Exam 10: Fraud and Internal Control

Which Rule of Conduct for internal auditors states that they are not to use information for any personal gain or in any manner that would be contrary to the law or detrimental to the legitimate and ethical objectives of the organization?

Match the DFD symbol to the name. A)Agent B)Dataflow C)Datastore D)Process -

Match the DFD symbol to the name. A)Agent B)Dataflow C)Datastore D)Process -

If the internal audit revealed any significant deficiencies, it is not required to be disclosed by the signing officers of the company.

What do the audit committee's responsibilities include?

Which Rule of Conduct for internal auditors states that they will not knowingly be a party to any illegal activity, or engage in acts that are discreditable to the profession of internal auditing or to the organization?

Match the internal auditors code of conduct principle with the appropriate definition. A)Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. B)Shall be prudent in the use and protection of information acquired in the course of their duties. C)Shall engage only in those services for which they have the necessary knowledge, skills, and experience. D)Shall perform their work with honesty, diligence, and responsibility. -Competency

Which IT process domain, as defined by COBIT, encompasses IT operations, security, and training?

What percentage of occupational fraud is committed by upper management?

In a(n)________, the auditor performs tests of controls and substantive procedures.

________ focuses on managing when revenues and expenses are recorded in order to favorably reflect a company's financial performance in a legal manner.

What are the three phases for documenting control HotSpots?

Application controls ensure completeness and accuracy of transaction processing, authorization, and validity.

Which general IT control covers acquisition, implementation, and maintenance of system software including the operating system, DBMS, network software, and security software?

The COSO ________ provides a blueprint for implementing an internal control system to assist in ensuring the reliability of financial statements and compliance with Sarbanes-Oxley legislation.

________ techniques should be established to uncover fraud events when preventive measures fail or unmitigated risks are realized.

Match the internal auditors code of conduct principle with the appropriate definition. A)Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. B)Shall be prudent in the use and protection of information acquired in the course of their duties. C)Shall engage only in those services for which they have the necessary knowledge, skills, and experience. D)Shall perform their work with honesty, diligence, and responsibility. -Confidentiality

The COSO internal control component Information and Communication usually maps to which COBIT domain for IT processes?

COBIT provides high-level strategic guidance for meeting overall internal control objectives.

IT general controls have a pervasive effect on all internal controls.