ACCT 3371 EXAM 2
Duplicate checking of calculations is an example of a ________ control, and procedures to resubmit rejected transactions are an example of a ________ control. A) corrective; detective B) detective; corrective C) preventive; corrective D) detective; preventive
detective; corrective
A(n) ________ measures company progress by comparing actual performance to planned performance. A) boundary system B) diagnostic control system C) interactive control system D) internal control system
diagnostic control system
Which of the following is not a key method of monitoring performance? A) performing internal control evaluation B) employing a chief risk officer C) implementing effective supervision D) monitoring system activities
employing a chief risk officer
A ________ shows how a project will be completed, including tasks and who will perform them as well as a timeline and cost estimates. A) performance evaluation B) project development plan C) steering committee D) strategic master plan
project development plan
Whitewater Rapids provides canoes to tourists eager to ride Whitewater River's rapids. Management has determined that there is one chance in a thousand of a customer being injured or killed. Settlement of resulting lawsuits has an average cost of $650,000. Insurance with a $50,000 deductible is available. It covers the costs of lawsuits, unless there is evidence of criminal negligence. What is the impact of this risk without insurance? A) $50 B) $650 C) $50,000 D) $650,000
$650,000
How many principles are there in the 2013 updated COSO - Internal Control Framework? A) 5 B) 8 C) 17 D) 21
17
Which of the following duties could be performed by the same individual without violating segregation of duties controls? A) approving accounting software change requests and testing production scheduling software changes B) programming new code for accounting software and testing accounting software upgrades C) approving software changes and implementing the upgraded software D) managing accounts payable function and revising code for accounting software to more efficiently process discount due dates on vendor invoices
approving accounting software change requests and testing production scheduling software changes
Identify the most correct statement with regards to an event. A) An event identified by management will occur. B) An event identified by management may or may not occur. C) An event identified by management may not trigger other events. D) It is easy to determine which events are most likely to occur.
An event identified by management may or may not occur.
It was 8:03 A.M. when Jiao Jan, the Network Administrator for South Asian Technologies, was informed that the intrusion detection system had identified an ongoing attempt to breach network security. By the time that Jiao had identified and blocked the attack, the hacker had accessed and downloaded several files from the company's server. Using the notation for the time-based model of security, in this case A) D > P B) P > D C) P > C D) C > P
D > P
Kuzman Jovan called a meeting of the top management at Jovan Capital Management. Number one on the agenda was computer system security. "The risk of security breach incidents has become unacceptable," he said, and turned to the Chief Information Officer. "What do you intend to do?" Which of the following is the best answer? A) Evaluate and modify the system using COBOL. B) Evaluate and modify the system using the CTC checklist. C) Evaluate and modify the system using the Trust Services framework D) Evaluate and modify the system using the COSO Internal Control Framework.
Evaluate and modify the system using the Trust Services framework
There are "white hat" hackers and "black hat" hackers. Cowboy451 was one of the "black hat" hackers. He had researched an exploit and determined that he could penetrate the target system, download a file containing valuable data, and cover his tracks in eight minutes. Six minutes into the attack he was locked out of the system. Using the notation of the time-based model of security, which of the following must be true? A) P < 6 B) D = 6 C) P = 6 D) P > 6
P > 6
Which of the following is an independent check on performance? A) The Purchasing Agent physically reviews the contents of shipments and compares them with the purchase orders he has placed. B) Production teams perform quality evaluations of the products that they produce. C) The General Manager compares budgeted amounts with expenditure records from all departments. D) Petty cash is disbursed by Fred Haynes. He also maintains records of disbursements, places requests to finance to replace expended funds, and periodically reconciles the petty cash balance.
The General Manager compares budgeted amounts with expenditure records from all departments.
The Sarbanes-Oxley Act (SOX) applies to A) all companies with gross annual revenues exceeding $500 million. B) publicly traded companies with gross annual revenues exceeding $500 million. C) all private and public companies incorporated in the United States. D) all publicly traded companies.
all publicly traded companies.
Identify the preventive control below. A) reconciling the bank statement to the cash control account B) approving customer credit prior to approving a sales order C) maintaining frequent backup records to prevent loss of data D) counting inventory on hand and comparing counts to the perpetual inventory records
approving customer credit prior to approving a sales order
The organization chart for Renata Corporation includes a controller and an information processing manager, both of whom report to the vice president of finance. Which of the following would be a control weakness? A) assigning the programming and operating of the computer system to an independent control group which reports to the controller B) providing for maintenance of input data controls by an independent control group which reports to the controller C) periodically rotating assignment of application processing among machine operators, who all report to the information processing manager D) providing for review and distribution of system-generated reports by an independent control group which reports to the controller
assigning the programming and operating of the computer system to an independent control group which reports to the controller
Which of the following factors is not a reason forensic investigators are increasingly used in accounting? A) the Sarbanes-Oxley Act B) new accounting rules C) audit fee increases D) pressure from boards of directors
audit fee increases
Identify the primary means of protecting data stored in a cloud from unauthorized access. A) authentication B) authorization C) virtualization D) securitization
authentication
The Trust Services Framework reliability principle that states that users must be able to enter, update, and retrieve data during agreed-upon times is known as A) availability. B) security. C) maintainability. D) integrity.
availability.
As a result of an internal risk assessment, Allstate Insurance decided it was not profitable to provide hurricane insurance in the state of Florida. Allstate apparently chose to ________ the risk of paying hurricane claims in Florida. A) reduce B) share C) avoid D) accept
avoid
Upon getting into your new car, you suddenly became worried that you might become injured in an auto accident. In response, you decided to ride your bike instead. You chose to ________ the risk of being injured in an auto accident. A) reduce B) share C) avoid D) accept
avoid
The COBIT5 framework primarily relates to A) best practices and effective governance and management of private companies. B) best practices and effective governance and management of public companies. C) best practices and effective governance and management of information technology. D) best practices and effective governance and management of organizational assets.
best practices and effective governance and management of organizational assets.
According to the ERM, these help the company address all applicable laws and regulations. A) compliance objectives B) operations objectives C) reporting objectives D) strategic objectives
compliance objectives
Which of the below is not a component of the COSO ERM? A) monitoring B) control environment C) risk assessment D) compliance with federal, state, or local laws
compliance with federal, state, or local laws
Independent checks on performance include all the following except A) data input validation checks. B) reconciling hash totals. C) preparing a trial balance report. D) supervisor review of journal entries and supporting documentation.
data input validation checks.
Hiring decisions at Maarja's Razors are made by Maimu Maarja, the Director of Human Resources. Pay rates are approved by the Vice President for Operations. At the end of each pay period, supervisors submit time cards to Kasheena, who prepares paycheck requisitions. Paychecks are then distributed through the company's mail room. This represents a(n) ________ segregation of duties. A) partial B) effective C) ineffective D) limited
effective
If the time an attacker takes to break through the organization's preventive controls is greater than the sum of the time required to detect the attack and the time required to respond to the attack, then security is A) effective. B) ineffective. C) overdone. D) undermanaged.
effective.
Which of the following is not one of the essential criteria for successfully implementing each of the principles that contribute to systems reliability, as discussed in the Trust Services Framework? A) developing and documenting policies B) effectively communicating policies to all outsiders C) designing and employing appropriate control procedures to implement policies D) monitoring the system and taking corrective action to maintain compliance with policies
effectively communicating policies to all outsiders
Identify one aspect of systems reliability that is not a source of concern with regards to a public cloud. A) confidentiality B) privacy C) efficiency D) availability
efficiency
Personnel policies such as background checks, mandatory vacations, and rotation of duties tend to deter A) unintentional errors. B) employee fraud or embezzlement. C) fraud by outsiders. D) disgruntled employees.
employee fraud or embezzlement.
With a limited work force and a desire to maintain strong internal control, which combination of duties would result in the lowest risk exposure? A) updating the inventory subsidiary ledgers and recording purchases in the purchases journal B) approving a sales return on a customer's account and depositing customers' checks in the bank C) updating the general ledger and working in the inventory warehouse D) entering payments to vendors in the cash disbursements journal and entering cash received from customers in the cash receipts journal
entering payments to vendors in the cash disbursements journal and entering cash received from customers in the cash receipts journal
Which type of audits can detect fraud and errors? A) external audits B) internal audits C) network security audits D) all of the above
external audits, internal audits, and network security audits
Which type of control is associated with making sure an organization's control environment is stable? A) general B) application C) detective D) preventive
general
A store policy that allows retail clerks to process sales returns for $500 or less, with a receipt dated within the past 30 days, is an example of A) general authorization. B) specific authorization. C) special authorization. D) generic authorization.
general authorization.
Which of the following is not a violation of the Sarbanes-Oxley Act (SOX)? The management at Oanez Dinnerware A) asked their auditors to make recommendations for the redesign of their information technology system and to aid in the implementation process. B) hired the manager from the external audit team as company CFO twelve months after the manager had worked on the audit. C) selected the company's Chief Financial Officer to chair the audit committee. D) did not mention to auditors that the company had experienced significant losses due to fraud during the past year.
hired the manager from the external audit team as company CFO twelve months after the manager had worked on the audit.
According to The Sarbanes-Oxley Act of 2002, the audit committee of the board of directors is directly responsible for A) hiring and firing the external auditors. B) performing tests of the company's internal control structure. C) certifying the accuracy of the company's financial reporting process. D) overseeing day-to-day operations of the internal audit department.
hiring and firing the external auditors.
The first step of the risk assessment process is generally to A) identify controls to reduce all risk to zero. B) estimate the exposure from negative events. C) identify the threats that the company currently faces. D) estimate the risk probability of negative events occurring.
identify the threats that the company currently faces.
How is expected loss calculated when performing risk assessment? A) impact times expected loss B) impact times likelihood C) inherent risk times likelihood D) residual risk times likelihood
impact times likelihood
Which of the following is not one of the five principles of COBIT5? A) meeting stakeholder needs B) covering the enterprise end-to-end C) enabling a holistic approach D) improving organization efficiency
improving organization efficiency
Best Friends, Incorporated is a publicly traded company where three BFF's (best friends forever) serve as its key officers. This situation A) is a violation of the Sarbanes-Oxley Act. B) violates the Securities and Exchange Act. C) increases the risk associated with an audit. D) must be changed before your audit firm could accept the audit engagement.
increases the risk associated with an audit.
Petty cash is disbursed by the Manuela Luisina in the Cashier's Office. Manuela also maintains records of disbursements, places requests to the Finance Department to replace expended funds, and periodically reconciles the petty cash balance. This represents a(n) ________ segregation of duties. A) ideal B) effective C) ineffective D) limited
ineffective
Which component of the COSO Enterprise Risk Management Integrated Framework is concerned with understanding how transactions are initiated, data are captured and processed, and information is reported? A) information and communication B) internal environment C) event identification D) objective setting
information and communication
Rauol is a receptionist for The South American Paper Company, which has strict corporate policies on appropriate use of corporate resources. The first week of March, Rauol saw Jim (the branch manager) putting printer paper and toner into his briefcase on his way out the door. This situation best reflects a weakness in which aspect of internal environment, as discussed in the COSO Enterprise Risk Management Framework? A) integrity and ethical values B) risk management philosophy C) restrict access to assets D) methods of assigning authority and responsibility
integrity and ethical values
A(n) ________ helps top-level managers with high-level activities that demand frequent and regular attention. A) boundary system B) diagnostic control system C) interactive control system D) internal control system
interactive control system
Which type of audit assesses employee compliance with management policies and procedures? A) external audit B) internal audit C) network security audit D) all of the above
internal audit
The SEC and FASB are best described as external influences that directly affect an organization's A) hiring practices. B) philosophy and operating style. C) internal environment. D) methods of assigning authority.
internal environment.
According to the Trust Services Framework, the reliability principle of integrity is achieved when the system produces data that A) is available for operation and use at times set forth by agreement. B) is protected against unauthorized physical and logical access. C) can be maintained as required without affecting system availability, security, and integrity. D) is complete, accurate, and valid.
is complete, accurate, and valid.
One of the key objectives of segregating duties is to A) ensure that no collusion will occur. B) achieve an optimal division of labor for efficient operations. C) make sure that different people handle different transactions. D) make sure that different people handle different parts of the same transaction.
make sure that different people handle different parts of the same transaction.
Which of the following was not an important change introduced by the Sarbanes-Oxley Act of 2002? A) new roles for audit committees B) new rules for auditors and management C) new rules for information systems development D) the creation of the Public Company Accounting Oversight Board
new rules for information systems development
According to the ERM, ________ deal with the effectiveness and efficiency of company operations, such as performance and profitability goals. A) compliance objectives B) operations objectives C) reporting objectives D) strategic objectives
operations objectives
Reducing management layers, creating self-directed work teams, and emphasizing continuous improvement are all related to which aspect of internal environment? A) organizational structure B) methods of assigning authority and responsibility C) management philosophy and operating style D) commitment to competence
organizational structure
The definition of the lines of authority and responsibility and the overall framework for planning, directing, and controlling is laid out by the A) control activities. B) organizational structure. C) budget framework. D) internal environment.
organizational structure.
To ensure compliance with copyrights and to protect itself from software piracy lawsuits, companies should ________. A) periodically conduct software audits B) update the operating system frequently C) buy software from legitimate suppliers D) adopt cloud operating platforms
periodically conduct software audits
Information security procedures protect information integrity by A) preventing fictitious transactions. B) reducing the system cost. C) making the system more efficient. D) making it impossible for unauthorized users to access the system.
preventing fictitious transactions.
A control procedure designed so that the employee that records cash received from customers does not also have access to the cash itself is an example of a(n) A) preventive control. B) detective control. C) corrective control. D) authorization control.
preventive control.
Internal control is often referred to as a(n) ________, because it permeates an organization's operating activities and is an integral part of management activities. A) event B) activity C) process D) system
process
The audit committee of the board of directors A) is usually chaired by the CFO. B) conducts testing of controls on behalf of the external auditors. C) provides a check and balance on management. D) does all of the above.
provides a check and balance on management.
The Director of Information Technology for the city of Tampa, Florida formed a company to sell computer supplies and software. All purchases made on behalf of the City were made from her company. She was later charged with fraud for overcharging the City, but was not convicted by a jury. The control issue in this case arose because the Director had both ________ and ________ duties. A) custody; authorization B) custody; recording C) recording; authorization D) management; custody
recording; authorization
Upon getting into your new car, you suddenly became worried that you might become injured in an auto accident. In response, you decided to drive 5 miles under the speed limit. You chose to ________ the risk of being injured in an auto accident. A) reduce B) share C) avoid D) accept
reduce
Upon getting into your new car, you suddenly became worried that you might become injured in an auto accident. You decided to buckle your seat belt in response. You chose to ________ the risk of being injured in an auto accident. A) reduce B) share C) avoid D) accept
reduce
According to the COSO Enterprise Risk Management Framework, the risk assessment process incorporates all of the following components except A) reporting potential risks to auditors. B) identifying events that could impact the enterprise. C) evaluating the impact of potential events on achievement of objectives. D) establishing objectives for the enterprise.
reporting potential risks to auditors.
Which attribute below is not an aspect of the COSO ERM Framework internal environment? A) enforcing a written code of conduct B) holding employees accountable for achieving objectives C) restricting access to assets D) avoiding unrealistic expectations
restricting access to assets
The amount of risk a company is willing to accept in order to achieve its goals and objectives is A) inherent risk. B) residual risk. C) risk appetite. D) risk assessment.
risk appetite.
Virtualization refers to the ability of A) running multiple systems simultaneously on one physical computer. B) eliminating the need for a physical computer. C) using the Internet to perform all needed system functions. D) using web-based security to protect an organization.
running multiple systems simultaneously on one physical computer.
Which of the following is a control related to design and use of documents and records? A) locking blank checks in a drawer or safe B) sequentially prenumbering sales invoices C) reconciling the bank statement to the general ledger D) comparing physical inventory counts with perpetual inventory records
sequentially prenumbering sales invoices
An accounting policy that requires a purchasing manager to sign off on all purchases over $5,000 is an example of A) general authorization. B) specific authorization. C) special authorization. D) generic authorization.
specific authorization.
A ________ is created to guide and oversee systems development and acquisition. A) performance evaluation B) project development plan C) steering committee D) strategic master plan
steering committee
A document that shows all projects that must be completed and the related IT needs in order to achieve long-range company goals is known as a A) performance evaluation. B) project development plan. C) data processing schedule. D) strategic master plan.
strategic master plan.
According to the ERM, high level goals that are aligned with and support the company's mission are A) compliance objectives. B) operations objectives. C) reporting objectives. D) strategic objectives.
strategic objectives.
Applying the COBIT5 framework, monitoring is the responsibility of A) the CEO. B) the CFO. C) the board of directors. D) all of the above
the CEO, the CFO, and the board of directors.
A neural network is a software program that has A) the ability to read text. B) the ability to learn. C) the capability to extract information from an individual's brain. D) the capability to inject information into an individual's brain.
the ability to learn.
COSO requires that any internal deficiencies identified through monitoring be reported to whom? A) the external auditor B) appropriate federal, state, or local authorities C) the board of directors D) the audit committee
the board of directors
Applying the COBIT5 framework, governance is the responsibility of A) internal audit. B) external audit. C) management. D) the board of directors.
the board of directors.
Why did COSO develop the Enterprise Risk Management framework? A) to improve the audit process B) to improve the risk management process C) to improve the financial reporting process D) to improve the manufacturing process
to improve the risk management process
Why was the original 1992 COSO - Integrated Control framework updated in 2013? A) Congress required COSO to modernize. B) U.S. stock exchanges required more disclosure. C) to more effectively address technological advancements D) to comply with International accounting standards
to more effectively address technological advancements
The primary purpose of the Foreign Corrupt Practices Act of 1977 was A) to require corporations to maintain a good system of internal control. B) to prevent the bribery of foreign officials by American companies. C) to require the reporting of any material fraud by a business. D) All of the above are required by the act.
to prevent the bribery of foreign officials by American companies.
Which of the following is not an example of something monitored by a responsibility accounting system? A) budgets B) quotas C) vendor analysis D) quality standards
vendor analysis
Whitewater Rapids provides canoes to tourists eager to ride Whitewater river's rapids. Management has determined that there is one chance in a thousand of a customer being injured or killed. Settlement of resulting lawsuits has an average cost of $650,000. Insurance with a $50,000 deductible is available. It covers the costs of lawsuits, unless there is evidence of criminal negligence. What is the expected loss with insurance? A) $50 B) $650 C) $50,000 D) $650,000
$50
Whitewater Rapids provides canoes to tourists eager to ride Whitewater river's rapids. Management has determined that there is one chance in a thousand of a customer being injured or killed. Settlement of resulting lawsuits has an average cost of $650,000. Insurance with a $50,000 deductible is available. It covers the costs of lawsuits, unless there is evidence of criminal negligence. Based on cost-benefit analysis, what is the most that the business should pay for the insurance? A) $50 B) $500 C) $600 D) $650
$600
Whitewater Rapids provides canoes to tourists eager to ride Whitewater river's rapids. Management has determined that there is one chance in a thousand of a customer being injured or killed. Settlement of resulting lawsuits has an average cost of $650,000. Insurance with a $50,000 deductible is available. It covers the costs of lawsuits, unless there is evidence of criminal negligence. What is the expected loss without insurance? A) $50 B) $650 C) $50,000 D) $650,000
$650
Which of the following is not a principle related to information and communicating in the updated COSO Integrated Control framework? A) Communicate relevant internal control matters to external parties. B) Obtain or generate relevant, high-quality information to support internal control. C) Surround internal control processes with information technology that enables discrepancies to be identified. D) Internally communicate the information necessary to support the other components of internal control.
Surround internal control processes with information technology that enables discrepancies to be identified.
Which of the following measures can protect a company from AIS threats? A) Take a proactive approach to eliminate threats. B) Detect threats that do occur. C) Correct and recover from threats that do occur. D) All of the above are proper measures for the accountant to take.
Take a proactive approach to eliminate threats, Detect threats that do occur, and Correct and recover from threats that do occur.
Which of the following is not a factor of internal environment according to the COSO Enterprise Risk Management Framework? A) analyzing past financial performance and reporting B) providing sufficient resources to knowledgeable employees to carry out duties C) disciplining employees for violations of expected behavior D) setting realistic targets for long-term performance
analyzing past financial performance and reporting
Which type of control prevents, detects, and corrects transaction errors and fraud? A) general B) application C) detective D) preventive
application
Identify a party below who was involved with developing the Trust Services Framework. A) FASB B) United States Congress C) AICPA D) IMA
AICPA
Which internal control framework is widely accepted as the authority on internal controls? A) COBIT B) COSO Integrated Control C) COSO Enterprise Risk Management D) Sarbanes-Oxley Control Framework
COSO Integrated Control
Which of the following is not a basic principle of the COSO ERM framework? A) Companies are formed to create value for society. B) Management must decide how much uncertainty it will accept to create value. C) Uncertainty results in risk. D) Uncertainty results in opportunity.
Companies are formed to create value for society.
Which of the following is not a commonly used technique used to identify potential events? A) performing internal analysis B) monitoring leading events C) conducting interviews D) none of the above
NOT performing internal analysis, monitoring leading events, and conducting interviews
The largest differences between the COSO Integrated Control (IC) framework and the COSO Enterprise Risk Management (ERM) framework is A) IC is controls-based, while the ERM is risk-based. B) IC is risk-based, while ERM is controls-based. C) IC is required, while ERM is optional. D) IC is more applicable to international accounting standards, while ERM is more applicable to generally accepted accounting principles.
IC is controls-based, while the ERM is risk-based.
Which of the following is not one of the three fundamental information security concepts? A) Information security is a technology issue based on prevention. B) Security is a management issue, not a technology issue. C) The idea of defense-in-depth employs multiple layers of controls. D) The time-based model of security focuses on the relationship between preventive, detective and corrective controls.
Information security is a technology issue based on prevention.
________ is the risk that exists before management takes any steps to mitigate it. A) Inherent risk B) Residual risk C) Risk appetite D) Risk assessment
Inherent risk
Identify the statement below which is true. A) Requiring two signatures on checks over $20,000 is an example of segregation of duties. B) Although forensic specialists utilize computers, only people can accurately identify fraud. C) Internal auditors, rather than external auditors, can conduct evaluations of effectiveness of Enterprise Risk Management processes. D) Re-adding the total of a batch of invoices and comparing the total with the first total you calculated is an example of an independent check.
Internal auditors, rather than external auditors, can conduct evaluations of effectiveness of Enterprise Risk Management processes.
Identify the statement below that is not true of the 2013 COSO Internal Control updated framework. A) It more efficiently deals with control implementation and documentation issues. B) It more effectively deals with control implementation and documentation issues. C) It provides users with more precise guidance. D) It adds many new examples to clarify the framework concepts.
It more efficiently deals with control implementation and documentation issues.
Why are threats to accounting information systems increasing? A) Many companies do not realize that data security is crucial to their survival. B) LANs and client/server systems are easier to control than centralized, mainframe systems. C) Many companies believe that protecting information is a strategic requirement. D) Computer control problems are often overestimated and overly emphasized by management.
Many companies do not realize that data security is crucial to their survival.
Of the following examples of fraud, which will be the most difficult to prevent and detect? Assume the company enforces adequate segregation of duties. A) A mail room employee steals a check received from a customer and destroys the documentation. B) The accounts receivable clerk does not record sales invoices for friends or family, so they can receive free goods. C) An employee puts inventory behind the dumpster while unloading a vendor's delivery truck, then picks up the inventory later in the day and puts it in her car. D) Mike issues credit cards to him and Maxine, and when the credit card balances are just under $1,000, Maxine writes off the accounts as bad debt. Mike then issues new cards.
Mike issues credit cards to him and Maxine, and when the credit card balances are just under $1,000, Maxine writes off the accounts as bad debt. Mike then issues new cards.
________ is not a risk responses identified in the COSO Enterprise Risk Management Framework. A) Acceptance B) Avoidance C) Monitoring D) Sharing
Monitoring
________ objectives help ensure the accuracy, completeness and reliability of internal and external company reports, Applying the ERM framework. A) Compliance objectives B) Operations objectives C) Reporting objectives D) Strategic objectives
Reporting objectives
________ remains after management implements internal control(s). A) Inherent risk B) Residual risk C) Risk appetite D) Risk assessment
Residual risk
At a movie theater box office, all tickets are sequentially prenumbered. At the end of each day, the beginning ticket number is subtracted from the ending number to calculate the number of tickets sold. Then, ticket stubs collected at the theater entrance are counted and compared with the number of tickets sold. Which of the following situations does this control detect? A) Some customers presented tickets purchased on a previous day when there wasn't a ticket taker at the theater entrance (so the tickets didn't get torn.) B) A group of kids snuck into the theater through a back door when customers left after a show. C) The box office cashier accidentally gives too much change to a customer. D) The ticket taker admits his friends without tickets.
Some customers presented tickets purchased on a previous day when there wasn't a ticket taker at the theater entrance (so the tickets didn't get torn.)
Congress passed this federal law for the purpose of preventing financial statement fraud, to make financial reports more transparent and to strengthen the internal control of public companies. A) Foreign Corrupt Practices Act of 1977 B) The Securities Exchange Act of 1934 C) The Sarbanes-Oxley Act of 2002 D) The Control Provision of 1998
The Sarbanes-Oxley Act of 2002
At a movie theater box office, all tickets are sequentially prenumbered. At the end of each day, the beginning ticket number is subtracted from the ending number to calculate the number of tickets sold. Cash is counted and compared with the number of tickets sold. Which of the following situations does this control detect? A) Some customers presented tickets purchased on a previous day when there wasn't a ticket taker at the theater entrance (so the tickets didn't get torn.) B) A group of kids snuck into the theater through a back door when customers left after a show. C) The box office cashier accidentally gives too much change to a customer. D) The ticket taker admits his friends without tickets.
The box office cashier accidentally gives too much change to a customer.