Exam 6: Introduction to Internal Control Systems and Risk Management

Assume that a company designs and implements a control procedure whereby the accountant that is responsible for recording cash receipts transactions does not have access to the cash itself.This control procedure is an example of a:

The separation of duties control does not completely eliminate the possibility of embezzlement by employees.

Those control procedures that are designed to remedy problems discovered through detective controls are called:

Which one of the following functions performed in an organization is a violation of internal control?

For a specific internal control to be effective, both the preventive and the detective aspect of the control must exist and be interrelated.

Which of the following control procedures provides physical protection for a company's cash asset?

An approach used by many companies to reduce the risk of loss caused by the theft of assets by employees is to:

Regarding a company's audit trail, which of the following statements is true?

According to the 2017 COSO ERM Report, management is responsible for exercising oversight over strategy and risk management activities.

____ is defined as "the culture, capabilities, and practices, integrated with strategy and execution, that organizations rely on to manage risk in creating, preserving and realizing value."

Regarding the cost-benefit concept, which of the following statements is true?

For control purposes, the quantities of materials ordered may be omitted from the copy of the purchase order which is:

Which of the following personnel policies would be the most useful in mitigating fraud or embezzlement?

An effective approach for maintaining a good audit trail for cash disbursements is to utilize a voucher system with coins and currency issued for each disbursement.

Which of the following factors best describes the "control environment" of a firm?

The component of an internal control system that concerns itself with the way a company's management assigns authority and responsibility is called:

COBIT 5 deals exclusively with internal control within an IT context.

Which one of the following types of audits would be most likely to focus on objectives related to the efficient use of resources?

Three objectives of a company's internal control system should be safeguarding assets, checking the accuracy and reliability of accounting data, and promoting operational efficiency.A fourth objective of a company's internal control system should be:

If the same employee is responsible for authorizing a business transaction and recording the transaction in the accounting records, this indicates a weakness in which element of a company's internal control system?