Exam 10: Fraud and Internal Control

Match the internal auditors code of ethics principle to the appropriate definition. A)Internal auditors respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so. B)Internal auditors apply the knowledge, skills, and experience needed in the performance of internal audit services. C)The integrity of internal auditors establishes trust and thus provides the basis for reliance on their judgment. D)Internal auditors exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. -Confidentiality

Which COSO Internal Control-Integrated Framework essential component of an effective internal control system involves identifying, analyzing, and managing risks that affect a company's ability to record, process, summarize, and report financial data properly?

Which general IT control includes control over SDLC phases for software upgrades and modifications?

Which IT process domain, as defined by COBIT, relates to IT strategy and tactics to contribute to attaining business goals?

The COSO internal control component Control Activities usually maps to which COBIT domain for IT processes?

What are the five essential components of an effective internal control system listed in COSO Internal Control-Integrated Framework?

In the COSO Internal Control-Integrated Framework, control activities do not include

Most occupational frauds are committed by the accounting department or upper management.

List and describe the 10 generally accepted privacy principles.

Match the internal auditors code of conduct principle with the appropriate definition. A)Shall not participate in any activity or relationship that may impair or be presumed to impair their unbiased assessment. B)Shall be prudent in the use and protection of information acquired in the course of their duties. C)Shall engage only in those services for which they have the necessary knowledge, skills, and experience. D)Shall perform their work with honesty, diligence, and responsibility. -Integrity

Input controls ensure data is processed properly.

The Sarbanes-Oxley Act of 2002, which would become known as SOX, created the ________ to oversee and regulate public companies and their auditors.

While COSO is a broad framework for internal control in general, COBIT provides the detailed IT processes necessary to provide IT controls for monitoring and evaluating the IT environment.

Increasingly the expectation is that the auditor and the IT professional learn more about the other's field.

Document the preventive and detective controls on the Books Ga'Lore! invoice DFD.

Which SOX section requires the public accounting firm that audits the financial statements of the company to issue an attestation report regarding the effectiveness of the company's internal controls?

Tips are the most likely means of detecting fraud.

Control ________ are control weaknesses.

Internal controls are an integral part of business processes and the accompanying accounting transaction cycles.

Substantive procedures collect evidence regarding the accuracy, completeness, and validity of data produced by the accounting system.