Forensic Acct, Final Test
True or False? Forensic accounting is the application of special skills in accounting, auditing, finance, quantitative methods, certain areas of the law, research and investigative skills to collect, analyze, interpret and communicate findings.
True Response Feedback: Correct! The statement is true. Forensic accounting includes all those elements.
Bribes are often mischaracterized as other types of transactions in the books and records of a business. Which of the following is NOT an example of transaction used to mischaracterize bribery? -Commissions -Consulting fees -Sales and marketing expense -Scientific incentive or studies -Travel and entertainment expense -Rebates or discounts -After sales service fees -Miscellaneous expense -Petty cash withdrawals -Free goods (e.g. for demonstration) -Intercompany trnasactions -Supplier or vendor payments -Write-offs -All of the above have been used, at some time, as a means to mischaracterize bribes.
-All of the above have been used, at some time, as a means to mischaracterize bribes.
Select ALL of the statements below that describe red flags associated with bribes through third parties. 1) There is no consulting agreement, or the agreement only vaguely describes the services to be performed. 2) The third-party consultant is knowledgeable and provides a bona fide service. 3) The consultant is a foreign national or is based in a country outside the United States. 4) The distributor or intermediary receives free goods or unreasonably large discounts. 5) The payments for the intermediary or third-party must be made to offshore accounts. 6) The payments to the third-party agents or consultants are excessive when compared with market rates. 7) A government official specifically requested or insisted on using this consultant. 8)A consultant has the same nationality or ethnic background as the government official with authority over business.
1) There is no consulting agreement, or the agreement only vaguely describes the services to be performed. 4) The distributor or intermediary receives free goods or unreasonably large discounts. 5) The payments for the intermediary or third-party must be made to offshore accounts. 6) The payments to the third-party agents or consultants are excessive when compared with market rates. 7) A government official specifically requested or insisted on using this consultant.
Identify all the potential forensic accounting techniques, as identified in the AICPA's Practice Aid entitled "Forensic Accounting - Fraud Investigation" (Check ALL that apply.) 1) Attorneys' opening statements in court 2) Analysis of financial transactions 3) Confidential sources 4) Public document review and background investigation 5) Jury instructions 6) Interviews of knowledgeable people 7) Physical surveillance and observation 8) Case law 9) Analysis of physical and electronic evidence 10) Undercover operations
2) Analysis of financial transactions 3) Confidential sources 4) Public document review and background investigation 6) Interviews of knowledgeable people 7) Physical surveillance and observation 9) Analysis of physical and electronic evidence 10) Undercover operations
Which of the following is NOT a role or responsibility of the board? 1. Evaluating the performance of management, challenging management and asking tough questions. 2. Directing the execution of the external audit. 3. Establishing or approving corporate strategies, including risk management strategies. 4. Setting the tone at the top, and establishing expectations about integrity, corporate, values and accountability. 5. Maintaining professional skepticism. 6. All of these are responsibilities of the board.
2. Directing the execution of the external audit. Response Feedback: The correct answer is " Directing the execution of the external audit. " While the board may retain the external auditors, and communicates with them, the auditor has primary responsibility for the execution of the audit.
Which of the following is always a characteristic of fraud? 1. Collusion 2. Criminal enforcement 3. Deception 4. Personal enrichment of the perpetrator
3. Deception Response Feedback: Correct! Deception is always an element of fraud, although the deceptive elements vary from scheme to scheme.
Which of the following are complexities associated with managing global fraud risk management programs? 1) Cultural differences about reporting potential wrongdoing. 2) Differing opportunities for fraud outside the scrutiny of corporate headquarters and in differing business environments. 3) Communication challenges associated with different language and diluted communications. 4) Global ERP accounting and information systems. 5) Answers 1, 2 and 3 are additional complexities associated with global fraud risk management programs. 6) All of the above are additional complexities associated with global fraud risk management programs. 7) None of these are additional complexities associated with global fraud risk management programs.
5) Answers 1, 2 and 3 are additional complexities associated with global fraud risk management programs. Response Feedback: Answers 1, 2 and 3 are true. Global ERP systems are generally helpful in reducing fraud risk.
Depending on the nature of the allegation, what types of subject matter expertise might be needed in the investigation team? -Industry expertise -Awareness of local customs and culture -Language fluency -Legal expertise -Knowledge of well-accepted investigation approaches -Electronic evidence handling expertise. -All of the above. -None of the above.
All of the above. Response Feedback: All of these may be needed, depending on the facts and circumstances of the allegation.
Which of the following is not a common source of fraud investigation evidence? -Electronic communications, including email. -General ledger and transaction data. -Observation -Interviews of knowledgeable people -Data analytics -Google and public records searches -Documents and contracts -All of these might be investigation evidence.
All of these might be investigation evidence.
True or False? Transparency International 's Corruption Perception Index can be used to identify or score higher risk transactions and business environments.
True
Which of the following is not a major category of occupational fraud according to the Association for Certified Fraud Examiners (ACFE)? a) Cybersecurity b) Corruption c) Asset misappropriation d) Financial reporting fraud
Cybersecurity Response Feedback: Correct! Cybersecurity is related, but is not included in the ACFE's Fraud Tree.
True or False? When evaluating the significance of a risk exposure, the forensic accountant's sole focus should be the potential dollar value of exposures in comparison to 5% of assets or other quanititative measure of materiality.
False Response Feedback: While quantitative measures of materiality are important, qualitative impact is also important in assessing the significance of risk. In particular, reputational risk should be considered as part of the fraud risk assessment.
________________ means "suitable for use in a court of law."
Forensic Response Feedback: Correct! Forensic is about the context, not the technical expertise or approach.
True or False? People who perpetrate frauds are usually identified by formal background checks, when they are performed.
False
True or False? Surveillance is a law enforcement tool and is never employed in accounting-related fraud investigations.
False Response Feedback: Surveillance tools are among the tools used by fraud investigators. Examples include analysis of information from corporate security cameras, building access logs. Investigators working in law enforcement tend to use these tools more frequently than those working in corporate settings.
The fundamental difference between internal control weaknesses resulting in errors and weaknesses resulting in fraud is ___________________.
Intent
True or False? If a fraud risk assessment is competent and thorough, it rarely needs to be updated.
False Response Feedback: A fraud risk assessment is a dynamic and iterative process for identifying fraud risks relevant to the organization. The principles of the Fraud Risk Management Guide specifically call for periodic reassessment of fraud risk, especially when there have been changes affecting the organization.
True or False? In order to maximize fraud deterrent effects, all the elements of the fraud control structure should be made known to employees, vendors and stakeholders.
False Response Feedback: Although an organization may want to describe and explain some aspects of its fraud detection techniques to its employees, vendors and stakeholders, certain aspects of the plan remain confidential.
True or False? The risks of management override of internal controls can be eliminated through a robust fraud risk management program, including active and vigorous oversight by the board.
False Response Feedback: Because management is primarily responsible for the design, implementation, and maintenance of internal control, the entity is always exposed to the danger of management override of controls, whether the entity is publicly held, private, not-for-profit, or governmental. A strong fraud risk management program and active oversight by the board can mitigate this risk, but does not eliminate it.
True or False? One of the disadvantages of smaller businesses and organizations is that it can be much more difficult to conduct a good fraud risk assessment.
False Response Feedback: Smaller entities are usually less complex in structure and operations. This makes a fraud risk assessment easier to perform.
True or False? The US has little or no risk of corruption.
False Response Feedback: This is a false statement. According to Transparency International, the US has a lower risk of corruption and bribery than many jurisdictions, but it is not the lowest in the world. Government corruption investigations continue to appear in the news. In the last 10 years, there have been recent convictions of government officials in Massachusetts.
True or False? Jose's company paid gifts to a government official in order to win a contract, but the contract was ultimately awarded to another company. Jose believes that he cannot be prosecuted, because he did not benefit from the payments. Is this true or false?
False Response Feedback: This is a false statement. The FCPA focuses on "corrupt intent" and does not require that the corrupt act must succeed in its purpose. (See FCPA Resource Guide, p. 14)
Massimo Corporation develops and sells pharmaceutical products. It wanted its products to be included in the formulary (list of approved products) in an Asian country with a government-run health care system. In order to build support for its products, it hosted a medical conference to which the doctors and government officials in the industry. The corporation hired an event planner, who was able to increase attendance at the event by 50%. Soon after the event, Massimo's products were added to the formulary. Massimo later learned that the event planner included gifts cards to all attendees in the welcome packet. Massimo's compliance officer has stated that Massimo has no potential exposure to FCPA liability, because the payments were not made in cash, because Massimo didn't directly offer the gift cards, and because Massimo didn't instruct the event planner to provide gifts to the attendees. Is the compliance officer's statement that Massimo has no exposure to FCPA liability true or false?
False Response Feedback: This is false. Massimo may have violated the FCPA regardless of whether or not the payments were made in cash or in other forms of value. A company can be held liable for the acts of its agents and intermediaries, even if they didn't direct the improper conduct.
True or False? The Federal Rules of Civil Procedure and Federal Rules of Evidence apply to all expert witness services provided in the United States.
False Response Feedback: This is false. The federal rules do apply to the federal court system, but other jurisdictions, like state courts, have different rules. Also, the rules and procedures for alternative dispute resolution procedures may differ from the federal rules.
True or False? The Foreign Corrupt Practices Act makes U.S.-based firms uncompetitive, because it is applicable only to companies with headquarters in the United States.
False Response Feedback: This is not true. The FCPA is applicable to any company on a U.S. securities exchange and those doing business in the US and many non-US companies.
True or False? Forensic interviews are planned, executed and documented exactly the same way as in an external audit.
False Response Feedback: This is not true. While, interviews are a technique for gathering evidential matter that are employed in both investigative and audit settings. In forensic settings, the interviews are usually carefully planned and documented to ensure that the evidence is usable in court.
True or False? In order to be valid and useful, a Fraud Risk Assessment must use numeric risk scores that assign weights to various fraud risk factors on an objective and repeatable basis to surface the risk areas on which to focus.
False Response Feedback: This statement is false. Formal risk scoring can be a helpful tool in performing a fraud risk assessment, but it is not required. Other methods of evaluating the likelihood of risk and the significance of the exposure can be used. Even informal risk rankings that use no numbers can be helpful.
True or False? COSO's Principle 8 requires the establishment of a comprehensive fraud risk management program.
False Response Feedback: This statement is false. Principle 8 requires that "the organization considers the potential for fraud in assessing risks to the achievement of objectives." The comprehensive fraud risk management program articulated in the Fraud Risk Management Guide is a best practice, but the requirement in the principles is more narrow.
Which of the following is NOT a recommended strategy for strengthening the board's knowledge of business and financial statement risks? a) Maintaining a broad network of information sources inside and outside the organization. b) Understanding the incentives, pressures, motivations and opportunities for wrongdoing within the company. c) Performing ratio analysis on detailed accounts and tracing transactions to underlying support. d) Communication with internal and external auditors.
Performing ratio analysis on detailed accounts and tracing transactions to underlying support. Response Feedback: Correct! Ratio analysis and tracing have great value, but are not the primary tools employed by audit committees or boards.
Which internal controls are most effective in reducing the impact of occupational fraud (measured in dollars lost)? a) Dedicated fraud department, function or team b) Hotline c) External audit of internal controls over financial reporting d) Management review e) Job rotation/mandatory vacation f) Proactive Data Monitoring/Analysis g) Surprise audits h) Management Certification of Internal Controls
Proactive Data Monitoring/Analysis
True or False? Under the "books and records provisions" (or accounting provisions), companies are required to make and keep books, records, and accounts, which, in reasonable detail, accurately and fairly reflect the transactions and dispositions of the assets of companies subject to the FCPA.
True
True or False? e-Discovery is the electronic aspect of identifying, collecting and producing electronically stored information (ESI) in response to a request for production in a lawsuit or an investigation.
True
True or False? A fraud risk assessment should be documented. One method for documentation is a matrix that lists identified fraud risks, and documents the evaluation of the likelihood of occurrence, the significance of the exposure, the personnel or departments involved, existing fraud control activities, their effectiveness, the residual fraud risks, and the responses to those residual risks.
True
True or False? According to the ACFE, a company is more likely to initially detect an occupational fraud scheme by a whistleblower tip than by an external audit.
True
True or False? Asset tracing is the search for evidence regarding the identity and disposition of property, often of misappropriated assets.
True
True or False? Benford's Law provides that the distribution of digits in multi-digit natural numbers is not random. By comparing the patters of such numbers to the predictable, expected patterns, forensic investigators can sometimes identify anomalies.
True
True or False? Data analytics techniques can help isolate transactions or trends the represent potential fraud and can help inform the fraud risk assessment process.
True
True or False? Electronically-stored information (ESI) includes many kinds of data and file types, including, but not limited to, emails, documents, .ppt files, databases, .jpg files, social media, web-sites and audio files.
True
True or False? External auditors who are engaged to examine the effectivness of an organization's internal control over financial reporting can assess the organization's implementation of COSO's internal control principle number 8 by using the Fraud Risk Management Guide.
True
True or False? Fraud risk tolerance is the level of fraud risk that an organization is willing to accept. It is not possible to eliminate all fraud risk.
True
True or False? Keyword searching scans free text fields and unstructured data to identify suspicious or high-risk language within data.
True
True or False? Management has the primary responsibility for preparing financial statements and safeguarding assets.
True
True or False? Many occupational frauds are detected as a result of tips. This is one of the reasons that whistleblower systems considered an important fraud control activity.
True
True or False? Money laundering is the act of concealing or disguising funds obtained through illegal activity so that they appear to have been generated through legal, legitimate sources.
True
True or False? One key defense against the risk of management override of internal controls is a vigorous whistleblower program.
True
True or False? Periodic reassessment of fraud control activities should include: Ensuring that existing controls are working as designed; Refreshing and updating the fraud risk assessment and design of the controls; and Seeking efficiencies and filling gaps.
True
True or False? The Association for Certified Fraud Examiners' "Fraud Tree" or other resources that identified a potential universe of fraud schemes can be helpful in ensuring that the fraud risk assessment considers various types of fraud.
True
True or False? The Securities and Exchange Commission mandates that SEC registrants (publicly-traded companies) have whistleblower systems.
True
True or False? The audit committee (or the full board) has the primary responsibility for mitigating the risk of management override of controls.
True
True or False? Fraud risk assessments are best performed by the CFO or Chief Accounting Officer, who should sign off as part of the quarterly certifications that they are individually responsible for the assessment.
True Response Feedback: Fraud risk assessmnets are typically performed by a risk assessment team, which includes individuals from throughout the organization with different knowledge skills and perspectives, not by one person acting alone.
True or False? During an investigation, investigators may document the chain of custody of evidence, which reflects the order in which a piece of evidence was acquired and handled and the unbroken train of accountabilty for that evidence.
True Response Feedback: This is a true statement, paraphrased from the Fraud Risk Management Guide.
True or False? One method for accomplishing litigation discovery is "request for production". These are requests for one party in a litigation to produce or make available certain specifically identified evidence, such as documents or electronic evidence.
True Response Feedback: This is a true statement. Additional information about discovery methods can be found in the AICPA Practice Aid.
True or False? It's generally better to consider the risk of management override as a separate risk during brainstorming.
True Response Feedback: This is a true statement. Often, when management override is not considered separately, it is never really addressed at all. It's a difficult dialogue, especially if management is part of the discussion. Making it an explicit element of the fraud risk management program helps make sure it is fully addressed.
True or False? Once an accountant has become an experienced forensic practitioner, they are qualified to provide legal advice regarding whether legal privileges will apply to specific investigation outputs.
True Response Feedback: This is false. Accountants may have subject matter expertise in the execution of investigations, and are usually expected to have familiarity with the legal context of their work and to generally understand the concepts relating to legal privileges. However, they are not licensed to practice law. Unless they are lawyers, and acting in that capacity, forensic accountants should not render legal advice or express a legal opinion.
A company in Fall River, Massachusetts sells three pieces of diagnostic equipment, each costing $1.5 million, to the Chinese health ministry. The health officials travel to the US to receive training on the use of the equipment. The seller has a state-of-the-art training facility with demonstrator models of its equipment in Fall River. The seller bundles the cost of the training, lodging and meals at the training facility into the cost of the equipment. The company's compliance officer states that it is likely that these will not be considered corrupt payments. Is this true or false?
True Response Feedback: This is true. The FCPA does not prohibit business transactions with legitimate business purpose, such as training for product use. If the travel-related expenditures were luxurious or primarily entertainment-related, the answer would likely be different.
True or False? Controls that prevent fraudulent transactions and processes that detect fraudulent transactions are both fraud control activities.
True Response Feedback: This statement is true. A fraud control activity is a specific procedure or process intended to either prevent or detect fraud.
A company has a whistleblower system that is entirely in English. Since their headquarters is in Boston, so there's no need to worry about other allegations made in languages other than English. Right or wrong?
Wrong Response Feedback: This statement is wrong. Lots of Boston-based companies have business transactions all over the world. Also, there are employees and business partners in the New England area that are either non-English speakers, or feel more comfortable speaking in languages other than English. Even companies that are based in Boston need to carefully consider whether their whistleblower systems need to accomodate languages other than English.
Which of the following controls are primarily preventive in nature? (Check ALL that apply.) a) A company's business process requires signature of a manager outside the accounting function before allowing a cash disbursement. b) A company conducts a physical inventory and conducts a book-to-physical reconciliation every six months. c) A manufacturing company conducts month-end data analytics to identify stores with low sales. Internal audit focuses on these stores during its periodic audits. d) A company conducts exit interviews, in which it asks departing employees about any ethical violations and their reasons for leaving. e) A company's information technology department is off-site and physically secured from intrusion. f) A telecommunications company uses valuable copper wiring for repairs of its transmission lines. The inventory of wiring is kept in locked storage facility when not needed by the repair team members. g) A credit card processing company uses a technology that risk-scores transactions and prevents them from occurring if they are deemed too high risk. h) A small not-for-profit company outsources is cash disbursement function. Any disbursement requests are faxed to the outsourced provider, they are loaded to a password protected on-line portal. The CEO reviews and approves disbursements on the on-line portal. The outsourced provider cuts the checks and mails them.
a) A company's business process requires signature of a manager outside the accounting function before allowing a cash disbursement. e) A company's information technology department is off-site and physically secured from intrusion. f) A telecommunications company uses valuable copper wiring for repairs of its transmission lines. The inventory of wiring is kept in locked storage facility when not needed by the repair team members. g) A credit card processing company uses a technology that risk-scores transactions and prevents them from occurring if they are deemed too high risk. h) A small not-for-profit company outsources is cash disbursement function. Any disbursement requests are faxed to the outsourced provider, they are loaded to a password protected on-line portal. The CEO reviews and approves disbursements on the on-line portal. The outsourced provider cuts the checks and mails them. Response Feedback: Because of the deterrent effect of a control system, all controls have some preventive effects. That said, controls are primarily preventive if they prevent the improper transactions before they occur. The following are primarily detective in nature: Physical inventory counts and related reconciliations: They detect losses after they occur. Exit interviews identify issues at the point of employee departure detecting problems after occurrence. Month-end data analytics detect anomalous transactions after they occur.
Which statement is true? a) A positive corporate culture has a positive affect on all three sides of the fraud triangle (pressure and incentives, rationalization, and opportunity) b) The easiest way to build a strong corporate culture is to hire ethical people. c) Although a positive corporate culture keeps employees happy and reduces the incentives to commit fraud, the impact cannot be quantitatively measured. d) Companies should have a consistent, one-time communication about expectations and code of conduct. It should be communicated in a written policy at the time of hire.
a) A positive corporate culture has a positive affect on all three sides of the fraud triangle (pressure and incentives, rationalization, and oppotunity) Response Feedback: Strong ethics and fraud deterrence communicatons are ongoing. They may be communicated at the time of hire, but they shouldn't be "one and done". They have a measurable positive impact on all aspects of the fraud triangle.
Which of the following are human resources-related fraud control activities? (Check ALL that apply.) a) A technology retailer company conducts fraud risk management training for its internal audit staff and all store managers. b) The audit committee talks with the external auditors about observations arising from the review of quarterly financial statements. c) A hospital has a high volume of billing for patient services. On a monthly basis, the hospital performs analytics to search for unusual patterns in cash receipts transactions and accounts receivable balances. d) A consulting company conducts an annual employee survey that includes questions about employee satisfaction, understanding of corporate objectives, whether the employees have observed misconduct in the most recent year and whether they feel comfortable in reporting misconduct. e) A company conducts background investigations for all new recruits at the manager level and above. f) An insurance company routinely conducts exit interviews with departing employees to determine the reasons for their resignation. During that interview, they ask about whether the departing employee has any concerns about integrity of their supervisors or misconduct at the organization. g) A clothing manufacturing changes the dyes in its manufacturing process to reduce environmental impact.
a) A technology retailer company conducts fraud risk management training for its internal audit staff and all store managers. d) A consulting company conducts an annual employee survey that includes questions about employee satisfaction, understanding of corporate objectives, whether the employees have observed misconduct in the most recent year and whether they feel comfortable in reporting misconduct. e) A company conducts background investigations for all new recruits at the manager level and above. f) An insurance company routinely conducts exit interviews with departing employees to determine the reasons for their resignation. During that interview, they ask about whether the departing employee has any concerns about integrity of their supervisors or misconduct at the organization. Response Feedback: Background investigations, training, fair performance and compensation systems, employee surveys and exit interviews are all examples of human resources-related fraud control activities.
What is an investigation predicate? a) An allegation or reason to investigate. b) A custodian of paper or electronic evidence. c) The person or governing body that is responsible for the decision-making about the investigation. d) An initial fraud theory.
a) An allegation or reason to investigate. Response Feedback: An investigation predicate is an allegation or a reason to investigate.
Which are major provisions of the U.S. Foreign Corrupt Practices Act? (Check ALL that apply.) a) Anti-bribery provisions b) Justice provisions c) Accounting provisions d) United Kingdom provisions
a) Anti-bribery provisions c) Accounting provisions Response Feedback: The FCPA's major provisions are the anti-bribery provisions and the accounting provisions.
Which of the following is NOT true? a) At most companies, electronically stored information is generally smaller in volume than contracts, correspondence and other paper-based information. b) Unlike hard-copy evidence, electronic evidence often contains metadata, such as time-date stamps, author and recipient information and file properties. c) Electronically stored information is vulnerable to change or loss until it has been forensically copied and retained, or otherwise preserved. d) There are a number of specialized software tools and techniques for managing the e-Discovery process.
a) At most companies, electronically stored information is generally smaller in volume than contracts, correspondence and other paper-based information. Response Feedback: All of these are true, except that in most companies, the volume of electronically-stored information is vastly greater than paper-based information.
A small construction company has 15 employees. There is only one person that works in the office, other than the owner. The office manager handles all aspects of cash disbursement, cash receipts and bookkeeping. The owner understands that he cannot adequately segregate the duties in the office. Which two mitigating controls would be most effective in reducing the risk of cash-related frauds? a) Every month, as part of their management meeting, the owner and construction foreman review a list of all disbursements and all customer accounts to identify any unusual transactions. b) Conduct periodic background checks on the office manager. c) Ask the office manager to annually certify her bookkeeping work. Correct d) Have a copy of the bank statement sent directly to his house, and review the bank reconciliation prepared by the office manager.
a) Every month, as part of their management meeting, the owner and construction foreman review a list of all disbursements and all customer accounts to identify any unusual transactions. Response Feedback: Background checks, while helpful, will not usually address the risks associated with segregation of duties. Annual certifications can be helpful, especially in larger organizations, in forcing executives to acknowledge their organizational responsibilities, but are less effective in detecting cash frauds. Mitigating controls generally reduce access to assets or increase review and reconciliation procedures.
The American Institute of Certified Public Accountants describes two types of forensic accounting services. They are (check two): a) Investigative services b) Insurance services c) Enforcement services d) Detective services e) Litigation services
a) Investigative services e) Litigation services
Which of the following is a true statement? a) It is a leading practice to assign the responsibility for fraud risk management to a a single senior executive to establish and organizational commitment and to ensure accountability for the program. b) If a single senior executive were assigned responsibility for fraud risk management, other executives would not put significant emphasis on fraud. c) The performance objectives for the people with responsibility for fraud risk management should include metrics on th reduction in reports of fraud allegations over time. d) Once a senior executive has been given responsibility for a fraud risk management program, the governance over the program shifts to that executive.
a) It is a leading practice to assign the responsibility for fraud risk management to a a single senior executive to establish and organizational commitment and to ensure accountability for the program. Response Feedback: It is important to assign the responsibility for fraud risk management to a single senior executive to establish and organizational commitment and to ensure accountability for the program. The other answers are not true. Assigning one person to be accountable for the program does not reduce the responsibility of everyone in the organization to be accountable for fraud risk management. Although the person who has responsibility for fraud risk management should be accountable, it would not be appropriate to incentivize for a reduction in reports of fraud. In fact, reporting of potential frauds should be encouraged. Finally, governance responsibility remains with the board.
Which of the following is a true statement? a) Judges and juries, not accountants, are responsible for concluding whether specific conduct meets the legal definition of fraud. b) A fraud audit is an attest service defined by the American Institute of Certified Public Accountants. c) Fraud is most often detected by external auditors. d) As part of an audit under generally accepted audit procedures, CPAs form a conclusion as to whether a company has experienced fraud.
a) Judges and juries, not accountants, are responsible for concluding whether specific conduct meets the legal definition of fraud. While we frequently discuss fraud and fraud characteristics, and investigate potential frauds, the ultimate conclusion as to whether specific conduct meets a legal definition is the responsibility of judges and juries.
When an employee misappropriates case by diverting a payment from one customer for their own use, and then hides the defalcation by diverting cash receipts from another customer to offset the receivable from the first customer, the scheme is called _________________. a) Lapping b)Application error c) Account shelling d) Skimming
a) Lapping Response Feedback: Correct. This is lapping.
Trusts, offshore banks and bank transfer activity are typically elements of what kind of money laundering stage? a) Layering b) Placement c) Proceeds of crime d) Integration
a) Layering Response Feedback: Layering is the process of moving, dispersing an disguising funds to conceal their illegal origin and make them more useful. Offshore banks, trusts and transfers of money are frequently used to layer assets.
Bulk movement is an example of which type of money laundering technique? a) Placement b) Proceeds of crime c) Layering d) Integration
a) Placement Response Feedback: Bulk movement refers to a common placement technique, describing smuggling of cash, monetary instruments and other small valuable assets.
Identify all the examples and indicators of a positive corporate culture that promotes ethics and deters fraud. (Check ALL that apply. Correct answers earn points. Incorrect answers lose points.) Answers: Correct a) The board has set overall objectives for the fraud risk management at the company, but delegates the responsibility for executing the program to the head of internal audit. The audit committee chair meets quarterly with the head of internal audit to receives progress reports on the program and identify any potential fraud occurrences. b) Board members are well-informed about the economic environment and the business conditions. They ask good, detailed questions about the organization's operations, financial reports and future prospects. They seek differing sources of information, including various members of management and outsiders. c) The CFO was recently divorced. During the divorce proceedings, the CFO's former husband .alleged that she had withheld critical financial information and lied to the the court. The court ruled that she had made significant misstatements and ruled in favor of her husband. It caused a great deal of gossip in the company, but the CEO made clear that personal matters, like a divorce, had no bearing on the CFO's role within the company. d) A not-for-profit organization has a clear statement of values and ethics. They developed the statement with input from the board, management and lower level staff. It talks about the real challenges that the organization faces. The organization put the statement on its website and the senior management continues to cite the statement when describing the reasons for some of their decisions. e) A company has a code of conduct and whistleblower policy that was authored by a leading law firm based on its standard recommendations to its clients. The company has operations in 12 countries, but all the documentation is in English. The company plans to retain the law firm to update it, since it hasn't been revised in 3 years. Correct f) An accounting staff member identified a potential issue in the financial statements that would cause them to be misstated. He raised the concern with his supervisor, and the issuance of the financial statements was delayed. The day the delay in issuing financial results was announced, the company's stock price dropped 16%. The accounting staff member and the supervisor received positive performance reviews at year end. g) The Chief Operating Officer has driven down employee expense reimbursements by 15%, but takes the corporate jet to his vacation home. h) The company conducts an annual employee survey that measures employee satisfaction and other metrics. The survey asks specific questions about whether employees and their supervisors are aware of the code of conduct and feel comfortable reporting suspected wrongdoing. i) The company's top three salesman drive a significant amount of revenue. Their supervisors are aware that they routinely take clients out to lavish entertainment, including dinner, sports events, and rock concerts, some of which is not compliant with the company's stated policies. The salesman are reimbursed for their expenses associated with client entertainment and receive year-end bonuses for closing sales. j) Sridhar works for ABC Corp. He is concerned that his supervisor's instruction to reduce inventory reserves is not appropriate, because the inventories in the warehouse for his his business unit are increasingly obsolete and unsaleable. He checked the code of conduct, and it included specific guidance on how to raise his concerns and reconcile differences of opinion. He was reassured by statements that there will be no retaliation if he uses this procedures. k) The CEO of the company has an annual "Chairman's Values Award" which honors an employee that best exemplifies the company's ethical standards. l) A company conducts annual training on ethics, fraud and regulatory compliance matters. Each year, they update the training to focus on areas of highest risk. Completion of training is considered in year end performance reviews.
a) The board has set overall objectives for the fraud risk management at the company, but delegates the responsibility for executing the program to the head of internal audit. The audit committee chair meets quarterly with the head of internal audit to receives progress reports on the program and identify any potential fraud occurrences. b) Board members are well-informed about the economic environment and the business conditions. They ask good, detailed questions about the organization's operations, financial reports and future prospects. They seek differing sources of information, including various members of management and outsiders. d) A not-for-profit organization has a clear statement of values and ethics. They developed the statement with input from the board, management and lower level staff. It talks about the real challenges that the organization faces. The organization put the statement on its website and the senior management continues to cite the statement when describing the reasons for some of their decisions. f) An accounting staff member identified a potential issue in the financial statements that would cause them to be misstated. He raised the concern with his supervisor, and the issuance of the financial statements was delayed. The day the delay in issuing financial results was announced, the company's stock price dropped 16%. The accounting staff member and the supervisor received positive performance reviews at year end. h) The company conducts an annual employee survey that measures employee satisfaction and other metrics. The survey asks specific questions about whether employees and their supervisors are aware of the code of conduct and feel comfortable reporting suspected wrongdoing. j) Sridhar works for ABC Corp. He is concerned that his supervisor's instruction to reduce inventory reserves is not appropriate, because the inventories in the warehouse for his his business unit are increasingly obsolete and unsaleable. He checked the code of conduct, and it included specific guidance on how to raise his concerns and reconcile differences of opinion. He was reassured by statements that there will be no retaliation if he uses this procedures. k) The CEO of the company has an annual "Chairman's Values Award" which honors an employee that best exemplifies the company's ethical standards. l) A company conducts annual training on ethics, fraud and regulatory compliance matters. Each year, they update the training to focus on areas of highest risk. Completion of training is considered in year end performance reviews.
Ideally, organizations should develop criteria that they will use to calibrate their investigation response to different types of allegations. The following is a list of example criteria. Which of the following generally requires a greater response (for example, major investigations sponsored by senior executives or the board). Check ALL that apply. Do not check those that generally could be considered criteria for a lesser response (for example, routine investigations handled by management). a) A software company periodically compares the payroll and accounts payable records as part of its internal control procedures. One month, they detected a vendor with the same address as one of their employees. The company's internal auditors suspects a fictitious vendor. b) A cruise ship company receives a whistleblower report of a pattern of bribes to foreign government officials to ensure timely arrivals and departures from ports of call. c) A toy manufacturer learns that one of its product engineers has hidden five reports of child deaths associated with their leading toy category. d) The company's bank officer called because the company's bank balance is insufficient. The company reconciles cash weekly, and the corporate controller reviews the bank reconciliations. According to the bank reconciliations, there should be $2 million in the account. e) The CEO's secretary maintains a petty cash fund has about $500 in it. The company learns she has been paying for her own lunches from the fund. f) The allegation suggests that one of the regional controllers hid the quantities of excess and obsolete inventory from the external auditors. g) Allegations that raise concerns about the safety of customers, employees or the public. h) The matter involves an accounts payable clerk one of the divisions of a US subsidiary in a global multinational manufacurer.
b) A cruise ship company receives a whistleblower report of a pattern of bribes to foreign government officials to ensure timely arrivals and departures from ports of call. c) A toy manufacturer learns that one of its product engineers has hidden five reports of child deaths associated with their leading toy category. d) The company's bank officer called because the company's bank balance is insufficient. The company reconciles cash weekly, and the corporate controller reviews the bank reconciliations. According to the bank reconciliations, there should be $2 million in the account. f) The allegation suggests that one of the regional controllers hid the quantities of excess and obsolete inventory from the external auditors. g) Allegations that raise concerns about the safety of customers, employees or the public.
Which phrases describe a legal privilege that mightpotentially pertain to a fraud investigation or legal dispute? (Check ALL that apply.) a) CPA-client privilege. b) Attorney work product doctrine c) Doctrine of investigational authority. d) Attorney-client privilege.
b) Attorney work product doctrine d) Attorney-client privilege. Response Feedback: Two kinds of legal privileges often apply to investigations and legal disputes. They are "Attorney Client Privilege" and the "Attorney Work Product Doctrine". Either or both might apply to a fraud investigation or legal dispute. A forensic accountant's work is often structured to fall within the attorney work product doctrine.
What is an investigation sponsor? a) The person who recommends indviduals for membership in the Association for Certified Fraud Examiners. b) The person or governing body that has decision-making authority over the investigation. c) The law firm or lawyer that provides legal counsel. to the investigation team. d) The person or business that provides the financial resources necessary to execute the investigation.
b) The person or governing body that has decision-making authority over the investigation. Response Feedback: An investigation sponsor is the person or governing body, usually within the organization, that has decision-making authority over the investigation and takes overall responsibility for it.
dentify all the asset misappropriation schemes from the list below. (Check as many as you identify.) a) Two employees in the purchasing department collude with a contractor to ensure that the contractor's bid for construction of a new building is accepted. The supplier sends the two employees on an all-expense paid vacation. b) Bathi works in the payables department. Jane works in corporate accounting and has responsibility for bank reconciliations. Bathi cuts a check made payable to Jane. Jane alters the bank reconciliation to hide the transaction and later, records an entry to reflect the check as a severance payment to a terminated employee. Jane deposits the check and splits the money with Bathi. c) An employee in the stockroom identifies damaged goods that can no longer be sold as first quality. The employee sells the goods on eBay as scrap, consistent with company policy. The scrap proceeds are returned to the company and is used to pay for the holiday party. d) A manager sets up his own company, "JKL and Co." The manager prepares invoices from JKL and Co which purport to reflect purchases of $2,500 in paper clips, markers, and printer ink, although JKL and Co sent no such goods. The manager approves the invoices for payment and a disbursement is sent to JKL and Co. The manager later transfers the money to his own account. e) An employee in the stockroom reports that several items are damaged and have been discarded. The employee sells the items on eBay and keeps the money. f) Sheng owns a software development company in Massachusetts. Sheng wants to increase sales for the quarter to meet the expectations of his investors. Annette owns a rival company in New Hampshire. At a recent trade meeting, they discussed how unreasonable investors can be, and the possibility of partnering together on projects. In the meantime, they each agreed to buy a license each other's software products for $100,000. There is a potential that they might use the software in their joint venture. In the meantime, they will both have $100,000 in additional sales. Since they will both buy each other's products, no cash will need to change hands. g) Bob is the store manager for Badtonio's Pizza. Bob enters all the sales that are paid by credit card and check into the cash register. Sometimes he enters cash transactions into the cash register, but other cash sales are put into an envelope. At the end of the day, Bob destroys the customer order tickets for these cash sales. Bob keeps the cash, but never records the sales. h) An employee uses his corporate card to fill up the gas tank on his RV before his vacation. He reports the expenditure as business-related and is reimbursed for all his corporate card expenditures. i) An employee overstates her overtime hours to earn money than she is entitled to. j) A manager has analyzed accounts receivable and concluded that he needs to increase the allowance for doubtful accounts to fairly state the net accounts receivable. But, he delays recording the increase to the allowance for doubtful accounts until after the quarter end because he and his teammates will not otherwise meet the profit targets in the bonus program. He tells himself that he should give the customers more time to pay the receivables, especially since the economy is improving.
b) Bathi works in the payables department. Jane works in corporate accounting and has responsibility for bank reconciliations. Bathi cuts a check made payable to Jane. Jane alters the bank reconciliation to hide the transaction and later, records an entry to reflect the check as a severance payment to a terminated employee. Jane deposits the check and splits the money with Bathi. d) A manager sets up his own company, "JKL and Co." The manager prepares invoices from JKL and Co which purport to reflect purchases of $2,500 in paper clips, markers, and printer ink, although JKL and Co sent no such goods. The manager approves the invoices for payment and a disbursement is sent to JKL and Co. The manager later transfers the money to his own account. e) An employee in the stockroom reports that several items are damaged and have been discarded. The employee sells the items on eBay and keeps the money. g) Bob is the store manager for Badtonio's Pizza. Bob enters all the sales that are paid by credit card and check into the cash register. Sometimes he enters cash transactions into the cash register, but other cash sales are put into an envelope. At the end of the day, Bob destroys the customer order tickets for these cash sales. Bob keeps the cash, but never records the sales. h) An employee uses his corporate card to fill up the gas tank on his RV before his vacation. He reports the expenditure as business-related and is reimbursed for all his corporate card expenditures. i) An employee overstates her overtime hours to earn money than she is entitled to.
Which of the following is NOT one of the three commonly recognized stages of the money laundering process? a) Placement b) Criminal proceeds c) Layering d) Integration
b) Criminal proceeds Response Feedback: The three commonly recognized stages of money laundering are placement, layering and integration.
You are investigating an allegation that vendors may be submitting invoices twice in the hope that they will be paid multiple times. Which of the following data analyses would be the easiest way to identify such invoices? a) Textual analysis b) Duplicate search c) Benford's law analysis d) Correlation analysis
b) Duplicate search Response Feedback: Duplicate testing is used to identify duplicate values in data fields that are normally expected to have unique values. For example, government IDs, invoice numbers and check numbers are usually unique. Searching for duplicates (or near duplicates) of such values are a good way to find anomalies that warrant further investigation.
KleptoBan Corporation has 1,500 employees worldwide. In a recent internal audit finding, KleptoBan identified that 10 of their employees have the same address and direct deposit information. The internal auditor should suspect which type of scheme? a) Expense reimbursement fraud b) Ghost employees c) Fictitious vendors d) Check tampering
b) Ghost employees Response Feedback: Ghost employees are fictitious employees. The existence of multiple employees with the same credentials raises a red flag of a ghost employee scheme.
Which statement is not true about whistleblower allegations? a) They can come to the organization's attention in many ways. b) If they come from disgruntled employees, they should be given less weight. c) Organizations should have a business process for triaging allegations that results in review by someone with appropriate authority. d) If the whisteblower allegation involves a member of senior management, the allegation should be reviewed by a designated member of the board.
b) If they come from disgruntled employees, they should be given less weight. Response Feedback: All of the statements were taken from the Fraud Risk Management Guide, except the comment about disgruntled employees. Whistleblowers are often disgruntled for one reason or another. That doesn't mean that their allegations are not true. These allegations need to be evaluated based on the substance of the allegation, and not dismissed solely because of the attributes of the whistleblower.
Big Smile Company's internal auditor has begun to investigate unusual sales transactions. She has identified 3 problem transactions, all of which were entered after midnight when the office is closed. She searches the remaining population for any other transactions entered after midnight. What kind of data analytic test is this? a) Time-series analysis b) Rules-based test c) Link analysis d)Keyword search
b) Rules-based test Response Feedback: This is a rules-based test. The rule is "transactions after midnight".
Which of the following is not a true statement? a) Forensic accountants work as part of government enforcement agencies, such as the FBI. b) Testimony as an expert witness and communicating findings is outside the work of forensic accountants. c) Forensic accountants analyze business issues in legal disputes. d) Forensic accountants sometimes focus on financial statement frauds and embezzlements.
b) Testimony as an expert witness and communicating findings is outside the work of forensic accountants. Forensic accountants analyze business issues in legal disputes. Response Feedback: All of the answers describe elements of forensic accounting. Forensic accounting includes the work to communicate our findings, including in the context of testimony, so it is not outside the scope of our work.
Which of the following statements is NOT true? Selected Answer: Correct Answers: a) It is important to document the fraud risk management program b) The Fraud Risk Management Guide provides a required format for documentation of fraud risk management programs. c) Communication of the fraud risk management program needs to be sufficient so that all personnel and vendors understand their responsibilities. d) The board should establish mechanisms to ensure that it is receiving accurate and timely information regarding potential fraud occurrences.
b) The Fraud Risk Management Guide provides a required format for documentation of fraud risk management programs. Response Feedback: There is no required format for documentation of fraud risk management programs. Each organization considers its size and complexity when determining what type of formal documentation is most appropriate.
Jonathan is investigating whether the 500 company employees have obtained expense reimbursements that they were not entitled to. He pulled 3 months of his expense reimbursement activity, and plans to vouch all of the transactions over $500 to the supporting documentation. This approach yielded 2000 transactions to investigate. What is one of the risks of this strategy? a) It is illegal in the US to investigate expense reimbursement allegations without providing legal counsel to the employees. b) The approach may be overly broad, resulting in wasted effort and a large number of false positives. c) There is little risk that large expense reimbursements will be improper. d) Tracing and vouching are not appropriate forensic techniques for identifying improper expense reimbursement.
b) The approach may be overly broad, resulting in wasted effort and a large number of false positives.
Which of the following statements is not true? a) An organization can improve its chances of loss recovery, while minimizing exposure to litigation and damage to reputation, by establishing and carefully prepallning investigation and corrective actions and processes. b) Knee-jerk or emotional responses to fraud allegations are unhelpful, but common. c) Because fraud allegations are non-routine and vary significantly based on the facts and circumstances, it is best to wait until events to occur before planning investigation processes. d) As an organization undertakes investigations of potential fraud, it should give due consideration to the scope, severity, credibility, and implications of the allegation.
c) Because fraud allegations are non-routine and vary significantly based on the facts and circumstances, it is best to wait until events to occur before planning investigation processes. Response Feedback: All of the statements were taken directly from the course lecture or the Fraud Risk Management Guide, except for one. Notwithstanding that fraud allegations may be non-routine and vary significantly based on the facts and circumstances, organizations greatly benefit from advance planning regarding investigation processes.
Which of the following is a false statement regarding fraud risk brainstorming? a) During brainstorming, the team should discuss the various risks, opportunities and pressures to commit fruad, the risks of management override of controls and the specific risks relevant to the organization. b) It may be helpful to have more than one brainstorming meeting to adequately address all the elements of risk. c) Brainstorming should always start fresh, so it is not helpful to consider any previous fraud risk assessments. d) Effective brainstorming involves preparation in advance of the meeting and a leader to set the agenda and facilitate the session.
c) Brainstorming should always start fresh, so it is not helpful to consider any previous fraud risk assessments. Response Feedback: All of the statements are true, except the statement that brainstorming should not consider previous fraud risk assessments. Usually, prior fraud risk assessments are used as a starting point.
Which of the following is a true statement about an external auditor's assessment of fraud risk? a) External auditors may rely on a written letter of management's representations as a basis for their assessment of fraud risk, if it includes sufficient, competent disclosures about controls. b) External audits are among the best control activities for detecting asset misappropriation. c) During audit planning, external auditors are required to brainstorm about potential risks of financial statement fraud, including how management could perpetrate and conceal fraudulent financial reporting and how assets of the entity could be misappropriated. d) Typically, external audits include a review of management communications and email to detect management override.
c) During audit planning, external auditors are required to brainstorm about potential risks of financial statement fraud, including how management could perpetrate and conceal fraudulent financial reporting and how assets of the entity could be misappropriated. Response Feedback: The correct answer is that audit planning must include a discussion among all key team members about fraud risks, including management override. While written letters of representation are important audit evidence, they are insufficient for audit planning and conclusions about fraud. Management's representations will not usually identify management's override of controls. External audits are not the best control for detecting fraud, based on the ACFE's Report to the Nations. Email analysis is often used in investigations, but is rarely a part of external audits unless there is a predicate of fraud.
Which of these industries has least risk of involvement in money laundering? a) Insurance industry b) Real estate c) Health care d) Casinos, lotteries and gaming industry
c) Health care Response Feedback: Gaming, insurance and real estate are sometimes implicated in money laundering activity.
Which of the following is a true statement? a) If an investigation has not been competently executed, it can always be reperformed to obtain a reliable result. b) If a chief executive officer (CEO) has been accused of wrongdoing, the Internal Audit Director is generally considered to be independent, as long as they are sufficiently critical and even-handed in their approach. c) If the investigation is not competently executed by objective people, it may not be reliable. d) If an investigation team is not independent, as defined by the American Institute of Certified Public Accountants, the investigation outputs may not be relied upon.
c) If the investigation is not competently executed by objective people, it may not be reliable. Response Feedback: If an investigation team is not objective and competent, the investigation results may be unreliable. The other answers are all incorrect. The objectivity standard is less than the formal standard for independence (for example in an audit setting.) When investigations are not competently executed, evidence can be lost or spoiled, so reperformance is not always possible. Generally, it is not appropriate for subordinates to perform investigations of those that have control or influence over their jobs. While that person might have an objective state of mind, they are not seen as objective by reason of their organizational position. In any event, they are not independent in the way implied by one of the answers.
Smurfing and structuring are examples of which stage of money laundering? a) Layering b) Integration c) Placement d) Proceeds of crime
c) Placement Response Feedback: Smurfing and structuring are both types of placement techniques. In smurfing, cash from illegal sources is divided between various depositors (or "smurfs") who make multiple deposits into multiple accounts often using aliases. This brings funds into the banking system in ways that obscure the source of the funds. Structuring is splitting transactions into amounts below $10,000 to avoid transaction reporting under the US and other anti-money laundering laws.
Which of the following is NOT a characteristic of skepticism? a) Search for knowledge b) Suspension of judgment c) Requiring proof of all assertions. d) Interpersonal understanding e) A questioning mind f) Autonomy or a conviction to decide for oneself g) Self esteem
c) Requiring proof of all assertions. Response Feedback: Skepticism does not require micro-management or proof for all assertions. The other elements are characteristics of skepticism.
Which of the following attributes should be evaluated in a fraud risk assessment? (Check all that apply.) a) Country of origin b) Availability of data for analytics c) Significance of exposure d) Likelihood of occurrence
c) Significance of exposure d) Likelihood of occurrence Response Feedback: Fraud risk assessments typically evaluate risk using two attributes: likelihood of occurrence and significance of potential exposures.
Fareed is expected to testify in Federal Court in Massachusetts regarding his investigation and analysis of allegations of embezzlement at Little Darling Company. Fareed's conclusions relied, in part, on forensic data analytics. The opponent in litigation has sought to exclude Fareed's testimony, arguing that his methodology did not meet the Daubert standard. Which of the following might be a defense that Fareed might offer in court? a) The Daubert standard relates primarily to scientific experts, and therefore, does not apply to accounting-related testimony. b) Fareed is a CPA and licensed in the state of Massachusetts, and is therefore qualified to express a professional opinion on any accounting matter. c) The data analytics methodology that Fareed used was generally accepted in the profession, was described for this use in a well-recognized treatise, and was reliably and carefully executed. d) The methodology was innovative and efficient, and therefore, was the best business decision for the company.
c) The data analytics methodology that Fareed used was generally accepted in the profession, was described for this use in a well-recognized treatise, and was reliably and carefully executed.
Which of the following types of risk is generally not considered in a fraud risk assessment? a) The risk of fraudulent financial reporting. b) The risk of management override. c) The risk of business interruption. d) The risk of fraudulent non-financial reporting. e) The risk of misappropriation of assets. f) The risk of illegal acts or corruption.
c) The risk of business interruption. Response Feedback: All of these are business risks, but the risk of business interruption is not generally a fraud-related risk.
Which of the following does not generally promote fraud deterrence? a) Swift action in response to allegations of fraud, including where appropriate, actions against those involved in wrongdoing. b) A robust and thorough fraud risk assessment, c) A visible and vigorous fraud governance process. d) A previous history of no frauds.
d) A previous history of no frauds. Response Feedback: All of the answers, except the lack of a prior history of fraud, help to promote fraud deterrence. The mere fact that frauds have not occurred in the past does not help deter future fraudulent activity.
Skimming is defined as: a) A scheme in which the perpetrator alters the company's checks and converts them to inappropriate us b) A scheme involving fraudulent wire transfers to a personal account. c) A scheme that involves cash thefts by setting up one or more fictitious employees on the payroll system. d) A scheme in which cash receipts are stolen from an enterprise before they are recorded on the books and records.
d) A scheme in which cash receipts are stolen from an enterprise before they are recorded on the books and records. Response Feedback: Skimming is defined as an asset misappropriation scheme that involves taking cash receipts before they are recorded on the books and records.
Which kinds of techniques are used in both forensic settings and in external audit settings? a) Interviews of knowledgeable people b) Ratio analysis c) Vouching or tracing selected transactions d) All of the above.
d) All of the above.
Which of the following are ways in which management may attempt to override controls or misstate financial information? a) Applying inappropriate bias in their assumptions regarding accounting estimates. b) Entering into unusual or fraudulent transactions near period-end to meet their objectives c) Pressuring their subodinates to initiate or participate in improper transactions or activities. d) All of the above.
d) All of the above.
Which of the following can help a smaller business reduce the risk of management override of internal controls? a) Maintain a corporate culture in which integrity and ethical values are held in high esteem. For example, explicitly include integrity and ethics in the criteria for hiring, compensation increases and bonuses and promotion decisions. b) Implement a whistle-blower program or make it clear to employees that when circumstances warrant, matters can be reported directly to the board or the audit committee of the board. c) Attract and retain qualified board members who take their responsibilities seriously. d) All of the above.
d) All of the above. Response Feedback: All of these help mitigate the risk of management override.
Which of the following are data visualization techniques? a) Heat maps b) Link analysis c) Geospatial analysis and data mapping d) All of these are types of data visualization.
d) All of these are types of data visualization. Response Feedback: All of these are examples of data visualization.
Which of the following elements is NOT part of COSO's comprehensive fraud risk management strategy? a) Monitor the fraud risk management process, report results and improve the process. b) Establish a fraud reporting process and coordinated approach to investigative and corrective action. c) Establish a frad risk management policy as part of organizational governance. d) Select, develop and deploy preventive and detective fraud control activities. e) Perform a comprehensive fraud risk assessment. f) All of the above are elements of COSO's comprehensive fraud risk management strategy.
f) All of the above are elements of COSO's comprehensive fraud risk management strategy.