Exam 10: Fraud and Internal Control

In a HotSpot DFD, which color indicates the most risk?

Which COSO Internal Control-Integrated Framework essential component of an effective internal control system includes the accounting system for identifying, recording, processing, and reporting transactions and financial data?

Which of the following is not part of the information criteria as defined by COBIT?

Match the internal auditors code of ethics principle to the appropriate definition. A)Internal auditors respect the value and ownership of information they receive and do not disclose information without appropriate authority unless there is a legal or professional obligation to do so. B)Internal auditors apply the knowledge, skills, and experience needed in the performance of internal audit services. C)The integrity of internal auditors establishes trust and thus provides the basis for reliance on their judgment. D)Internal auditors exhibit the highest level of professional objectivity in gathering, evaluating, and communicating information about the activity or process being examined. -Competency

Which of the following is not part of the audit committee's responsibilities?

List and describe the principles for establishing an environment to effectively manage fraud risk.

In the COBIT framework, which IT resource category consists of manual and programmed procedures to process information?

Which SOX section requires the chief executive officer and the chief financial officer to disclose to the auditors and the audit committee of the board of directors all significant deficiencies in internal controls, which could adversely affect the ability to record, process, summarize, and report financial data and any material weaknesses in internal controls?

What are the three major objectives of an IT audit?

Document the preventive and detective controls on the Books Ga'Lore! shipping DFD.

In control activities, ________ divide authorization, recording, and asset custody among different individuals.

When investigating fraud, ________ enables auditors to extract, analyze, and interpret evidence to detect unusual patterns and irregularities.

List and describe the IT resources categories as defined by COBIT.

To comply with SOX, companies must use a framework for evaluating internal control.

When documenting HotSpots on DFDs, what types of controls are documented?

Books Ga'Lore! Shipping DFD -Using the Books Ga'Lore! shipping DFD, create an event-agent-datastore-control table.

Document the risk level of the HotSpots on the Books Ga'Lore! shipping DFD. The following coding is used for the HotSpot DFD: - Red identifies the greatest risk (HotSpots). -Yellow is for significant risk (warm). - Green identifies areas with adequate controls (cool).

Which of the following is not the purpose of internal controls?

Physical controls ensure appropriate information processing, authorization, and data integrity.

________ controls support application controls to provide a reliable operating environment.