cia 3
Under the COSO's ERM framework, which of the following most accurately describes risk management responsibilities?
In practice, management has primary responsibility.
Enterprise risk management
Involves the identification of events with negative impacts on organizational objectives.
The internal auditors' responsibility regarding fraud includes all of the following except
ensuring that fraud will not occur
An internal auditor suspects that a mailroom clerk is embezzling funds. In exercising due professional care, the internal auditor should
evaluate fraud indicators and decide whether further action is necessary
A key feature that distinguishes fraud from other types of crime or impropriety is that fraud always involves the
false representation or concealment of a material fact
The most appropriate trend analysis to indicate this potential fraud is
loan default rates by loan officer
Which of the following goals sets risk management strategies at the optimum level?
maximize shareholder value
Management has a role in the maintenance of control. In fact, management sometimes is a control. Which of the following most likely involves managerial functions as a control?
monitoring performance
The internal auditors are assessing the risk of fraud involving senior management. An impact factor is
nonretention of customers
Number 1, "John was trusted completely . . .," is an example of a(n)
opportunity to commit
When an internal auditor identifies multiple factors that have been linked with possible fraudulent conditions and suspects that fraud has taken place, the auditor should
recommend an investigation
In regard to The IIA's Electronic Systems Assurance and Control study, which of the following is not a business assurance objective?
recordability
Which of the following statements is correct regarding corporate compensation systems and related bonuses? 1) A bonus system should be considered part of the control environment of an organization and should be considered in formulating a report on internal control. 2) Compensation systems are not part of an organization's control system and should not be reported as such. 3)An audit of an organization's compensation system should be performed independently of an audit of the control system over other functions that impact corporate bonuses.
1 only
Internal auditors need to determine the extent to which management has established adequate control criteria. For this purpose, which of the following actions may be appropriate? 1)Determining whether objectives have been accomplished 2)Using management's adequate control criteria in their evaluation 3)Working with management to develop appropriate control evaluation criteria
1,2,and3
Which of the following statements is (are) true regarding the prevention of fraud? 3)The primary means of preventing fraud is through internal control established and maintained by management. 2)Internal auditors are responsible for assisting in the prevention of fraud by examining and evaluating the adequacy of the internal control system. 3)Internal auditors should assess the operating effectiveness of fraud-related communication systems.
1,2,and3
Which of the following may be assessed by the internal auditor to determine the effectiveness of the risk management process? 1)Significant risks 2)Ongoing monitoring activities 3)Previous risk evaluation reports by management, internal auditors, external auditors, and any other sources
1and2only
Which of the following items might alert the internal auditor to the possibility of fraud in the division?
A significant portion of management's compensation is directly tied to reported net profit of the division
Which of the following is an indicator of possible financial reporting fraud being perpetrated by management of a manufacturer?
A trend analysis discloses (1) sales increases of 50% and (2) cost of goods sold increases of 25%.
Fact Pattern: When an internal auditor followed up on a significant increase in maintenance supplies during the past year, a purchasing agent explained to the internal auditor that the primary reason for the increase was painting services and supplies. The internal auditor found a blanket purchase order without the normal bid or quote documentation. The blanket purchase order had been signed by the general manager and named the general manager's father as the sole contractor for painting services on the organization's projects. The auditor also found a number of large invoices, authorized for payment by the general manager, that showed the general manager's father as the person who signed for the receipt of the material at the supplier. What is the common indicator of fraud recognized by the internal auditor in this scenario?
Analytical procedures revealed an extraordinary increase in account balances.
Which of the following control models is fully incorporated into the broader integrated framework of enterprise risk management (ERM)?
COSO
Which of the following is not a component of the CoCo model?
Control environment.
After noting some red flags, an internal auditor has an increased awareness that fraud may be present. Which of the following best describes the internal auditor's responsibility?
Expand activities to determine whether an investigation is warranted.
Internal auditors should review the means of physically safeguarding assets from losses arising from
Exposure to the elements.
Which of the following is closely related to traditional risk management instead of enterprise risk management (ERM)?
Emphasis on specific functions.
An organization's directors, management, external auditors, and internal auditors all play important roles in creating a proper control environment. Senior management is primarily responsible for
Establishing a proper organizational culture and specifying a system of internal control.
Which of the following describes one of the responsibilities of the internal auditor for the deterrence of fraud in an organization?
Evaluating the adequacy of controls to prevent fraud.
Internal auditing is responsible for assisting in the prevention of fraud by
Examining and evaluating the adequacy and the effectiveness of control, commensurate with the extent of the potential exposure or risk in the various segments of the organization's operations
An engagement had been scheduled by the chief audit executive to address unusual inventory shortages revealed in the annual physical inventory process at a large consumer goods warehouse operation. A cycle count program had been installed in the storeroom at the beginning of the year in place of the disruptive process of counting one entire product line at the end of each month. The cycle count program appeared effective because only nine minor adjustments had been made for the entire year on the several thousand different products located in the storeroom. The storeroom supervisor explained that each of the 15 stockroom personnel selected one item each day for cycle count based on how efficiently the item could be counted. The opportunity for control-related problems including fraud has been increased in the stockroom because
Items for cycle count are selected by stockroom personne
Red flags are conditions that indicate a higher likelihood of fraud. Which of the following is not considered a red flag?
Management has delegated the authority to make purchases under a certain value to subordinates.
An internal auditor is investigating the performance of a division with an unusually large increase in sales, gross margin, and profit. Which of the following indicators is least likely to indicate the possibility of sales-related fraud in the division?
One of the division's major competitors went out of business during the year.
What is residual risk?
Risk that is not managed
Number 3, "Difficulties with personal financial problems," is an example of a(n)
Situational pressure.
Internal control can provide only reasonable assurance that the organization's objectives will be met efficiently and effectively. One factor limiting the likelihood of achieving those objectives is that
The cost of internal control should not exceed its benefits.
Which of the following are elements of the control environment
all of the anwers
When comparing perpetrators who have embezzled an organization's funds with perpetrators of financial statement fraud (falsified financial statements), those who have falsified financial statements are less likely to
be living beyond their obvious means of support
Which term best reflects the attitude and actions of the board and management regarding the significance of control within the organization?
control environment
Which of the following fraudulent entries is most likely to be made to conceal the theft of an asset?
debit expense and credit the asset
Which of the following statements is correct regarding corporate compensation systems and related bonuses? A bonus system should be considered part of the control environment of an organization and should be considered in formulating a report on internal control. Compensation systems are not part of an organization's control system and should not be reported as such. An audit of an organization's compensation system should be performed independently of an audit of the control system over other functions that impact corporate bonuses.
regular comparison of actual result with budgets
Which of the following activities is outside the scope of internal auditing?
safeguarding of assets
An unexpected decrease in which of the following ratios could indicate that fictitious inventory has been recorded?
total asset turnover