AIS CH 6 TEST YOURSELF
This term describes the policies, plans, and procedures implemented by a firm to protect the assets of the organization. 1. Internal control 2. SAS No. 94 3. Risk assessment 4. Monitoring
1. Internal Control
Which of the following is not one of the components of the 2017 COSO Enterprise Risk Management: Aligning Risk with Strategy and Performance Framework: 1. Risk and Compliance 2. Risk, Strategy, and Objective-Setting 3. Monitoring Enterprise Risk Management Performance 4. Risk in Execution
1. Risk and Compliance
Which of the following would a manager most likely use to organize and evaluate corporate governance structure? 1. The 2013 COSO Internal Control—Integrated Framework 2. The 2017 COSO Enterprise Risk Management—Aligning Risk with Strategy and Performance Framework 3. The Sarbanes-Oxley Act of 2002 4. COBIT
1. The 2013 COSO Internal Control - Integrated Framework
COSO recommends that firms to determine whether they should implement a specific control. 1. Use cost-benefit analysis 2. Conduct a risk assessment 3. Consult with the internal auditors 4. Identify objectives
1. Use cost-benefit analysis
Which of the following is not one of the four objectives of an internal control system? 1. Safeguard assets 2. Promote firm profitability 3. Promote operational efficiency 4. Encourage employees to follow managerial policies
2. Promote Firm Profitability
Which of the following is not one of the three additional components that was added in the 2004 COSO Enterprise Risk Management—Integrated Framework? 1. Objective setting 2. Risk assessment 3. Event identification 4. Risk response
2. Risk Assessment
Which of the following would a manager most likely use for risk assessment across the organization? 1. The 2013 COSO Internal Control—Integrated Framework 2. The 2017 COSO Enterprise Risk Management—Aligning Risk with Strategy and Performance Framework 3. The Sarbanes-Oxley Act of 2002 4. COBIT
2. The 2017 COSO Enterprise Risk Management—Aligning Risk with Strategy and Performance Framework
Segregation of duties is a fundamental concept in an effective system of internal control. But, the internal auditor must be aware that this safeguard can be compromised through: 1. lack of training of employees 2. collusion among employees 3. irregular employee reviews 4. absence of internal auditing
2. collusion among employees
Which of these is not one of the three major types of controls? 1. Preventive 2. Corrective 3. Objective 4. Detective
3. Objective
Which one of the following forms of audit is most likely to involve a review of an entity's performance of specific activities in comparison to organizational specific objectives? 1. Information system audit 2. Financial audit 3. Operational audit 4. Compliance audit
3. Operation audit
Separation of duties is an important control activity. If possible, managers should assign which of the following three functions to different employees? 1. Analysis, authorizing, transactions 2. Custody, monitoring, detecting 3. Recording, authorizing, custody 4. Analysis, recording, transactions
3. Recording, authorizing, custody
Section 404 affirms that management is responsible for establishing and maintaining an adequate internal control structure. This section may be found in which of the following? 1. The 2013 COSO Internal Control—Integrated Framework 2. The 2017 COSO Enterprise Risk Management—Aligning Risk with Strategy and Performance Framework 3. The Sarbanes-Oxley Act of 2002 4. COBIT
3. The Sarbanes-Oxley Act of 2002
An internal control system should consist of five components. Which of the following is not one of those five components? 1. The control environment 2. Risk assessment 3. Monitoring 4. Performance evaluation
4. Performance evaluation
When management of the sales department has the opportunity to override the system of internal controls of the accounting department, a weakness exists in 1. risk management 2. information and communication 3. monitoring 4. the control environments
4. the control environments