Question 1

Which of the following statements is true?

Accepted Answer

A) The COSO report failed to define internal control 
B) The COSO report emphasized that an internal control system is a tool of management 
C) SAS 78 rejected the definition of internal control provided in the COSO report 
D) COBIT concluded that a company's management is not responsible for establishing and monitoring a company's internal control system 
A) The COSO report failed to define internal control 
B) The COSO report emphasized that an internal control system is a tool of management 
C) SAS 78 rejected the definition of internal control provided in the COSO report 
D) COBIT concluded that a company's management is not responsible for establishing and monitoring a company's internal control system

Question 2

Operational audits are performed by a company's internal audit staff.

Accepted Answer

A) True 
 B)False

Question 3

The COSO report stresses that:

Accepted Answer

A) Internal control is a process 
B) An internal control system, if properly designed, can become a substitute for management 
C) People only at high levels of an organization are an important part of an internal control system 
D) An internal control system should consist of three interrelated components: the control environment, risk assessment, and control activities 
A) Internal control is a process 
B) An internal control system, if properly designed, can become a substitute for management 
C) People only at high levels of an organization are an important part of an internal control system 
D) An internal control system should consist of three interrelated components: the control environment, risk assessment, and control activities

Question 4

A responsibility that should be assigned to a specific employee and not shared is that of:

Accepted Answer

A) Access to the company's safe deposit box 
B) Placing orders and maintaining relationships with a prime supplier 
C) Attempting to collect a particular delinquent account 
D) Custodianship of the petty cash fund 
A) Access to the company's safe deposit box 
B) Placing orders and maintaining relationships with a prime supplier 
C) Attempting to collect a particular delinquent account 
D) Custodianship of the petty cash fund

Question 5

Controls that specifically encourage operating efficiency are often called preventive controls.

Accepted Answer

A) True 
 B)False

Question 6

The purpose of ________________ is to identify organizational risks, analyze their potential in terms of costs and likelihood of occurrence, and install those controls whose projected benefits outweigh their costs.

Accepted Answer

A) Internal controls 
B) A control environment 
C) Risk assessment 
D) Management consultants 
A) Internal controls 
B) A control environment 
C) Risk assessment 
D) Management consultants

Question 7

Control procedures that provide feedback to management regarding the achievement of operational efficiency and adherence to prescribed managerial policies are called:

Accepted Answer

A) Corrective controls 
B) Preventive controls 
C) Policy controls 
D) Detective controls 
A) Corrective controls 
B) Preventive controls 
C) Policy controls 
D) Detective controls

Question 8

Regarding the cost-benefit concept, which of the following statements is true?

Accepted Answer

A) Every control procedure that offers benefits to a company should be implemented into the company's system 
B) An optimal internal control package is developed for a company's system by implementing a standardized package of control procedures 
C) A control procedure is considered cost effective if it can be determined that the cost of operating the procedure will be lower in the current period than in the previous period 
D) A control procedure is considered cost effective when its anticipated benefits exceed its anticipated costs 
A) Every control procedure that offers benefits to a company should be implemented into the company's system 
B) An optimal internal control package is developed for a company's system by implementing a standardized package of control procedures 
C) A control procedure is considered cost effective if it can be determined that the cost of operating the procedure will be lower in the current period than in the previous period 
D) A control procedure is considered cost effective when its anticipated benefits exceed its anticipated costs

Question 9

The separation of duties control does not completely eliminate the possibility of embezzlement by employees.

Accepted Answer

A) True 
 B)False

Question 10

A good audit trail is an important element within a company's internal control system.

Accepted Answer

A) True 
 B)False

Question 11

Risk assessment is an important component of an internal control system.

Accepted Answer

A) True 
 B)False

Question 12

A control procedure that may be established within the sales department of a company's marketing subsystem is the addition of the sales invoice amounts before these invoices are sent to the information processing subsystem.This control total of invoice amounts is called a:

Accepted Answer

A) Checksum 
B) Random total check 
C) Redundant control amount 
D) Batch control total 
A) Checksum 
B) Random total check 
C) Redundant control amount 
D) Batch control total

Question 13

An audit trail problem associated with computerized data processing is that certain financial data processed by the computer may never be seen by the company's management.

Accepted Answer

A) True 
 B)False

Question 14

If the same employee is responsible for authorizing a business transaction and recording the transaction in the accounting records, this indicates a weakness in which element of a company's internal control system?

Accepted Answer

A) A good audit trail 
B) Separation of duties 
C) Internal review of controls 
D) Competent employees 
A) A good audit trail 
B) Separation of duties 
C) Internal review of controls 
D) Competent employees

Question 15

The separation of duties control would not be violated if a company's cashier was also responsible for recording cash transactions.

Accepted Answer

A) True 
 B)False

Question 16

For a specific internal control to be effective, both the preventive and the detective aspect of the control must exist and be interrelated.

Accepted Answer

A) True 
 B)False

Question 17

It is normally considered good organizational design to establish the internal audit function within the accounting subsystem.

Accepted Answer

A) True 
 B)False

Question 18

The Enterprise Risk Management ERM)framework is based on the 1992 COSO report and adds three additional components for an effective internal control system.Which of the following is not one of those three?

Accepted Answer

A) Objective setting 
B) Event identification 
C) Control assessment 
D) Risk response 
A) Objective setting 
B) Event identification 
C) Control assessment 
D) Risk response

Question 19

The preventive controls within a company's internal control system:

Accepted Answer

A) Form the foundation for all of a company's other internal control components 
B) Focus on management's philosophy and operating style 
C) Ignore the risk factor associated with a company's control procedures 
D) Are controls put by the management to prevent problems from occurring 
A) Form the foundation for all of a company's other internal control components 
B) Focus on management's philosophy and operating style 
C) Ignore the risk factor associated with a company's control procedures 
D) Are controls put by the management to prevent problems from occurring

Question 20

Which one of the following types of audits would be most likely to focus on objectives related to the efficient use of resources?

Accepted Answer

A) Compliance audit 
B) Information systems audit 
C) Independent audit 
D) Operational audit 
A) Compliance audit 
B) Information systems audit 
C) Independent audit 
D) Operational audit

Which of the following statements is true?

Operational audits are performed by a company's internal audit staff.

The COSO report stresses that:

A responsibility that should be assigned to a specific employee and not shared is that of:

Controls that specifically encourage operating efficiency are often called preventive controls.

The purpose of ________________ is to identify organizational risks, analyze their potential in terms of costs and likelihood of occurrence, and install those controls whose projected benefits outweigh their costs.

Control procedures that provide feedback to management regarding the achievement of operational efficiency and adherence to prescribed managerial policies are called:

Regarding the cost-benefit concept, which of the following statements is true?

The separation of duties control does not completely eliminate the possibility of embezzlement by employees.

A good audit trail is an important element within a company's internal control system.

Risk assessment is an important component of an internal control system.

A control procedure that may be established within the sales department of a company's marketing subsystem is the addition of the sales invoice amounts before these invoices are sent to the information processing subsystem.This control total of invoice amounts is called a:

An audit trail problem associated with computerized data processing is that certain financial data processed by the computer may never be seen by the company's management.

If the same employee is responsible for authorizing a business transaction and recording the transaction in the accounting records, this indicates a weakness in which element of a company's internal control system?

The separation of duties control would not be violated if a company's cashier was also responsible for recording cash transactions.

For a specific internal control to be effective, both the preventive and the detective aspect of the control must exist and be interrelated.

It is normally considered good organizational design to establish the internal audit function within the accounting subsystem.

The Enterprise Risk Management ERM)framework is based on the 1992 COSO report and adds three additional components for an effective internal control system.Which of the following is not one of those three?

The preventive controls within a company's internal control system:

Which one of the following types of audits would be most likely to focus on objectives related to the efficient use of resources?

Accounting Information Systems and the Accountant

Information Technology and Aiss

Data Modeling

Organizing and Manipulating the Data in Databases

Database Forms and Reports

Documenting Accounting Information Systems

Accounting Information Systems and Business Processes: Part I

Accounting Information Systems and Business Processes: Part II

Computer Controls for Organizations and Accounting Information Systems

Computer Crime, Fraud, Ethics, and Privacy

Information Technology Auditing

Developing and Implementing Effective Accounting Information Systems

Accounting on the Internet

Accounting and Enterprise Software

Filters

Exam 9: Introduction to Internal Control Systems

Which of the following statements is true?

Operational audits are performed by a company's internal audit staff.

The COSO report stresses that:

A responsibility that should be assigned to a specific employee and not shared is that of:

Controls that specifically encourage operating efficiency are often called preventive controls.

The purpose of ________________ is to identify organizational risks, analyze their potential in terms of costs and likelihood of occurrence, and install those controls whose projected benefits outweigh their costs.

Control procedures that provide feedback to management regarding the achievement of operational efficiency and adherence to prescribed managerial policies are called:

Regarding the cost-benefit concept, which of the following statements is true?

The separation of duties control does not completely eliminate the possibility of embezzlement by employees.

A good audit trail is an important element within a company's internal control system.

Risk assessment is an important component of an internal control system.

A control procedure that may be established within the sales department of a company's marketing subsystem is the addition of the sales invoice amounts before these invoices are sent to the information processing subsystem.This control total of invoice amounts is called a:

An audit trail problem associated with computerized data processing is that certain financial data processed by the computer may never be seen by the company's management.

If the same employee is responsible for authorizing a business transaction and recording the transaction in the accounting records, this indicates a weakness in which element of a company's internal control system?

The separation of duties control would not be violated if a company's cashier was also responsible for recording cash transactions.

For a specific internal control to be effective, both the preventive and the detective aspect of the control must exist and be interrelated.

It is normally considered good organizational design to establish the internal audit function within the accounting subsystem.

The Enterprise Risk Management ERM)framework is based on the 1992 COSO report and adds three additional components for an effective internal control system.Which of the following is not one of those three?

The preventive controls within a company's internal control system:

Which one of the following types of audits would be most likely to focus on objectives related to the efficient use of resources?

Accounting Information Systems and the Accountant

Information Technology and Aiss

Data Modeling

Organizing and Manipulating the Data in Databases

Database Forms and Reports

Documenting Accounting Information Systems

Accounting Information Systems and Business Processes: Part I

Accounting Information Systems and Business Processes: Part II

Computer Controls for Organizations and Accounting Information Systems

Computer Crime, Fraud, Ethics, and Privacy

Information Technology Auditing

Developing and Implementing Effective Accounting Information Systems

Accounting on the Internet

Accounting and Enterprise Software

Filters