Exam 10: Fraud and Internal Control

Match the DFD symbol to the name. A)Agent B)Dataflow C)Datastore D)Process -

What factors are part of the control environment?

What percentage for frauds are detected by tips?

Books Ga'Lore! Invoice DFD -Using the Books Ga'Lore! invoice DFD, create an event-agent-datastore-control table.

Match the internal auditors code of conduct principle with the appropriate definition. A)Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. B)Shall be prudent in the use and protection of information acquired in the course of their duties. C)Shall engage only in those services for which they have the necessary knowledge, skills, and experience. D)Shall perform their work with honesty, diligence, and responsibility. -Objectivity

It is not possible for a material weakness in internal control over financial reporting to exist even though the financial statements are not materially misstated.

The SOX legislation basically requires management of privately held companies must assess and report on the effectiveness of internal controls for financial reporting using a recognized framework.

Document the risk level of the HotSpots on the Books Ga'Lore! invoice DFD. The following coding is used for the HotSpot DFD: - Red identifies the greatest risk (HotSpots). -Yellow is for significant risk (warm). - Green identifies areas with adequate controls (cool).

A(n)________, as required by Auditing Standard No. 5, integrates an audit of internal control with an audit of financial statements.

Which organization was created by the Sarbanes-Oxley Act of 2002?

Internal controls for the accounting system are incomplete without IT controls.

Application controls for business processes cannot be documented using DFDs.

What does Auditing Standard No. 5, an Audit of Internal Control Over Financial Reporting That Is Integrated with An Audit of Financial Statements, require the auditor to understand about IT?

What are the steps for building a HotSpot DFD?

Which level in the company corresponds to the Entity-Level IT Controls?

Which principle in the Code of Ethics for internal auditors states that they are to respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so?

What are the elements required to prove fraud?

How long does the typical fraud last before being detected?

________ techniques to avoid potential key fraud risk events should be established, where feasible, to mitigate possible impacts on the organization.

Match the internal auditors code of ethics principle to the appropriate definition. A)Internal auditors respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so. B)Internal auditors apply the knowledge, skills, and experience needed in the performance of internal audit services. C)The integrity of internal auditors establishes trust and thus provides the basis for reliance on their judgment. D)Internal auditors exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. -Integrity