Unit 6: Controls: Types and Frameworks

Question 1

is “any action taken by management, the board, and other parties to manage risk and
increase the likelihood that established objectives and goals will be achieved.”

Answer 1

Controls

Question 2

“Management plans,
organizes, and directs the performance of sufficient actions to provide reasonable assurance that
objectives and goals will be achieved.”

Answer 2

Controls

Question 3

“the policies, procedures (both manual and automated), and activities that
are part of a control framework, designed and operated to ensure that risks are contained within
the level that an organization is willing to accept.”

Answer 3

Control processes

Question 4

“[t]he attitude and actions of the board and management regarding the
importance of control within the organization. The control environment provides the discipline
and structure for the achievement of the primary objectives of the system of internal control.

Answer 4

Control environment

Question 5

Elements of Control Environment

Answer 5

● Integrity and ethical values
● Management’s philosophy and operating style
● Organizational structure
● Assignment of authority and responsibility
● Human resource policies and practices
● Competence of personnel

Question 6

requires feedback on the results of organizational activities for the purposes of
measurement and correction.

Answer 6

controls

Question 7

only provides reasonable assurance of achieving objectives. It cannot provide
absolute assurance because any system of internal control has inherent limitations

Answer 7

Internal control

Question 8

is faulty, and controls may fail because of simple errors or mistakes. (internal Control inherent limitation)

Answer 8

Human Judgment

Question 9

may inappropriately override internal controls, e.g., to fraudulently achieve
revenue projections or hide liabilities. (internal Control inherent limitation)

Answer 9

Management

Question 10

Manual or automated controls can be circumvented (internal Control inherent limitation)

Answer 10

collusion

Question 11

The _______ of internal control must not be greater than its __________.

Answer 11

Cost, Benefits

Question 12

is a record by which accounting measurements, details of a trade, or other financial
data can be traced back to its source.

Answer 12

Audit Trails

Question 13

can be used to verify and track transactions.

Answer 13

Audit Trails

Question 14

For example, a transaction processing system can trace a purchase back to a copy of the purchase order to see when the items were ordered and who authorized the order.

Answer 14

Audit Trail

Question 15

similar transactions to the same processing instructions
and thus virtually eliminates clerical error. But programming errors (or other similar systematic errors in either the hardware or software)
will result in all similar transactions being processed incorrectly when they are processed
under the same conditions.

Answer 15

Uniform Processing of Transactions

Question 16

transaction, certain functions should be performed by separate individuals in different
parts of the organization.

Answer 16

Segregation of Duties

Question 17

designed to detect fraud by one person but not fraud by collusion or management override.

Answer 17

internal control system

Question 18

including those performing control procedures, to gain unauthorized
access to data, to alter data without visible evidence, or to gain access (direct or indirect) to assets
may be greater in computer systems.

Answer 18

Potential for Errors and Fraud

Question 19

Computer systems offer management many analytical tools for review and supervision of
operations. These additional controls may enhance internal control.

Answer 19

Potential for Increased Management Supervision

Question 20

Computer processing may produce reports and other output that are used in performing manual
control procedures.

Answer 20

Dependence of Controls in Other Areas on Controls over
Computer Processing

Question 21

Certain transactions may be automatically initiated or certain procedures required to execute a
transaction may be automatically performed by a computer system.

Answer 21

Initiation or Subsequent Execution of Transactions by
Computer

Question 22

(such as bank reconciliations or sign-offs on hard copy or electronic documents)
may be more suitable where judgment and discretion are required,

Answer 22

Manual Controls (Human Action)

Question 23

For large, unusual, or nonrecurring transactions;

Answer 23

Manual Controls (Human Action)

Question 24

For circumstances where misstatements are difficult to define, anticipate, or predict;

Answer 24

Manual Controls (Human Action)

Question 25

In changing circumstances that require a control response outside the scope of an existing
automated control;

Answer 25

Manual Controls (Human Action)

Question 26

In monitoring the effectiveness of automated controls.

Answer 26

Manual Controls (Human Action)

Question 27

High-volume transactions that require additional calculations.

Answer 27

Automated Controls
(Electronic Action)

Question 28

Routine errors that can be predicted and corrected.

Answer 28

Automated Controls
(Electronic Action)

Question 29

Circumstances that require a high degree of accuracy.

Answer 29

Automated Controls
(Electronic Action)