and effectiveness of the claims-processing activities:
- Some claims are being paid that should not be paid or are being paid in amounts in excess of the policy.
- Many claims are not being paid on a timely basis.
In preparing for an audit of the area, the internal auditor decides to perform a preliminary survey to gather more information about the nature of processing and potential problems. After informing management, the auditor is directed to go ahead with a fraud investigation. The auditor has identified the parties most likely to have been involved in the fraud, if indeed one is taking place. The auditor sends each potential participant a personal email indicating the nature of the investigation and urges the individual to come forward and explain the nature of the fraud. The auditor states that this is strictly an audit investigation and legal authorities are not involved. A major problem with this particular communication is
a) the medium. Personal interviews should have been used instead of email.
b) the nature of the message. The auditor should have detailed the specific allegations against each employee and allowed them the opportunity to respond. The message, as written, is too general.
c) the nature of the communication. The auditor should have sent a questionnaire to each employee rather than seeking an open-ended response.
d) the medium. A paper-based document, such as a letter, should have been used instead of email.
a) the medium. Personal interviews should have been used instead of email.
Rationale
The nature of the communication is highly sensitive and personal. A more personal form of communication, such as a direct interview, should have been used to elicit the response from the employees.
The auditor is not in a position to detail the allegations against each specific employee.
31
Which of the following might alert an auditor to the possibility of fraud in a division?
a) The division is not scheduled for an external audit this year.
b) The organization's share prices were on the rise but now are falling.
c) A significant portion of management's compensation is directly tied to the division's reported net income.
d) Sales have increased by 10%.
c) A significant portion of management's compensation is directly tied to the division's reported net income.
Rationale
One of the most common red flags identified in the literature is a significant portion of management's compensation being directly tied to the division's reported net income.
32
Which of the following fraud risk factors is generally higher in a computer environment?
a) Motivation of executive management
b) Possibility of large dollar amounts being involved
c) Number of persons with access to systems and assets
d) Degree of competence of operating personnel
b) Possibility of large dollar amounts being involved
Rationale
The dollar amounts of frauds perpetrated in computer environments have usually been very large when compared with frauds that do not involve computers.
33
What is defined as the offering, giving, receiving, or soliciting of anything of value to influence an outcome?
a) Embezzlement
b) Bribery
c) Corruption
d) Fraud
b) Bribery
Rationale
As described in the Practice Guide "Internal Auditing and Fraud," bribery is the offering, giving, receiving, or soliciting of anything of value to influence an outcome.
34
An auditor uncovers a plan to overstate inventory and thereby increase reported profits for a division. The auditor has substantial evidence that the divisional manager was aware of and approved this plan. There is also some evidence that the manager may have been responsible for the plan's implementation. The auditor should
a) continue to conduct interviews with subordinates until a definite case is made and then report the case to the audit committee.
b) inform the divisional manager of his or her suspicions and obtain the manager's explanation of the findings before pursuing the matter further.
c) inform senior management and the audit committee of the findings and discuss possible further investigation.
d) document the case thoroughly and report the suspicions to the external auditor for further review.
c) inform senior management and the audit committee of the findings and discuss possible further investigation.
Rationale
In the normal course of audit work, internal auditors have a responsibility to exercise due professional care as specifically defined in Standard 1220 with respect to fraud detection. An internal auditor is responsible for notifying the appropriate authorities within the organization if a determination is made that fraud has occurred and to recommend an investigation.
35
Engagement findings revealed that an organization did not have an existing fraud risk management process. The chief audit executive recommended that the organization develop such a process. Which order of tasks to develop a fraud risk management process is most likely to be recommended by the chief audit executive?
a) Perform a comprehensive fraud risk assessment; establish a fraud risk management policy; select, develop, and deploy preventative and detective fraud control activities; establish a fraud reporting process and coordinated approach to investigative action; monitor the fraud risk management process, report results, and improve the process.
b) Perform a comprehensive fraud risk assessment; select, develop, and deploy preventative and detective fraud control activities; establish a fraud risk management policy; establish a fraud reporting process and coordinated approach to investigative action; monitor the fraud risk management process, report results, and improve the process.
c) Establish a fraud risk management policy; select, develop, and deploy preventative and detective fraud control activities; perform a comprehensive fraud risk assessment; establish a fraud reporting process and coordinated approach to investigative action; monitor the fraud risk management process, report results, and improve the process.
d) Establish a fraud risk management policy; perform a comprehensive fraud risk assessment; select, develop, and deploy preventative and detective fraud control activities; establish a fraud reporting process and coordinated approach to investigative action; monitor the fraud risk management process, report results, and improve the process.
d) Establish a fraud risk management policy; perform a comprehensive fraud risk assessment; select, develop, and deploy preventative and detective fraud control activities; establish a fraud reporting process and coordinated approach to investigative action; monitor the fraud risk management process, report results, and improve the process.
Rationale
According to COSO, the recommended sequential steps are: Establish a fraud risk management policy; perform a comprehensive fraud risk assessment; select, develop, and deploy preventative and detective fraud control activities; establish a fraud reporting process and coordinated approach to investigative action; monitor the fraud risk management process, report results, and improve the process.
36
An essential component of a robust anti-fraud program is
a) posting the whistleblower hotline number in common employee areas.
b) white papers on common fraud schemes.
c) a comprehensive fraud risk assessment.
d) reliance on existing internal controls.
c) a comprehensive fraud risk assessment.
Rationale
Comprehensive fraud risk assessments can enable internal audit to focus anti-fraud efforts on areas where the organization is most vulnerable.
Having a code of conduct, a whistleblower hotline, an internal audit department, surprise audits, fraud awareness training, and related controls and policies are necessary elements of an anti-fraud program. Collectively, they decrease losses from fraud. But they cannot guarantee that an organization will not be a victim of fraud.
37
A transportation business has multinational contracts to carry manufacturing supplies and finished products. The corporation coordinates trucks, railcars, and shipping containers. A warehouse and depot were purchased from a smaller company last year; this facility has never been audited. The employees of the warehouse/depot privately complain that the manager of the facility is difficult to work for. He frequently changes his mind, doesn't communicate fully or clearly, and is generally disorganized. Although he has developed strong relationships with customers and vendors over the years, he has not been able to keep up with modern business models and tools. This, and the fact that his branch has the lowest profitability level in the company, may be why he has been passed over for promotion in the past. Which of the following factors might an internal auditor consider to be a red flag?
a) Recent merger and use of multiple modes of transportation
b) Lack of modern business models and lack of audits
c) Use of multinational contracts rather than simpler type for transportation
d) Branch's weak performance and manager's style and relationships
d) Branch's weak performance and manager's style and relationships
Rationale
The branch's weak performance relative to the rest of the organization is a red flag. Managers who commit fraud may be very poor managers in one or more ways. They may be chronically late with reports, play favorites with employees, and demand loyalty from employees without showing loyalty to them or the company. Some bad managers are simply that—bad managers. Internal auditors, however, should consider these management areas as high risk for fraud and be alert to further red flags. The manager's close relationship with customers and vendors is also problematic.
38
Which statement accurately describes fraud red flags?
a) They are more common in environments with redundant controls.
b) They direct an internal auditor to specific areas to investigate.
c) They are less common in environments when managers override controls, often for ethical reasons.
d) Those related to external vendors are more difficult to detect than those related to employees.
b) They direct an internal auditor to specific areas to investigate.
Rationale
Red flags can direct an internal auditor to areas that warrant further investigation. Fraud red flags may refer to a broad range of warning signs indicating the inadequacy of controls and the possibility that some perpetrator has overcome weak or absent controls. Organizations often establish lists of red flags. These lists indicate potential motives, opportunities, and rationalization for fraud in the particular organization.
39
Which is an example of something that usually tends to be present in people who have committed fraud?
a) They believe that they are bad people and will be less likely to repeat the fraud.
b) They believe that they are still normal people.
c) They believe no real reason is needed for what they did.
d) They believe that the opportunity they took means that the rules support their act.
b) They believe that they are still normal people.
Rationale
Fraud perpetrators must be able to justify their actions to themselves as a psychological coping mechanism, allowing them to believe they have done nothing wrong and are "normal people."
40
The most common motivation for management fraud is the existence of
a) job dissatisfaction.
b) vices such as a gambling habit.
c) financial pressures on the organization.
d) the challenge of committing the perfect crime.
c) financial pressures on the organization.
Rationale
Management fraud benefits organizations rather than individuals, so the existence of financial pressures is the most common motivation. Management perpetrators attempt to make their financial statements appear more attractive because of the financial pressures of restrictive loan covenants, a poor cash position, loss of significant customers, etc.
41
A manager of one of a retailer's several retail outlets is stealing cash from cash sales, recording the sales as accounts receivable, and subsequently writing off the fictitious accounts receivable as bad debts. Which of the following comparisons would be most effective in signaling the possibility of such a fraud?
a) Bad debt expense as a percentage of sales, compared to that of previous years
b) Percentage of past-due accounts receivable, compared to that of previous years
c) Percentage of past-due accounts receivable, compared to that of the other outlets
d) Bad debt expense as a percentage of sales, compared to that of the other outlets
d) Bad debt expense as a percentage of sales, compared to that of the other outlets
Rationale
With fraud possibly occurring at only one of the organization's outlets, this comparison would show a higher bad debt percentage at the outlet where the fraud was occurring.
42
Computer-assisted auditing techniques are beneficial to the audit process because they provide for which of the following?
a) Ease of access to systems and records
b) Ability of auditors to analyze large amounts of data
c) Ability of auditors to deploy software solutions quickly
d) Ease of training for auditors
b) Ability of auditors to analyze large amounts of data
Rationale
Computer-assisted auditing techniques can provide auditors with large amounts of data—current and/or historical— from which evidence of fraud or other control weaknesses can be mined and data analysis models can be built.
Using a variety of parameters, software can help auditors sift through vast amounts of data in a more efficient manner.
Access to systems may exist without audit software, it may not be easy to train new users, and computer-assisted audit techniques aren't necessarily able to propose or develop solutions.
43
A third-party pension plan consultant working for a large retailer steals a computer. A file on the stolen equipment includes names, dates of birth, addresses, Social Security numbers, salary, and other information for nearly 100,000 current and former employees. This breach involving personal data is an example of what type of fraud?
a) Corruption
b) Fraudulent disbursement
c) Misuse of assets
d) Cash theft
c) Misuse of assets
Rationale
This is an example of misuse or theft of assets (embezzlement). In addition to the computer itself, information is also considered an asset.
44
Which of the following is an internal audit control responsibility with respect to fraud prevention, deterrence, and detection?
a) Monitoring the annual disclosure of whether the company uses The IIA's Code of Ethics to cover its chief executive officer and senior financial officers
b) Evaluating the independence of a whistleblower hotline from management and whether the information is addressed in a timely fashion
c) Supporting audit committee oversight in ensuring that the board has implemented an effective system of internal controls
d) Acquiring or training internal auditors in fraud auditing to enable rapid fraud detection and/or investigation
b) Evaluating the independence of a whistleblower hotline from management and whether the information is addressed in a timely fashion
Rationale
An internal auditing responsibility is to assess the operating effectiveness of information and communication systems and practices, such as the independence of a whistleblower hotline (e.g., a third-party service) from management and whether the information is addressed in a timely fashion.
Internal auditors may also evaluate fraud-related training initiatives.
It is management's responsibility to establish and maintain an effective control system.
45
An internal auditor who suspects fraud should
a) determine that a loss has been incurred.
b) identify the employees who could be implicated in the case.
c) recommend whatever investigation is considered necessary under the circumstances.
d) interview those who have been involved in the control of assets.
c) recommend whatever investigation is considered necessary under the circumstances.
Rationale
Based on the knowledge resulting from the audit, the auditor can recommend appropriate further steps.
The activity of determining the loss is not the best response, as it could alert the perpetrator of the fraud, who could destroy or compromise evidence. Interviewing or determining if any other employees are implicated would be done during the fraud investigation phase and may not be done by the internal auditor.
46
At what point in the engagement process should the auditor direct attention to fraud risks?
a) During the planning process
b) When creating the annual audit plan
c) When conducting on-site interviews and tests
d) During results analysis
a) During the planning process
Rationale
The potential for fraud in the specific engagement area should be considered during the planning phase, and assessing related controls should be an engagement objective.
47
A fraud hotline should
a) be paired with other methods of reporting fraud, such as email.
b) ensure both confidentiality and anonymity.
c) respond to reports only after a preliminary investigation has been made.
d) employ an automated message service to increase confidentiality and lower costs.
a) be paired with other methods of reporting fraud, such as email.
Rationale
Fraud hotlines are the most common method of reporting fraud, but there should also be provisions for reporting by email, letter, and fax. Employees should have as many mechanisms as possible for reporting fraud or abuse.
Confidentiality and anonymity are mutually exclusive; promising anonymity does not disclose the caller's identity, while confidentiality discloses it securely.
Live staffing of the hotline is preferred, and responses should be rapid.
48
An auditor looking for fraudulent financial reporting examines journal entries against the financial statement elements, disaggregated transaction data for revenues, and has a specialist auditor check all accounting estimates. Which of the following would still escape detection after these tests?
a) Management deliberately omits recording an account receivable.
b) Management doubles a customer's regular parts order to inflate sales.
c) Management reduces the value of several less important accounts directly on the financial statements.
d) Management uses specific identification to deliberately reduce the value of remaining inventory.
a) Management deliberately omits recording an account receivable.
Rationale
Fraudulent financial reporting can occur in three ways:
1. through manipulation of the accounting records or supporting documents,
2. through omission of events, information, or transactions, or
3. through intentional misapplication of accounting principles (via altering amounts, estimates, classification, method of presentation, or disclosure).
The tests mentioned would not catch omissions.
49
In the course of an IT consulting engagement, the internal auditor becomes aware that employees are taking home pencils, paper, tape, and other office supplies for private use. There is no stated policy on personal use of the organization's materials and no attempt to hide the materials when they are taken. In fact, the practice seems to be taken for granted. Which of the following is the best action for the internal auditor to take in response to this discovery?
a) Mention the matter to the department head, but don't document it since it isn't related to the audit objective.
b) Report the situation to senior management as an instance of fraud and recommend further investigation.
c) Document the situation for the final report and recommend that management consider adopting a specific policy about personal use of office supplies.
d) Ignore it, since it seems to be, in effect, "business as usual" and the losses are small.
c) Document the situation for the final report and recommend that management consider adopting a specific policy about personal use of office supplies.
Rationale
While one element of The IIA's definition of fraud is deception, and that seems to be missing here, there are at least two fraud indicators in evidence:
- Lack of effective governance guidance on the need to support the organization rather than oneself—specifically in regard to taking home supplies that belong to the organization
- A casual attitude about the organization's property
The auditor needs to report and document the matter, though it isn't directly relevant, and propose ways to improve the fraud controls in the program, audited area, or process. Adopting a specific policy about personal use of office supplies should be considered.
50
A payroll clerk creates a fictitious employee and files a false time card each week, sending payment automatically to an account in the name of her spouse. What type of fraud is this an example of?
a) Misuse of assets
b) Disbursement fraud
c) Financial statement fraud
d) Cash theft
b) Disbursement fraud
Rationale
This is an example of disbursement fraud
51
Which of the following is most likely to be considered an indication of possible fraud?
a) Government audit of the organization's tax returns
b) Rapid turnover of the organization's financial executives
c) Rapid expansion into new markets
d) Replacement of the management team after a hostile takeover
b) Rapid turnover of the organization's financial executives
Rationale
This is considered a red flag that indicates possible fraud.
The other items are not unusual and, in and of themselves, are not indications of possible fraud.
52
Internal auditing has reviewed a new acquisition and flagged a few problems with the computer systems that run operations. A new financial controller discovers that the organization is being defrauded and is losing a significant amount of money in the acquired operation due to the flaws in the computer systems. Senior executives blame internal auditing. Which of the following statements applies to fraud detection in this situation?
a) Primary responsibility rests with management.
b) Internal auditing has assumed primary responsibility in conducting the review.
c) The software manufacturer is to blame, and a lawsuit should be used to recover the funds.
d) External auditors have signed off on the accounts, so they are at fault.
a) Primary responsibility rests with management.
Rationale
The primary responsibility for fraud prevention, detection, and investigation rests with management, which also has the responsibility to manage the risk of fraud.
Standard 1210.A2 states, "Internal auditors must have sufficient knowledge to evaluate the risk of fraud and the manner in which it is managed by the organization, but are not expected to have the expertise of a person whose primary responsibility is detecting and investigating fraud."
Fraud is an area where the services of outside experts are often retained.
53
Which activity would it be appropriate for an internal auditor to perform if he or she detects a possible sign of fraud?
a) Examining work documents such as invoices and databases
b) Interrogating the suspected individual
c) Testifying in court about the evidence collected
d) Encouraging coworkers to apply social pressure such as shunning the suspected individual
a) Examining work documents such as invoices and databases
Rationale
Internal auditors must examine work documents to establish whether there is cause for a fraud investigation.
Part of the information-gathering process may include interviews with the suspected individual and coworkers or managers, but it does not include more specialized skills like interrogation or testifying in a court of law.
54
According to COSO, what should be done during the Fraud Control Activity stage of a comprehensive fraud risk management process?
a) Preplan investigation and corrective action processes.
b) Identify potential fraud events or scenarios.
c) Develop training and communication designed to stop fraud from occurring.
d) Gather information from external regulatory bodies.
c) Develop training and communication designed to stop fraud from occurring.
Rationale
Prevention controls such as training and communication designed to stop fraud from occurring are developed during the Fraud Control Activity stage of the fraud risk management process.
Gathering information from external regulatory bodies and identifying potential fraud events or scenarios takes place during the Fraud Risk Assessment stage.
Preplanning investigation and corrective action processes takes place during the Fraud Investigation and Corrective Action stage.
55
Which of the following conditions is the strongest indicator of possible fraud?
a) An assistant treasurer who refuses to take vacations
b) Independent reconciliations of subsidiary to general ledgers that are not always completed on a timely basis
c) A manager who is often over budget at the end of a reporting period
d) Excess manufacturing waste material
a) An assistant treasurer who refuses to take vacations
Rationale
Indicators of fraud may include individuals who consistently rationalize poor performance, perceive beating the system to be an intellectual challenge, provide unreliable communications and reports, and rarely take vacations or sick time (and when they are absent, no one performs their work).
56
Which of the following is most likely a fraud red flag?
a) A middle manager has a close association with vendor personnel in compatible functions.
b) Some board members have independence to the point that they are not even from the same industry.
c) Internal auditors are told not to treat audit engagements as fraud investigations.
d) Senior management publishes a new code of conduct.
a) A middle manager has a close association with vendor personnel in compatible functions.
Rationale
Unusually close association with suppliers is a red flag for fraud.
An internal audit is not a fraud investigation.
57
What characteristic makes fraud risk unique?
a) Intent
b) Rationalization
c) Experience
d) Proficiency
a) Intent
Rationale
While many definitions exist, The IIA defines fraud as "any illegal act characterized by deceit, concealment, or violation of trust." This definition captures the characteristic that makes fraud unique among risks: intent. Fraudulent acts involve people who intend to circumvent controls or exploit weaknesses in the organization.
58
Which type of fraud involves persons authorized to spend the organization's money and often does not leave a paper trail or require changing the books improperly and so is best uncovered by offering a confidential whistleblower hotline?
a) Information misrepresentation
b) Misuse or theft of assets
c) Disbursement fraud
d) Corruption
d) Corruption
Rationale
Corruption is the misuse of entrusted power for private gain. It includes bribery and other improper uses of power. It is often an off-book fraud, meaning that there is little financial statement evidence available to prove that the crime has occurred. Corrupt employees do not have to fraudulently change financial statements to cover up their crimes; they simply receive cash payments under the table. In most cases, these crimes are uncovered through tips or complaints from third parties, often via a fraud hotline. Corruption often involves the purchasing function.
59
The Standards require that when the chief audit executive (CAE) has been informed of multiple factors that have been linked to possible fraudulent conditions and additional testing indicates fraud has taken place, the CAE should
a) immediately notify senior management and the board.
b) immediately notify law enforcement.
c) perform audit tests to determine the extent of the fraud.
d) perform audit tests to determine the potential perpetrators.
a) immediately notify senior management and the board.
Rationale
Immediate notification of the board (audit committee) is required once additional testing has established that fraud has taken place.
Management will be responsible for notifying law enforcement.
Tests to ascertain the extent of the fraud are accomplished after the fraud has in fact been determined, not suspected.
60
Auditors have been advised to look at red flags to determine whether management is involved in fraud. Which of the following is a difficulty in using red flags as fraud indicators?
a) Red flag information must be gathered as a normal part of an audit engagement even though no additional time or money is allocated to this activity.
b) Many common red flags are also associated with situations where no fraud exists.
c) The literature on red flags is not sufficient to have a positive impact on auditing.
d) Most red flags are difficult to quantify or evaluate.
b) Many common red flags are also associated with situations where no fraud exists.
Rationale
While the presence of one or more red flags does not mean that an employee is actually committing fraud, a combination of these factors could indicate a need for inquiries and heightened audit attention.
The literature on red flags is well established.
Although red flags will be refined in the future as research is done, this does not preclude their effective use.
Many red flags can be quantified, and all can be evaluated in some way.
61
Which of the following is an approach to assessing fraud schemes from the fraudster's perspective?
a) Walkthroughs
b) Systems design
c) Control weaknesses
d) Physical access
c) Control weaknesses
Per Global Technology Audit Guide 13, Fraud Prevention and Detection in an Automated World, there are two approaches to assessing fraud schemes from the fraudster's perspective:
1. The control weaknesses approach looks at the potential for fraud by examining the key controls and determining who could take advantage of a control weakness and how he or she could circumvent a control that may not be working properly.
2. The key fields approach looks at the potential for fraud by considering the data being entered, which fields could be manipulated (and by whom), and what would be the effect.
Both approaches seek to determine who could be committing fraud, what the fraudster could be doing, and what the symptoms of fraud would look like in the data. Brainstorming with employees from key business areas is a good technique for assessing fraud and is useful with both of these approaches.
62
Which would be an appropriate resolution to a fraud incident?
a) The internal auditor who discovered vendor fraud recommends terminating contracts with the supplier.
b) Management requests voluntary financial restitution from the fraud perpetrator and terminates the person's employment.
c) The internal auditor reports the matter to law enforcement after management and the board decide not to prosecute the wrongdoer.
d) The fraud investigator reports the information to law enforcement if it is evident that laws have been broken.
c) The internal auditor reports the matter to law enforcement after management and the board decide not to prosecute the wrongdoer.
Rationale
Management and the board are responsible for resolving fraud incidents, not the internal audit activity or the investigator.
63
A transportation business has multinational contracts to carry manufacturing supplies and finished products. The corporation coordinates trucks, railcars, and shipping containers. A warehouse and depot were purchased from a smaller company last year; this facility has never been audited. The employees of the warehouse/depot privately complain that the manager of the facility is difficult to work for. He frequently changes his mind, doesn't communicate fully or clearly, and is generally disorganized. Although he has developed strong relationships with customers and vendors over the years, he has not been able to keep up with modern business models and tools. This, and the fact that his branch has the lowest profitability level in the company, may be why he has been passed over for promotion in the past. How might the history of the company be a condition for fraud?
a) The decentralized structure has created opportunity.
b) The lack of previous controls has created opportunity.
c) The manager might argue that he owes little loyalty to the new company.
d) The acquisition has created a need for performance.
b) The lack of previous controls has created opportunity.
Rationale
The absence of a controlled business environment may have created a feeling that fraud will go unnoticed.
While controls may be more difficult in a decentralized business, they may be provided through processes, policies, and information systems.
64
An internal audit activity is developing its risk-based annual audit plan One division had an unusually large increase in sales, gross margin, and profit. Which of the following would support a decision to omit this division from the annual audit plan?
a) An unusually large amount of sales returns are recorded after year-end.
b) The auditor has taken a random sample of sales invoices and cannot locate shipping documents for a number of the transactions selected for November and December.
c) One of the division's major competitors went out of business during the year.
d) A significant portion of divisional management compensation is based on reported divisional profits.
c) One of the division's major competitors went out of business during the year.
Rationale
A decrease in the number of competitors during the year could be a potential explanation for the increase in sales and profits and a reason to audit other areas that are higher risk.
The other answers are red flags of sales-related fraud.
Significant management compensation tied to reported profits has been identified as a red flag for potential fraud investigation.
An unusually large amount of sales returns after year-end could indicate that a large amount of non-valid sales (sales without substance) were recorded near the end of the year.
The lack of shipping documents would be a good indicator that non-valid sales were recorded during November and December.
65
What is the term for the ethical environment fostered by organizational leadership, which is the single most important factor in determining the organization's resistance to bribery and corruption?
a) Control environment
b) Anti-bribery program
c) Code of conduct
d) Tone at the top
d) Tone at the top
Rationale
Effective risk mitigation starts with a strong tone at the top, setting the foundation for an overall compliance framework. The tone at the top is the ethical environment fostered by organizational leadership, and it is the single most important factor in determining the organization's resistance to bribery and corruption.
No system of controls can provide absolute assurance against the commission of bribery or corruption. The board should, however, require the organization to develop comprehensive anti-bribery and anti-corruption programs.
66
When investigating potential fraud related to possible collusion between a purchasing employee and a vendor, the fraud investigation team notices that there is no email correspondence between the two parties, even though this is not the case for the purchasing employee's other vendor contacts. What should the team do next?
a) Contact the vendor to request a copy of the emails.
b) Use interviewing techniques to secure a confession in a confrontational manner.
c) Look for a different suspect that did communicate with the vendor.
d) Use computer forensics to attempt to recover deleted emails.
d) Use computer forensics to attempt to recover deleted emails.
Rationale
In this case, the absence of emails where they were expected is a red flag that important emails were deleted. Computer forensic technology and software packages are available to assist in the investigation of fraud, for example, to recover deleted emails.
Contacting the vendor may not be the best first choice, especially if the vendor does not yet know about the fraud investigation.
Securing a confession is a type of interrogation technique, not an interviewing technique.
67
Based on historical trends, when reviewing a fraud risk matrix, which of the risks would the chief audit executive most likely expect to see rated low likelihood/high impact?
a) Overstated revenues risk.
b) Skimming revenues risk.
c) Payroll fraud risk.
d) Bribery risk.
a) Overstated revenues risk.
Rationale
Overstating revenues is a type of fraudulent financial reporting. It is the least common type of fraud (low likelihood) but causes the biggest median monetary loss (high impact).
Payroll fraud and skimming revenues are a type of asset misappropriation, and asset misappropriation is the most common type of occupational fraud (high likelihood) but causes the smallest median monetary loss (low impact).
Bribery is a type of corruption, and fall in the middle with regard to incidence and monetary loss (medium likelihood/medium impact).
68
An internal auditor who generalizes in multiple areas of internal auditing discovers that an account that must be estimated by management is historically lower than normal. Which of the following should the auditor do?
a) Consider this to be a potential red flag, and refer it to the lead auditor who may employ a specialist whose primary responsibility is detecting and investigating fraud.
b) Confront the manager and be professionally skeptical, discuss the issue with management, apply unpredictable audit tests, and follow up on this management override of controls.
c) Realize that estimated accounts are by their nature intended to be used for legal practices such as income smoothing, and note this for potential follow up if time permits.
d) Consider this to be a red flag for fraud, and continue the investigation to determine whether or not this is an instance of material fraud, misappropriation of assets, or corruption.
a) Consider this to be a potential red flag, and refer it to the lead auditor who may employ a specialist whose primary responsibility is detecting and investigating fraud.
Rationale
It may be difficult to determine when the line has been crossed from "creative accounting" into fraudulent financial reporting. IIA Standard 1210.A.2 states, "The internal auditor should have sufficient knowledge to identify the indicators of fraud but is not expected to have the expertise of a person whose primary responsibility is detecting and investigating fraud."
69
Which of the following procedures would be most helpful in providing additional evidence when an auditor suspects that an unidentified employee is submitting and approving invoices for payment?
a) Use generalized audit software to identify invoices with post office box numbers or other unusual features. Select a sample of those invoices and trace to supporting documents such as receiving reports.
b) Select a sample of receiving reports representative of the period under investigation and trace to approved payment. Note any items not properly processed.
c) Select a sample of invoices paid during the past month and trace them to appropriate vendor accounts.
d) Review all payments made during the year and investigate each one for approval.
a) Use generalized audit software to identify invoices with post office box numbers or other unusual features. Select a sample of those invoices and trace to supporting documents such as receiving reports.
Rationale
An auditor should consider the potential impact and use of technology, for example, the use of continuous monitoring software or enterprise management systems, which can aid in the detection of fraudulent wire transfers or payments. By comparing flagged transactions with receipts and logs, an auditor would be better placed to identify fraudulent payments.
70
The ethics hotline has received a complaint of an alleged illegal act by management. Internal audit has been asked to investigate the alleged fraud. Before proceeding with the investigation, the internal auditor should
a) gather related anti-fraud intelligence.
b) identify loopholes for further investigation.
c) determine if litigation has commenced or is anticipated.
d) take a statement from the suspect.
c) determine if litigation has commenced or is anticipated.
Rationale
At the onset, the internal auditor needs to know if litigation has commenced or is anticipated. If the answer is yes, the auditor should recommend that an outside law firm conduct the investigation. This would provide the auditor with attorney-client privilege. Without this, the internal auditor's working papers may be subpoenaed and could well become part of the plaintiff's papers.
71
Which of the following would generally be included in a fraud risk assessment?
a) Involvement of all personnel
b) Governance effectiveness
c) Opportunity, ethics, and rationalization
d) Likelihood, significance, and pervasiveness of risks
d) Likelihood, significance, and pervasiveness of risks
Rationale
A fraud risk assessment evaluates the likelihood, significance, and pervasiveness of each risk. It evaluates opportunity, motive, and rationalization.
A fraud risk assessment does not assess governance effectiveness per se. However, the occurrence of material fraud would ultimately suggest a failure of governance.
A fraud risk assessment would be performed only with the involvement of appropriate personnel.
72
The primary purpose of operating a fraud hotline in a company is to
a) reduce the total costs of operating the company.
b) concentrate on areas that deserve attention and place less attention on areas operating as expected.
c) measure how well organizational units are achieving the organization's goals.
d) establish channels of communication for people to report suspected improprieties.
d) establish channels of communication for people to report suspected improprieties.
Rationale
Fraud hotlines may identify frauds that have been or are being perpetrated.
73
Three factors are consistently present when people commit fraud. Which is the only one that organizations can control directly?
a) Opportunity
b) Pressure
c) Incentive
d) Rationalization
a) Opportunity
Rationale
Management can design internal controls to try to prevent opportunities for fraud and to detect fraudulent activities if they occur.
74
During an audit, an internal auditor notes that the following situations exist:
1. Unusual profitability compared to other companies in the same industry
2. Highly complex transactions close to the end of the period
3. Significant sales to entities whose substance and ownership are not known
4. Unusual growth in days' sales in receivables
These situations indicate what type of fraud?
a) Employee collusion with customer firms
b) Fictitious revenues
c) Improper asset valuation
d) Inventory theft
b) Fictitious revenues
Rationale
The items listed are red flags associated with fictitious revenues. Other red flags include recurring negative cash flows or an inability to generate cash flows while reporting earnings and earnings growth, significant transactions with special purpose entities, and an unusual surge in sales by a minority of units with a company.
75
Which is a condition that might indicate fraud?
a) New hires must pass stringent background checks.
b) There is a collegiate management philosophy.
c) Employees use support programs that are offered.
d) Employees have low morale
d) Employees have low morale
Rationale
Low employee morale is a condition that might indicate fraud.
76
Which of the following best describes the timing for a fraud risk assessment?
a) Ongoing
b) In conjunction with a fraud response plan
c) In response to compliance enforcement
d) Annually
a) Ongoing
Rationale
A fraud risk assessment should be ongoing and dynamic and reflect the organization's current business conditions. Change is constant and circumstances are not static; the risk assessment does not signal the end of the process.
77
An internal auditor is assigned to audit activities at a group of retail stores. In one store, the auditor notes an unusually high number of instances where there have been end-of-day discrepancies between store receipts and cash and credit card charges deposited. After examining employee time sheets and time cards, the auditor narrows suspicion to three employees. Since this is a potentially serious charge, the auditor wants to confirm these suspicions and possibly narrow them even further by talking with the individuals. During the interview, the internal auditor takes note of the behavior of each of the employees. Which of the following behaviors would be considered red flags?
a) The employee speaks in a very even tone and at an almost slow rate.
b) The employee angles himself or herself squarely facing the auditor.
c) The employee responds to attempts to establish rapport and begins offering unexpected personal information.
d) The auditor is able to hold the employee's eye contact for a few seconds, but afterward the employee glances away.
c) The employee responds to attempts to establish rapport and begins offering unexpected personal information.
Rationale
Unanticipated and unusual candor may be a red flag and a sign that fraud may be occurring.
The posture described suggests openness rather than defensiveness, and a slow rate of speech may be only a speech pattern.
While a reluctance to establish eye contact would be a red flag, this is not the case here.
78
Internal auditors will be more able to detect fraud if they develop/strengthen their ability to
a) interrogate fraud perpetrators to discover why the fraud was committed.
b) document computerized operating system programs.
c) develop internal controls to prevent the occurrence of fraud.
d) recognize and question changes that occur in organizations.
d) recognize and question changes that occur in organizations.
Rationale
The recognition and questioning of change is critical to the detection of fraud. Interrogation of fraud perpetrators occurs after detection.
The controls mentioned are preventive, not detective.
Documentation of operating systems is not within the scope of internal auditing and would do little to enhance fraud detection skills.
79
Which of the following statements about fraud-related red flags is correct?
a) Fraud that benefits the organization is rarely detectable through red flags.
b) Personality is not a reliable red flag.
c) A red flag refers only to individual behaviors that indicate actual fraudulent activity.
d) A red flag might include something like a failure to separate accountability for shipment receipt and vendor payment.
d) A red flag might include something like a failure to separate accountability for shipment receipt and vendor payment.
Rationale
Fraud red flags may refer to a broad range of signs, from individual to environmental. This may include certain personality types as well as certain industries.
A red flag may be triggered in an internal auditor's mind upon noting an absence of controls in a workplace that have created an opportunity for fraud.
It is very important for organizations to establish lists of red flags. These lists indicate potential opportunities for fraud for that particular organization.
80
Management of a nonprofit organization has been monitoring spending and is concerned because payments to some vendors appear to be unusually high. Most purchases are made through the purchasing function, which is organized around three buyers, each with defined purchasing areas. The purchasing agents place the purchase orders and get copies of receiving reports to ensure that goods are received. They review the reports and compare them with the purchase orders before sending the items to accounts payable with their approval for payment. All vendor invoices are sent directly to accounts payable, even though receiving reports first go through the purchasing agents. The organization has a policy of requiring three bids on all purchases that exceed U.S. $10,000. Which of the following, if observed, would indicate the need to search for other indicators of fraud?
a) A purchase for U.S. $9,000 receives three bids.
b) The cost of goods procured seems to be excessive in comparison with that of previous years.
c) Accounts payable has announced plans to have receiving reports sent directly to their department rather than first to purchasing agents.
d) Management, at the purchasing agents' request, has adopted a policy of paying vendors on a timelier basis to avoid incurring penalty charges.
b) The cost of goods procured seems to be excessive in comparison with that of previous years.
A spike in the cost of goods procured is considered a red flag that should require further investigation.
Receiving multiple bids even when not required is not a red flag, especially since this is near the threshold.
Accounts payable should get receiving reports directly; having them go to purchasing agents first is a control weakness. Paying suppliers on a more timely basis is a valid business practice.
81
A fraud task force recommended that alerts be set up to notify management when specific conditions identified as high risk are met. Which would best be utilized to implement the alerts?
a) Rules-based descriptive tests and reporting.
b) Statistical analysis and machine learning.
c) Pattern and link analysis.
d) Topic modeling and linguistic analysis.
a) Rules-based descriptive tests and reporting.
Rationale
By using rules-based descriptive tests and reporting, historical data with simple and complex analytical weighted tests, significant value can be achieved to identify areas of risk; alerts will be produced when certain conditions are met.
Statistical analysis and machine learning increases the confidence that items identified as outliers warrant additional review.
Pattern and link analysis is a data visualization technique that exposes hidden relationships between data sources.
Topic modeling and linguistic analysis help the investigative team to understand what information may have been compromised or the corrupt intent of certain business activities.
82
When a forensic auditor suspects fraud and is aware of the potential perpetrator, who might it be best to interview first?
a) Any vendors that the potential perpetrator has interacted with, especially if also suspects
b) The suspected perpetrator's supervisor if not also a suspect
c) Employees from other departments who the potential perpetrator has interacted with
d) The suspected perpetrator
b) The suspected perpetrator's supervisor if not also a suspect
Rationale
A fraud interview could involve the suspected perpetrator, potential witnesses and victims, those who may have aided the perpetrator, or those who can provide background information about the area, activity, or perpetrator.
Forensic auditors must be able to ensure that evidence is not lost, destroyed by the perpetrator, or mishandled in some way so that it will no longer be considered reliable in court. For this reason, interviews often are private, and the interviewer seeks to maintain low visibility, especially to suspected perpetrators. The perpetrator's supervisor is a good place to start to uncover information.
83
In which type of fraud does the perpetrator steal cash or assets (supplies, inventory, equipment, information) from the organization, often trying to conceal the theft by adjusting the records?
a) Disbursement fraud
b) Skimming
c) Corruption
d) Asset misappropriation
d) Asset misappropriation
Rationale
Asset misappropriation involves stealing cash or assets (supplies, inventory, equipment, and information) from the organization. In many cases, the perpetrator tries to conceal the theft, usually by adjusting the records.
84
Which of the following is an essential element in preventing fraud?
a) Exit interviews
b) Employee surveys
c) Strong ethical culture
d) Whistleblower hotline
c) Strong ethical culture
Rationale
Fraud prevention involves those actions taken to discourage the commission of fraud and limit fraud exposure when it occurs. Instilling a strong ethical culture and setting the correct tone at the top are essential elements in preventing fraud.
Employee surveys, a whistleblower hotline, and exit interviews are detective controls designed to provide warnings or evidence that fraud is occurring or has occurred.
85
Which occurrence is most likely to contribute to fraud?
a) Lack of management review.
b) Lack of internal controls.
c) Override of existing internal controls.
d) Lack of anti-fraud policies and procedures.
b) Lack of internal controls.
Rationale
According to the ACFE Report to the Nations, the most prominent organizational weakness that contributed to frauds in the study was a lack of internal controls. The override of existing internal controls, lack of management review, and lack of anti-fraud policies and procedures would be secondary.
86
When auditing the award of a major contract, an internal auditor should suspect which of the following as a red flag for a bidding fraud scheme?
a) A high percentage of employees are charged to indirect accounts.
b) Material contract requirements are different on the actual contract than on the request for bids.
c) Losing bidders are not given feedback.
d) Subsequent change orders increase requirements for low-bid items.
b) Material contract requirements are different on the actual contract than on the request for bids.
Rationale
In this case, there is a difference in what the contractor is being asked to provide between the contract and the request for bids, and this should be investigated further as a red flag. For example, the scope may have been reduced without reducing the amount to pay the contractor. Change orders are subject to review and, if approved, are not necessarily a red flag.
Failing to inform bidders is not a best practice but does not necessarily point to fraud.
A company that bills for indirect employees could potentially be overcharging the organization, but the fact that this is fully disclosed reduces the likelihood that this is a red flag. Note that a red flag is a sign that indicates the inadequacy of controls in place to deter fraud and the possibility that someone has already overcome these weak or absent controls. Fraud red flags may surface at any stage of the internal audit, but it should be remembered that they are only warning signs; they do not constitute proof that fraud has been committed. It is the responsibility of the auditor to serve as an "early warning system" for the organization and be conversant with potential areas of fraud—specifically the conditions that might allow employees to conduct fraudulent activities. It should be remembered that once potential fraud is identified, it is best to refer the case to those parties trained in fraud investigation. An internal audit is not a fraud investigation.
87
According to the International Standards for the Professional Practice of Internal Auditing, the internal audit activity is required to _______ the risk of fraud.
a) reach conclusions on
b) investigate
c) evaluate
d) state opinions on
c) evaluate
Rationale
While management, with board oversight, holds the primary responsibility for establishing and monitoring effective controls to deter and detect fraud, the internal audit activity is required to evaluate the risk of fraud, according to the Standards.
88
Which of the following is a condition that indicates a higher likelihood of fraud?
a) Management has delegated the authority to make purchases under a certain dollar limit to subordinates.
b) An individual handling marketable securities is responsible for making purchases, but another person recording the purchases reports any discrepancies and gains or losses to senior management.
c) An individual has held the same cash-handling job for an extended period but twice a year takes over someone else's duties and vice versa.
d) The assignment of responsibility and accountability in the accounts receivable department is allowed to rotate.
d) The assignment of responsibility and accountability in the accounts receivable department is allowed to rotate.
Rationale
If responsibility and accountability in the accounts receivable department are allowed to rotate, this can create uncertainty as to who is responsible and how duties should be segregated. Delegating is an acceptable control procedure aimed at limiting risk while promoting efficiency. It is not, by itself, considered a condition that indicates a higher likelihood of fraud.
89
During the year, a company switches to a new supplier for a service. The accounting clerk continues to submit fraudulent invoices from the old supplier. Because contracting for services and approval of supplier invoices has been delegated to the clerk, it is possible for the clerk to continue billings from the old supplier and deposit the subsequent checks, which the clerk is responsible for mailing, into a new account the clerk has opened in the name of the old supplier. Which of the following audit procedures would most likely lead to the detection of the fraud?
a) Taking a sample of paid invoices and verifying receipt of services by the departments involved
b) Tracing a sample of receiving documents to invoices and checks disbursed
c) Performing a bank reconciliation and accounting for all outstanding checks
d) Tracing a sample of checks disbursed to approved invoices for services
a) Taking a sample of paid invoices and verifying receipt of services by the departments involved
Rationale
Confirming the receipt of services that have been paid for with the departments involved would uncover the fraud. The fraudulent invoices are approved by the clerk, and each check will, therefore, be supported by an approved invoice.
Bank reconciliations do not test the validity of the cash payments.
The fraudulent payments would not be detected if the test begins with valid receiving reports.
90
Which of the following fraudulent entries is most likely to be made to conceal the theft of an asset?
a) Debit the asset and credit another asset account.
b) Debit revenue and credit the asset.
c) Debit another asset account and credit the asset.
d) Debit expenses and credit the asset.
d) Debit expenses and credit the asset.
Rationale
Most fraud perpetrators would attempt to conceal their theft by charging it against an expense account. For an asset or an expense, a debit increases the account and a credit decreases the account. Thus, expenses increase in the records and the asset account decreases in value.
91
When interviewing an individual suspected of a fraud, the interviewer should
a) ask if the suspect committed the fraud.
b) ensure that the suspect's supervisor is present.
c) pay attention to the wording choices and behaviors of the suspect.
d) lock the door to ensure that no one will interrupt the interview.
c) pay attention to the wording choices and behaviors of the suspect.
Rationale
Some behaviors during interviews may become fraud indicators or signs that the interviewee is lying or withholding information. Examples include restlessness, posture, reluctance to make eye contact, or signs of anxiety.
Answers provided by the interviewee may also be fraud indicators, such as inappropriate attitudes (candor or sarcasm), sudden change in attitude about answering questions, or changes in answers given to questions during the interview. Wording choices, such as shifts in the use of pronouns and verbs, may indicate areas of dishonesty or fabrication.
92
During a walkthrough of a warehouse and shipping area to investigate inventory discrepancies, an internal auditor notes that employees come and go to use a copy machine and paper shredder. What type of audit cycle red flag does this illustrate?
a) Financing cycle
b) Expenditure cycle
c) Revenue cycle
d) Production cycle
d) Production cycle
Rationale
Red flags can be characterized by the point in the audit cycle in which they are observed. This red flag, unrestricted access to the area, occurs within the production cycle.
93
Unacknowledged and uncollected liabilities and fictitious sales accounts are red flags for which area of fraudulent financial reporting?
a) Concealed liabilities
b) Improper disclosures
c) Improper asset valuation
d) Fictitious revenues
c) Improper asset valuation
Rationale
Improper asset valuation includes these red flags as well as others such as changes made to inventory accounts or fictitious assets backed by forged documents.
94
Management engaged the internal audit activity to evaluate control activities for the types of fraud that could result in the greatest monetary loss to the business, regardless of likelihood. Internal audit should evaluate control activities for which types of fraud?
a) Invoice kickbacks and bid rigging.
b) Fictitious revenues and improper asset valuation.
c) Check tampering and bribery.
d) Understated sales and cash larceny.
b) Fictitious revenues and improper asset valuation.
Rationale
Financial statement fraud causes the greatest median loss, followed by corruption and asset misappropriation.
Fictitious revenues and improper asset valuation are types of financial statement fraud, which results the greatest median monetary loss compared to corruption or asset misappropriation frauds.
Overstated sales and cash larceny are examples of asset misappropriation, which results in the lowest median monetary loss compared to financial statement fraud or asset misappropriation.
Check tampering is an example of asset misappropriation; bribery is an example of corruption.
95
According to the Association of Certified Fraud Examiners’ Report to the Nations on Occupational Fraud & Abuse, which statement is true?
a) Asset misappropriation is the least common form of occupational fraud but causes the greatest median monetary loss. Financial statement fraud is the most common form of occupational fraud but causes the smallest median monetary loss.
b) Asset misappropriation is the least common form of occupational fraud and causes the smallest median monetary loss. Financial statement fraud is the most common form of occupational fraud and causes the greatest median monetary loss.
c) Asset misappropriation is the most common form of occupational fraud and causes the greatest median monetary loss. Financial statement fraud is the least common form of occupational fraud and causes the smallest median monetary loss.
d) Asset misappropriation is the most common form of occupational fraud but causes the smallest median monetary loss. Financial statement fraud is the least common form of occupational fraud and causes the greatest median monetary loss.
c) Asset misappropriation is the most common form of occupational fraud but causes the smallest median monetary loss. Financial statement fraud is the least common form of occupational fraud and causes the greatest median monetary loss.
Rationale
According to the ACFE Report to the Nations, Asset misappropriation was by far the most common form of occupational fraud, occurring in 83 percent of cases, but caused the smallest median loss of $125,000. Financial statement fraud was on the other end or the spectrum, occurring in less than 10 percent of cases but causing a median loss of $975,000.
96
According to The IIA's Standards, what skills are internal auditors required to have when planning internal audits that involve the possibility of fraud?
a) Sufficient technical expertise, such as with documentation forgery
b) Expertise in the detection of fraud
c) Sufficient knowledge and skill to be able to recognize the indications of potential fraud
d) Professional licenses and certifications
c) Sufficient knowledge and skill to be able to recognize the indications of potential fraud
Rationale
The internal auditor needs only to be able to recognize the possibility of fraud. It is the responsibility of the chief audit executive to obtain additional resources, if required, who are qualified in specific disciplines.
97
A company maintains a fleet of delivery vans to distribute its products from a central warehouse. Each van is stocked with an inventory of saleable goods, which is replenished regularly. The internal auditor notes a pattern of unexplained inventory shortages. Which of the following suggests a control weakness providing an opportunity for fraud?
a) All delivery personnel take their delivery vans home at night.
b) Van inventory lists are reconciled by purchasing rather than shipping.
c) Only select managers have keys to the storeroom.
d) Written corporate policies exist describing prohibited activities.
a) All delivery personnel take their delivery vans home at night.
Rationale
If delivery personnel can take their vans home at night without compensating controls, uncontrolled access—and fraud—is possible. The other answer choices discourage fraud.
98
If external auditors find that weak controls have contributed to the occurrence of financial fraud in an organization, the maximum extent of the internal audit function's responsibility is best identified by which of the following statements?
a) Failure to identify the financial fraud when auditing the financial function
b) Failure to prevent the financial fraud from occurring
c) Failure to fully document the evaluation of controls and recommend development of more effective measures to prevent financial fraud
d) Failure to develop and implement more effective controls designed to prevent financial fraud
c) Failure to fully document the evaluation of controls and recommend development of more effective measures to prevent financial fraud
Rationale
The internal audit function is responsible for fully documenting controls and recommending that management address any weaknesses. Internal audit is also responsible for recognizing the indicators of fraud, such as weak internal controls.
Management decides what controls to implement and bears responsibility for preventing fraud.
