Explore all topics
Start Free Trial
Need Help? Contact us
back arrowfull exam logo
search
ai logoChat with AI
Servicesarrow
Discoverarrow

Topics

Explore all topics
Discover more topics

Deck 4: Internal Controls

Full screen (f)
exit full mode
Question
Which of the following did Brown identify as forms of operational risk: (i) systems risk, (ii) human error risk, (iii) directors' and officers' liability.

A) i and ii only.
B) ii and iii only.
C) i and iii only.
D) i, ii and iii.
Use Space or
up arrow
down arrow
to flip the card.
Question
Which of the following is included in all three definitions of internal control presented in the text?

A) Elimination of error.
B) Reliability of financial reporting.
C) Reasonable assurance.
D) Focus on generally accepted accounting principles.
Question
Market risk refers to changes in all of the following except:

A) Customer demand.
B) Stock price.
C) Investment prices.
D) Interest rates.
Question
According to the COSO definition, internal controls should provide:

A) Reasonable assurance.
B) Punishments for dishonest employees.
C) Sufficient justification for prosecuting criminals.
D) Guarantees that no fraud exists in the accounting information system.
Question
According to Brown, strategic risks include:

A) Liquidity risk.
B) Systems risk.
C) Legal and regulatory risk.
D) Directors' and officers' liability.
Question
Which of the following is included in both COSO frameworks?

A) Objective setting.
B) Risk response.
C) Monitoring.
D) Reasonable assurance.
Question
The terms "preventive, detective and corrective" are most closely associated with which element of Internal Control? Integrated Framework?

A) Control environment.
B) Monitoring.
C) Control activities.
D) Risk assessment.
Question
When a customer is unable or unwilling to pay amounts due, an organization experiences ___ risk.

A) Market.
B) Credit.
C) Systems.
D) Business strategy.
Question
According to the COSO definition, internal controls should address which of the following areas: (i) effectiveness and efficiency of operations, (ii) reliability of financial reporting, (iii) compliance with applicable laws and regulations.

A) i and ii only.
B) ii and iii only.
C) i and iii only.
D) i, ii and iii.
Question
In fulfilling the four purposes of internal control, managers should ensure that:

A) The opportunity for theft is eliminated.
B) Costs are less than benefits.
C) All employees are bonded.
D) Every employee understands the importance of SOX.
Question
Top management's general attitude about internal control and risk is called _______ in the COSO internal control framework and ______ in the enterprise risk management framework.

A) Internal environment, control environment.
B) Control environment, internal environment.
C) Internal environment, internal environment.
D) Control environment, control environment.
Question
According to the COSO definition, who is responsible for internal control: (i) board of directors, (ii) managers, (iii) auditors.

A) i and ii only.
B) ii and iii only.
C) i and iii only.
D) i, ii and iii.
Question
Internal Control: Integrated Framework includes all of the following except:

A) Control environment.
B) Risk assessment.
C) Control assessment.
D) Monitoring.
Question
Making operations as efficient as possible is:

A) A basic purpose of internal control.
B) A component of the Foreign Corrupt Practices Act.
C) An objective of the Sarbanes-Oxley Act.
D) Not an issue for accountants to address.
Question
The general objectives of internal control include all of the following except:

A) Protecting assets.
B) Producing true financial statements.
C) Streamlining operations.
D) Encouraging employees to follow management's directions.
Question
According to Enterprise Risk Management: Integrated Framework, risk can be:

A) Internal or external.
B) General or specific.
C) Financial or operational.
D) Inherent or residual.
Question
Among other things, internal controls should promote conformity with:

A) Generally accepted accounting principles.
B) The Foreign Corrupt Practices Act.
C) The rules of debit and credit.
D) Management instructions.
Question
According to the COSO definition, internal control is a(n):

A) Set of procedures.
B) Process.
C) Checklist.
D) Way to eliminate risk.
Question
Which of the following best explains one of the four basic purposes of internal control?

A) Eliminating error.
B) Uncovering fraud.
C) Promoting confidence in financial statements.
D) Eliminating the need for audits.
Question
Insufficient cash is an example of ______ risk in Brown's taxonomy.

A) Financial.
B) Operational.
C) Strategic.
D) Hazard.
Question
Insurance and bonding are examples of which part of the COSO risk management framework?

A) Risk response.
B) Objective setting.
C) Information and communication.
D) Basic purposes of internal control.
Question
A foreign company wants to trade its capital stock in the United States. The company hires a consultant with expertise in SOX in response to which form of risk?

A) Human error.
B) Legal and regulatory.
C) Strategic.
D) Market.
Question
Which of the following internal controls is most likely to detect that an employee has stolen cash?

A) Pre-numbered documents.
B) Adequate documentation.
C) Insurance against theft.
D) Separation of duties.
Question
Cortez works for a large retailer that sells various kinds of linens (towels, sheets, blankets, pillow cases). In completing a risk assessment for his organization, which of the following questions should he ask first?

A) What risks should we prepare for?
B) How can information technology help guard against risk?
C) Do we need an internal auditing staff?
D) What will my boss think about the plan I develop?
Question
Internal controls like edit checks and preformatted data entry screens would help reduce: (i) systems risk, (ii) human error risk.

A) i only.
B) ii only.
C) Both i and ii.
D) Neither i nor ii.
Question
Edna wants to maintain stronger internal control over inventory. Which of the following would be the best preventive control?

A) Lockbox system.
B) Limit check.
C) Edit check.
D) Video surveillance.
Question
Which of the following four pairs listed below achieve the same purpose as outlined in the text on internal control functions and purposes?

A) Safeguarding assets, firewalls.
B) Ensuring financial statement reliability, limit checks.
C) Promoting operating efficiency, procedures manuals.
D) Encouraging compliance with management directives, data encryption.
Question
Processes like separation of duties and internal audits are most closely associated with which element of the COSO internal control framework?

A) Definition of internal control.
B) Control activities.
C) Monitoring.
D) Risk response.
Question
Using pre-numbered documents in an accounting information system is a way to ___ risk.

A) Avoid.
B) Share.
C) Accept.
D) Reduce.
Question
Business strategy risk would cause concern for: (i) a company trying to sell a new product in an established geographic market, (ii) a company trying to sell an established product in a new geographic market.

A) i only.
B) ii only.
C) Both i and ii.
D) Neither i nor ii.
Question
Four pairs of internal controls are listed below. Identify the pair that accomplishes the same goal based on the four purposes of internal controls as discussed in the text.

A) Safeguarding assets, preformatted data entry screens.
B) Ensuring financial statement reliability, daily cash deposits.
C) Promoting operating efficiency, physical security.
D) Encouraging compliance with management directives, user training.
Question
Cortez works for a large retailer that sells various kinds of linens (towels, sheets, blankets, pillow cases). He recommends establishing an internal audit function to manage a comprehensive risk management plan. In the COSO enterprise risk management framework, his recommendation is most closely associated with: Control activities.

A) Information and communication.
B) Risk response.
C) Risk assessment.
D) Risk assessment.
Question
Which of the following internal controls is most likely to prevent an employee from stealing cash?

A) Pre-numbered documents.
B) Adequate documentation.
C) Insurance against theft.
D) Separation of duties.
Question
As an internal control, separation of duties would help prevent: (i) theft of inventory, (ii) computer viruses.

A) i only.
B) ii only.
C) Both i and ii.
D) Neither i nor ii.
Question
Cortez works for a large retailer that sells various kinds of linens (towels, sheets, blankets, pillow cases). As part of an enterprise risk management plan, he recommends the company purchase more fire insurance. Which section of the COSO enterprise risk management framework is most applicable to his recommendation?

A) Risk response.
B) Objective setting.
C) Monitoring.
D) Event identification.
Question
The text identified four basic purposes of internal control and several examples of specific controls. Which of the following demonstrates the strongest relationship between them?

A) Safeguarding assets, separation of duties.
B) Ensuring financial statement reliability, edit checks.
C) Promoting operating efficiency, bank reconciliation.
D) Encouraging compliance with management directives, pre-numbered documents.
Question
The text identified four basic purposes of internal control and several examples of specific controls. Which of the following demonstrates the strongest relationship between them?

A) Safeguarding assets, bank reconciliation.
B) Ensuring financial statement reliability, pre-numbered documents.
C) Promoting operating efficiency, bank reconciliation.
D) Encouraging compliance with management directives, pre-numbered documents.
Question
An entrepreneur started a company by borrowing money from his parents. If the company does not extend credit to its customers and uses very little information technology, which of the following risks is most serious?

A) Directors' and officers' liability.
B) Liquidity risk.
C) Credit risk.
D) Systems risk.
Question
Cortez works for a large retailer that sells various kinds of linens (towels, sheets, blankets, pillow cases). Which of the following is an internal event he should consider as he develops a risk management plan?

A) Whether management will accept his plan.
B) Employee embezzlement.
C) Ways to reduce risk internally.
D) An internal system for monitoring the risk management plan.
Question
Based on the four purposes of internal controls discussed in the text, which of the four pairs listed are the most similar based on those purposes?

A) Safeguarding assets, data encryption.
B) Ensuring financial statement reliability, internal audits.
C) Promoting operating efficiency, restrictive endorsements.
D) Encouraging compliance with management directives, insurance and bonding.
Question
Which of the following best describes the relationship between the two COSO frameworks discussed in the text?

A) The enterprise risk management framework makes the internal control framework obsolete.
B) The internal control framework makes the enterprise risk management framework obsolete.
C) The enterprise risk management framework is more comprehensive than the internal control framework.
D) The internal control framework updates the enterprise risk management framework.
Question
Brown's risk taxonomy includes four major categories: financial, operational, strategic and hazard. In your own words, differentiate the four types; give an example of each type that relates directly to Top Notch T-Shirt Printing. Do not list the subcategories for each major category.
Question
The text presented three definitions of internal control. Which of the following statements about them is most true?

A) Two of them apply only to businesses; the other applies only to government agencies.
B) Only one of the three emphasizes that internal control is a process.
C) None of the three provides absolute assurance that a company has eliminated risk.
D) All of them focus on specific internal control procedures for specific kinds of companies.
Question
Risk assessment
Eric is the owner of Handyman Unlimited, a company which does "odd jobs" and small home repair. Eric uses his personal line of credit, based on the value of his home, to finance the business. The company's risk exposures include those listed below; use the detailed elements of Brown's risk taxonomy (not the four categories) to classify each risk.
___________ 1. A handyman steals small tools and sells them on eBay.
__________ 2. After Handyman Unlimited became a publicly traded corporation, auditors discovered
one of the officers had committed fraud against the company.
__________ 3. An unhappy employee introduces a virus to the company's computer network.
__________ 4. Handyman Unlimited attempts to expand its operations to Africa.
__________ 5. Payroll expenses often drain the company's cash reserves.
__________ 6. The bookkeeper records a cash sale by debiting sales and crediting cash.
__________ 7. The company's billing policy requires customers to pay within 60 days of service.
__________ 8. The value of Eric's home may drop significantly.
Question
Which of the following phrases associated with the definition of internal control is most closely related to promoting operating efficiency?

A) Reliability of financial reporting.
B) Achieve its objectives and mission.
C) Reasonable assurance.
D) Fraud prevention.
Question
Internal control classification
Several common internal controls for information technology are listed below. Indicate whether each is primarily preventive, detective or corrective in nature; also indicate whether each is a general control or an application control. Internal control classification Several common internal controls for information technology are listed below. Indicate whether each is primarily preventive, detective or corrective in nature; also indicate whether each is a general control or an application control. <div style=padding-top: 35px>
Question
Define "internal control." Outline the structure of Internal Control: Integrated Framework OR Enterprise Risk Management: Integrated Framework.
Question
COSO enterprise risk management framework
Debbie, Amy and Lynn all work for PPK Corporation; they recently had the conversation below about risk management. Specify the element of the COSO enterprise risk management framework that most clearly applies to each underlined phrase in the conversation.
Debbie: Our boss has asked us to come up with some ideas about how to manage risk in the company.
Amy: Ok. Let's use the COSO framework to help guide our thinking; it has eight elements: internal environment, objective setting, event identification, risk assessment, risk response, control activities, information and communication, and monitoring.
Lynn: Well, whatever we come up with, we need to let other people in the company know about it. I think we should start a newsletter or web site.
Amy: Wait a minute, Lynn. before we do anything, we need to figure out how our risk management activities are connected to the company's strategic plan.
Debbie: That's right, Amy. It's pretty clear this task is important to the boss-otherwise, she wouldn't have asked all three of us to work on it.
Lynn: Maybe we should start by thinking about the things that have happened recently to increase risk around here.
Debbie: That's a great idea. While we're at it, we should also think about the likelihood that each one will happen again.
Amy: Yeah-and then we can decide what to do about each one, like whether just to accept it or try to manage it. Of course, we'd also need to get much more specific about how to manage it.
Debbie: I just hope all the work we're about to do doesn't go to waste. The company needs a system to make sure that risk management continues after we develop a plan.
________ 1. this task is important to the boss.
________ 2. things that have happened recently.
________ 3. the likelihood that each one will happen again.
________ 4. start a newsletter or web site.
________ 5. how our risk management activities are connected to the company's strategic plan.
________ 6. get much more specific about how to manage it.
________ 7. decide what to do about each one, like whether just to accept it or try to manage it.
________ 8. a system to make sure that risk management continues.
Question
Which of the following internal controls is a form of risk sharing?

A) Insurance.
B) Pre-numbered documents.
C) Segregation of duties.
D) Data encryption.
Question
A strong firewall eliminates the need for: (i) data encryption, (ii) virus protection.

A) i only.
B) ii only.
C) Both i and ii.
D) Neither i nor ii.
Question
Internal control legislation
Several elements of the Foreign Corrupt Practices Act and the Sarbanes-Oxley Act are listed below. Place an "X" in the appropriate column to indicate which Act is most closely associated with each element. If an item applies to both, place an "X" in both columns. Internal control legislation Several elements of the Foreign Corrupt Practices Act and the Sarbanes-Oxley Act are listed below. Place an X in the appropriate column to indicate which Act is most closely associated with each element. If an item applies to both, place an X in both columns. <div style=padding-top: 35px>
Question
List and discuss five specific internal controls Ruby should recommend to Barb based on the process described above.
Question
If a company has good segregation of duties, it does not need: (i) pre-numbered documents, (ii) internal audits.

A) i only.
B) ii only.
C) Both i and ii.
D) Neither i nor ii.
Question
Internal control definitions
The text presented three definitions of internal control: COSO, New York State Office of the State Comptroller and Lander. For each item listed below, put an "X" in the appropriate column(s) to indicate which definition(s) is/are referenced. Internal control definitions The text presented three definitions of internal control: COSO, New York State Office of the State Comptroller and Lander. For each item listed below, put an X in the appropriate column(s) to indicate which definition(s) is/are referenced. <div style=padding-top: 35px>
Question
Companies can monitor the effectiveness of internal control and enterprise risk management systems through: (i) employee surveys, (ii) internal audits.

A) i only.
B) ii only.
C) Both i and ii.
D) Neither i nor ii.
Question
Explain four specific risks Top Notch T-Shirt Printing faces in its everyday operations. Classify each risk according to Brown's taxonomy.
Question
Match between columns
Premises:
Responses:
Damage from natural disasters, such as fire or earthquake.
Market research before opening the restaurant.
Damage from natural disasters, such as fire or earthquake.
Matching customer orders with food prepared.
Damage from natural disasters, such as fire or earthquake.
Monitoring order trends & purchasing raw materials based on them.
Damage from natural disasters, such as fire or earthquake.
Monthly staff meetings.
Damage from natural disasters, such as fire or earthquake.
Placing cash register near the door.
Damage from natural disasters, such as fire or earthquake.
Standard recipes & adequate training.
Damage from natural disasters, such as fire or earthquake.
Thorough emergency procedures, like an evacuation plan.
Damage from natural disasters, such as fire or earthquake.
Video surveillance system near the entrance.
Damage from natural disasters, such as fire or earthquake.
None of the above.
Food quality variances due to inconsistent preparation.
Market research before opening the restaurant.
Food quality variances due to inconsistent preparation.
Matching customer orders with food prepared.
Food quality variances due to inconsistent preparation.
Monitoring order trends & purchasing raw materials based on them.
Food quality variances due to inconsistent preparation.
Monthly staff meetings.
Food quality variances due to inconsistent preparation.
Placing cash register near the door.
Food quality variances due to inconsistent preparation.
Standard recipes & adequate training.
Food quality variances due to inconsistent preparation.
Thorough emergency procedures, like an evacuation plan.
Food quality variances due to inconsistent preparation.
Video surveillance system near the entrance.
Food quality variances due to inconsistent preparation.
None of the above.
Gratuities (tips) going to the wrong server.
Market research before opening the restaurant.
Gratuities (tips) going to the wrong server.
Matching customer orders with food prepared.
Gratuities (tips) going to the wrong server.
Monitoring order trends & purchasing raw materials based on them.
Gratuities (tips) going to the wrong server.
Monthly staff meetings.
Gratuities (tips) going to the wrong server.
Placing cash register near the door.
Gratuities (tips) going to the wrong server.
Standard recipes & adequate training.
Gratuities (tips) going to the wrong server.
Thorough emergency procedures, like an evacuation plan.
Gratuities (tips) going to the wrong server.
Video surveillance system near the entrance.
Gratuities (tips) going to the wrong server.
None of the above.
Lack of customers due to poor geographic location.
Market research before opening the restaurant.
Lack of customers due to poor geographic location.
Matching customer orders with food prepared.
Lack of customers due to poor geographic location.
Monitoring order trends & purchasing raw materials based on them.
Lack of customers due to poor geographic location.
Monthly staff meetings.
Lack of customers due to poor geographic location.
Placing cash register near the door.
Lack of customers due to poor geographic location.
Standard recipes & adequate training.
Lack of customers due to poor geographic location.
Thorough emergency procedures, like an evacuation plan.
Lack of customers due to poor geographic location.
Video surveillance system near the entrance.
Lack of customers due to poor geographic location.
None of the above.
Raw material spoilage.
Market research before opening the restaurant.
Raw material spoilage.
Matching customer orders with food prepared.
Raw material spoilage.
Monitoring order trends & purchasing raw materials based on them.
Raw material spoilage.
Monthly staff meetings.
Raw material spoilage.
Placing cash register near the door.
Raw material spoilage.
Standard recipes & adequate training.
Raw material spoilage.
Thorough emergency procedures, like an evacuation plan.
Raw material spoilage.
Video surveillance system near the entrance.
Raw material spoilage.
None of the above.
Robbery.
Market research before opening the restaurant.
Robbery.
Matching customer orders with food prepared.
Robbery.
Monitoring order trends & purchasing raw materials based on them.
Robbery.
Monthly staff meetings.
Robbery.
Placing cash register near the door.
Robbery.
Standard recipes & adequate training.
Robbery.
Thorough emergency procedures, like an evacuation plan.
Robbery.
Video surveillance system near the entrance.
Robbery.
None of the above.
Running out of popular menu items.
Market research before opening the restaurant.
Running out of popular menu items.
Matching customer orders with food prepared.
Running out of popular menu items.
Monitoring order trends & purchasing raw materials based on them.
Running out of popular menu items.
Monthly staff meetings.
Running out of popular menu items.
Placing cash register near the door.
Running out of popular menu items.
Standard recipes & adequate training.
Running out of popular menu items.
Thorough emergency procedures, like an evacuation plan.
Running out of popular menu items.
Video surveillance system near the entrance.
Running out of popular menu items.
None of the above.
Table servers giving away food.
Market research before opening the restaurant.
Table servers giving away food.
Matching customer orders with food prepared.
Table servers giving away food.
Monitoring order trends & purchasing raw materials based on them.
Table servers giving away food.
Monthly staff meetings.
Table servers giving away food.
Placing cash register near the door.
Table servers giving away food.
Standard recipes & adequate training.
Table servers giving away food.
Thorough emergency procedures, like an evacuation plan.
Table servers giving away food.
Video surveillance system near the entrance.
Table servers giving away food.
None of the above.
Unusually high employee turnover Computerized records of cash receipts.
Market research before opening the restaurant.
Unusually high employee turnover Computerized records of cash receipts.
Matching customer orders with food prepared.
Unusually high employee turnover Computerized records of cash receipts.
Monitoring order trends & purchasing raw materials based on them.
Unusually high employee turnover Computerized records of cash receipts.
Monthly staff meetings.
Unusually high employee turnover Computerized records of cash receipts.
Placing cash register near the door.
Unusually high employee turnover Computerized records of cash receipts.
Standard recipes & adequate training.
Unusually high employee turnover Computerized records of cash receipts.
Thorough emergency procedures, like an evacuation plan.
Unusually high employee turnover Computerized records of cash receipts.
Video surveillance system near the entrance.
Unusually high employee turnover Computerized records of cash receipts.
None of the above.
Unlock Deck
Sign up to unlock the cards in this deck!
Unlock Deck
Unlock Deck
1/57
auto play flashcards
Play
simple tutorial
Full screen (f)
exit full mode
Deck 4: Internal Controls
1
Which of the following did Brown identify as forms of operational risk: (i) systems risk, (ii) human error risk, (iii) directors' and officers' liability.

A) i and ii only.
B) ii and iii only.
C) i and iii only.
D) i, ii and iii.
A
2
Which of the following is included in all three definitions of internal control presented in the text?

A) Elimination of error.
B) Reliability of financial reporting.
C) Reasonable assurance.
D) Focus on generally accepted accounting principles.
C
3
Market risk refers to changes in all of the following except:

A) Customer demand.
B) Stock price.
C) Investment prices.
D) Interest rates.
A
4
According to the COSO definition, internal controls should provide:

A) Reasonable assurance.
B) Punishments for dishonest employees.
C) Sufficient justification for prosecuting criminals.
D) Guarantees that no fraud exists in the accounting information system.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
5
According to Brown, strategic risks include:

A) Liquidity risk.
B) Systems risk.
C) Legal and regulatory risk.
D) Directors' and officers' liability.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
6
Which of the following is included in both COSO frameworks?

A) Objective setting.
B) Risk response.
C) Monitoring.
D) Reasonable assurance.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
7
The terms "preventive, detective and corrective" are most closely associated with which element of Internal Control? Integrated Framework?

A) Control environment.
B) Monitoring.
C) Control activities.
D) Risk assessment.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
8
When a customer is unable or unwilling to pay amounts due, an organization experiences ___ risk.

A) Market.
B) Credit.
C) Systems.
D) Business strategy.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
9
According to the COSO definition, internal controls should address which of the following areas: (i) effectiveness and efficiency of operations, (ii) reliability of financial reporting, (iii) compliance with applicable laws and regulations.

A) i and ii only.
B) ii and iii only.
C) i and iii only.
D) i, ii and iii.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
10
In fulfilling the four purposes of internal control, managers should ensure that:

A) The opportunity for theft is eliminated.
B) Costs are less than benefits.
C) All employees are bonded.
D) Every employee understands the importance of SOX.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
11
Top management's general attitude about internal control and risk is called _______ in the COSO internal control framework and ______ in the enterprise risk management framework.

A) Internal environment, control environment.
B) Control environment, internal environment.
C) Internal environment, internal environment.
D) Control environment, control environment.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
12
According to the COSO definition, who is responsible for internal control: (i) board of directors, (ii) managers, (iii) auditors.

A) i and ii only.
B) ii and iii only.
C) i and iii only.
D) i, ii and iii.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
13
Internal Control: Integrated Framework includes all of the following except:

A) Control environment.
B) Risk assessment.
C) Control assessment.
D) Monitoring.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
14
Making operations as efficient as possible is:

A) A basic purpose of internal control.
B) A component of the Foreign Corrupt Practices Act.
C) An objective of the Sarbanes-Oxley Act.
D) Not an issue for accountants to address.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
15
The general objectives of internal control include all of the following except:

A) Protecting assets.
B) Producing true financial statements.
C) Streamlining operations.
D) Encouraging employees to follow management's directions.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
16
According to Enterprise Risk Management: Integrated Framework, risk can be:

A) Internal or external.
B) General or specific.
C) Financial or operational.
D) Inherent or residual.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
17
Among other things, internal controls should promote conformity with:

A) Generally accepted accounting principles.
B) The Foreign Corrupt Practices Act.
C) The rules of debit and credit.
D) Management instructions.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
18
According to the COSO definition, internal control is a(n):

A) Set of procedures.
B) Process.
C) Checklist.
D) Way to eliminate risk.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
19
Which of the following best explains one of the four basic purposes of internal control?

A) Eliminating error.
B) Uncovering fraud.
C) Promoting confidence in financial statements.
D) Eliminating the need for audits.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
20
Insufficient cash is an example of ______ risk in Brown's taxonomy.

A) Financial.
B) Operational.
C) Strategic.
D) Hazard.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
21
Insurance and bonding are examples of which part of the COSO risk management framework?

A) Risk response.
B) Objective setting.
C) Information and communication.
D) Basic purposes of internal control.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
22
A foreign company wants to trade its capital stock in the United States. The company hires a consultant with expertise in SOX in response to which form of risk?

A) Human error.
B) Legal and regulatory.
C) Strategic.
D) Market.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
23
Which of the following internal controls is most likely to detect that an employee has stolen cash?

A) Pre-numbered documents.
B) Adequate documentation.
C) Insurance against theft.
D) Separation of duties.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
24
Cortez works for a large retailer that sells various kinds of linens (towels, sheets, blankets, pillow cases). In completing a risk assessment for his organization, which of the following questions should he ask first?

A) What risks should we prepare for?
B) How can information technology help guard against risk?
C) Do we need an internal auditing staff?
D) What will my boss think about the plan I develop?
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
25
Internal controls like edit checks and preformatted data entry screens would help reduce: (i) systems risk, (ii) human error risk.

A) i only.
B) ii only.
C) Both i and ii.
D) Neither i nor ii.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
26
Edna wants to maintain stronger internal control over inventory. Which of the following would be the best preventive control?

A) Lockbox system.
B) Limit check.
C) Edit check.
D) Video surveillance.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
27
Which of the following four pairs listed below achieve the same purpose as outlined in the text on internal control functions and purposes?

A) Safeguarding assets, firewalls.
B) Ensuring financial statement reliability, limit checks.
C) Promoting operating efficiency, procedures manuals.
D) Encouraging compliance with management directives, data encryption.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
28
Processes like separation of duties and internal audits are most closely associated with which element of the COSO internal control framework?

A) Definition of internal control.
B) Control activities.
C) Monitoring.
D) Risk response.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
29
Using pre-numbered documents in an accounting information system is a way to ___ risk.

A) Avoid.
B) Share.
C) Accept.
D) Reduce.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
30
Business strategy risk would cause concern for: (i) a company trying to sell a new product in an established geographic market, (ii) a company trying to sell an established product in a new geographic market.

A) i only.
B) ii only.
C) Both i and ii.
D) Neither i nor ii.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
31
Four pairs of internal controls are listed below. Identify the pair that accomplishes the same goal based on the four purposes of internal controls as discussed in the text.

A) Safeguarding assets, preformatted data entry screens.
B) Ensuring financial statement reliability, daily cash deposits.
C) Promoting operating efficiency, physical security.
D) Encouraging compliance with management directives, user training.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
32
Cortez works for a large retailer that sells various kinds of linens (towels, sheets, blankets, pillow cases). He recommends establishing an internal audit function to manage a comprehensive risk management plan. In the COSO enterprise risk management framework, his recommendation is most closely associated with: Control activities.

A) Information and communication.
B) Risk response.
C) Risk assessment.
D) Risk assessment.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
33
Which of the following internal controls is most likely to prevent an employee from stealing cash?

A) Pre-numbered documents.
B) Adequate documentation.
C) Insurance against theft.
D) Separation of duties.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
34
As an internal control, separation of duties would help prevent: (i) theft of inventory, (ii) computer viruses.

A) i only.
B) ii only.
C) Both i and ii.
D) Neither i nor ii.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
35
Cortez works for a large retailer that sells various kinds of linens (towels, sheets, blankets, pillow cases). As part of an enterprise risk management plan, he recommends the company purchase more fire insurance. Which section of the COSO enterprise risk management framework is most applicable to his recommendation?

A) Risk response.
B) Objective setting.
C) Monitoring.
D) Event identification.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
36
The text identified four basic purposes of internal control and several examples of specific controls. Which of the following demonstrates the strongest relationship between them?

A) Safeguarding assets, separation of duties.
B) Ensuring financial statement reliability, edit checks.
C) Promoting operating efficiency, bank reconciliation.
D) Encouraging compliance with management directives, pre-numbered documents.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
37
The text identified four basic purposes of internal control and several examples of specific controls. Which of the following demonstrates the strongest relationship between them?

A) Safeguarding assets, bank reconciliation.
B) Ensuring financial statement reliability, pre-numbered documents.
C) Promoting operating efficiency, bank reconciliation.
D) Encouraging compliance with management directives, pre-numbered documents.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
38
An entrepreneur started a company by borrowing money from his parents. If the company does not extend credit to its customers and uses very little information technology, which of the following risks is most serious?

A) Directors' and officers' liability.
B) Liquidity risk.
C) Credit risk.
D) Systems risk.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
39
Cortez works for a large retailer that sells various kinds of linens (towels, sheets, blankets, pillow cases). Which of the following is an internal event he should consider as he develops a risk management plan?

A) Whether management will accept his plan.
B) Employee embezzlement.
C) Ways to reduce risk internally.
D) An internal system for monitoring the risk management plan.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
40
Based on the four purposes of internal controls discussed in the text, which of the four pairs listed are the most similar based on those purposes?

A) Safeguarding assets, data encryption.
B) Ensuring financial statement reliability, internal audits.
C) Promoting operating efficiency, restrictive endorsements.
D) Encouraging compliance with management directives, insurance and bonding.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
41
Which of the following best describes the relationship between the two COSO frameworks discussed in the text?

A) The enterprise risk management framework makes the internal control framework obsolete.
B) The internal control framework makes the enterprise risk management framework obsolete.
C) The enterprise risk management framework is more comprehensive than the internal control framework.
D) The internal control framework updates the enterprise risk management framework.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
42
Brown's risk taxonomy includes four major categories: financial, operational, strategic and hazard. In your own words, differentiate the four types; give an example of each type that relates directly to Top Notch T-Shirt Printing. Do not list the subcategories for each major category.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
43
The text presented three definitions of internal control. Which of the following statements about them is most true?

A) Two of them apply only to businesses; the other applies only to government agencies.
B) Only one of the three emphasizes that internal control is a process.
C) None of the three provides absolute assurance that a company has eliminated risk.
D) All of them focus on specific internal control procedures for specific kinds of companies.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
44
Risk assessment
Eric is the owner of Handyman Unlimited, a company which does "odd jobs" and small home repair. Eric uses his personal line of credit, based on the value of his home, to finance the business. The company's risk exposures include those listed below; use the detailed elements of Brown's risk taxonomy (not the four categories) to classify each risk.
___________ 1. A handyman steals small tools and sells them on eBay.
__________ 2. After Handyman Unlimited became a publicly traded corporation, auditors discovered
one of the officers had committed fraud against the company.
__________ 3. An unhappy employee introduces a virus to the company's computer network.
__________ 4. Handyman Unlimited attempts to expand its operations to Africa.
__________ 5. Payroll expenses often drain the company's cash reserves.
__________ 6. The bookkeeper records a cash sale by debiting sales and crediting cash.
__________ 7. The company's billing policy requires customers to pay within 60 days of service.
__________ 8. The value of Eric's home may drop significantly.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
45
Which of the following phrases associated with the definition of internal control is most closely related to promoting operating efficiency?

A) Reliability of financial reporting.
B) Achieve its objectives and mission.
C) Reasonable assurance.
D) Fraud prevention.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
46
Internal control classification
Several common internal controls for information technology are listed below. Indicate whether each is primarily preventive, detective or corrective in nature; also indicate whether each is a general control or an application control. Internal control classification Several common internal controls for information technology are listed below. Indicate whether each is primarily preventive, detective or corrective in nature; also indicate whether each is a general control or an application control.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
47
Define "internal control." Outline the structure of Internal Control: Integrated Framework OR Enterprise Risk Management: Integrated Framework.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
48
COSO enterprise risk management framework
Debbie, Amy and Lynn all work for PPK Corporation; they recently had the conversation below about risk management. Specify the element of the COSO enterprise risk management framework that most clearly applies to each underlined phrase in the conversation.
Debbie: Our boss has asked us to come up with some ideas about how to manage risk in the company.
Amy: Ok. Let's use the COSO framework to help guide our thinking; it has eight elements: internal environment, objective setting, event identification, risk assessment, risk response, control activities, information and communication, and monitoring.
Lynn: Well, whatever we come up with, we need to let other people in the company know about it. I think we should start a newsletter or web site.
Amy: Wait a minute, Lynn. before we do anything, we need to figure out how our risk management activities are connected to the company's strategic plan.
Debbie: That's right, Amy. It's pretty clear this task is important to the boss-otherwise, she wouldn't have asked all three of us to work on it.
Lynn: Maybe we should start by thinking about the things that have happened recently to increase risk around here.
Debbie: That's a great idea. While we're at it, we should also think about the likelihood that each one will happen again.
Amy: Yeah-and then we can decide what to do about each one, like whether just to accept it or try to manage it. Of course, we'd also need to get much more specific about how to manage it.
Debbie: I just hope all the work we're about to do doesn't go to waste. The company needs a system to make sure that risk management continues after we develop a plan.
________ 1. this task is important to the boss.
________ 2. things that have happened recently.
________ 3. the likelihood that each one will happen again.
________ 4. start a newsletter or web site.
________ 5. how our risk management activities are connected to the company's strategic plan.
________ 6. get much more specific about how to manage it.
________ 7. decide what to do about each one, like whether just to accept it or try to manage it.
________ 8. a system to make sure that risk management continues.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
49
Which of the following internal controls is a form of risk sharing?

A) Insurance.
B) Pre-numbered documents.
C) Segregation of duties.
D) Data encryption.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
50
A strong firewall eliminates the need for: (i) data encryption, (ii) virus protection.

A) i only.
B) ii only.
C) Both i and ii.
D) Neither i nor ii.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
51
Internal control legislation
Several elements of the Foreign Corrupt Practices Act and the Sarbanes-Oxley Act are listed below. Place an "X" in the appropriate column to indicate which Act is most closely associated with each element. If an item applies to both, place an "X" in both columns. Internal control legislation Several elements of the Foreign Corrupt Practices Act and the Sarbanes-Oxley Act are listed below. Place an X in the appropriate column to indicate which Act is most closely associated with each element. If an item applies to both, place an X in both columns.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
52
List and discuss five specific internal controls Ruby should recommend to Barb based on the process described above.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
53
If a company has good segregation of duties, it does not need: (i) pre-numbered documents, (ii) internal audits.

A) i only.
B) ii only.
C) Both i and ii.
D) Neither i nor ii.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
54
Internal control definitions
The text presented three definitions of internal control: COSO, New York State Office of the State Comptroller and Lander. For each item listed below, put an "X" in the appropriate column(s) to indicate which definition(s) is/are referenced. Internal control definitions The text presented three definitions of internal control: COSO, New York State Office of the State Comptroller and Lander. For each item listed below, put an X in the appropriate column(s) to indicate which definition(s) is/are referenced.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
55
Companies can monitor the effectiveness of internal control and enterprise risk management systems through: (i) employee surveys, (ii) internal audits.

A) i only.
B) ii only.
C) Both i and ii.
D) Neither i nor ii.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
56
Explain four specific risks Top Notch T-Shirt Printing faces in its everyday operations. Classify each risk according to Brown's taxonomy.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
57
Match between columns
Premises:
Responses:
Damage from natural disasters, such as fire or earthquake.
Market research before opening the restaurant.
Damage from natural disasters, such as fire or earthquake.
Matching customer orders with food prepared.
Damage from natural disasters, such as fire or earthquake.
Monitoring order trends & purchasing raw materials based on them.
Damage from natural disasters, such as fire or earthquake.
Monthly staff meetings.
Damage from natural disasters, such as fire or earthquake.
Placing cash register near the door.
Damage from natural disasters, such as fire or earthquake.
Standard recipes & adequate training.
Damage from natural disasters, such as fire or earthquake.
Thorough emergency procedures, like an evacuation plan.
Damage from natural disasters, such as fire or earthquake.
Video surveillance system near the entrance.
Damage from natural disasters, such as fire or earthquake.
None of the above.
Food quality variances due to inconsistent preparation.
Market research before opening the restaurant.
Food quality variances due to inconsistent preparation.
Matching customer orders with food prepared.
Food quality variances due to inconsistent preparation.
Monitoring order trends & purchasing raw materials based on them.
Food quality variances due to inconsistent preparation.
Monthly staff meetings.
Food quality variances due to inconsistent preparation.
Placing cash register near the door.
Food quality variances due to inconsistent preparation.
Standard recipes & adequate training.
Food quality variances due to inconsistent preparation.
Thorough emergency procedures, like an evacuation plan.
Food quality variances due to inconsistent preparation.
Video surveillance system near the entrance.
Food quality variances due to inconsistent preparation.
None of the above.
Gratuities (tips) going to the wrong server.
Market research before opening the restaurant.
Gratuities (tips) going to the wrong server.
Matching customer orders with food prepared.
Gratuities (tips) going to the wrong server.
Monitoring order trends & purchasing raw materials based on them.
Gratuities (tips) going to the wrong server.
Monthly staff meetings.
Gratuities (tips) going to the wrong server.
Placing cash register near the door.
Gratuities (tips) going to the wrong server.
Standard recipes & adequate training.
Gratuities (tips) going to the wrong server.
Thorough emergency procedures, like an evacuation plan.
Gratuities (tips) going to the wrong server.
Video surveillance system near the entrance.
Gratuities (tips) going to the wrong server.
None of the above.
Lack of customers due to poor geographic location.
Market research before opening the restaurant.
Lack of customers due to poor geographic location.
Matching customer orders with food prepared.
Lack of customers due to poor geographic location.
Monitoring order trends & purchasing raw materials based on them.
Lack of customers due to poor geographic location.
Monthly staff meetings.
Lack of customers due to poor geographic location.
Placing cash register near the door.
Lack of customers due to poor geographic location.
Standard recipes & adequate training.
Lack of customers due to poor geographic location.
Thorough emergency procedures, like an evacuation plan.
Lack of customers due to poor geographic location.
Video surveillance system near the entrance.
Lack of customers due to poor geographic location.
None of the above.
Raw material spoilage.
Market research before opening the restaurant.
Raw material spoilage.
Matching customer orders with food prepared.
Raw material spoilage.
Monitoring order trends & purchasing raw materials based on them.
Raw material spoilage.
Monthly staff meetings.
Raw material spoilage.
Placing cash register near the door.
Raw material spoilage.
Standard recipes & adequate training.
Raw material spoilage.
Thorough emergency procedures, like an evacuation plan.
Raw material spoilage.
Video surveillance system near the entrance.
Raw material spoilage.
None of the above.
Robbery.
Market research before opening the restaurant.
Robbery.
Matching customer orders with food prepared.
Robbery.
Monitoring order trends & purchasing raw materials based on them.
Robbery.
Monthly staff meetings.
Robbery.
Placing cash register near the door.
Robbery.
Standard recipes & adequate training.
Robbery.
Thorough emergency procedures, like an evacuation plan.
Robbery.
Video surveillance system near the entrance.
Robbery.
None of the above.
Running out of popular menu items.
Market research before opening the restaurant.
Running out of popular menu items.
Matching customer orders with food prepared.
Running out of popular menu items.
Monitoring order trends & purchasing raw materials based on them.
Running out of popular menu items.
Monthly staff meetings.
Running out of popular menu items.
Placing cash register near the door.
Running out of popular menu items.
Standard recipes & adequate training.
Running out of popular menu items.
Thorough emergency procedures, like an evacuation plan.
Running out of popular menu items.
Video surveillance system near the entrance.
Running out of popular menu items.
None of the above.
Table servers giving away food.
Market research before opening the restaurant.
Table servers giving away food.
Matching customer orders with food prepared.
Table servers giving away food.
Monitoring order trends & purchasing raw materials based on them.
Table servers giving away food.
Monthly staff meetings.
Table servers giving away food.
Placing cash register near the door.
Table servers giving away food.
Standard recipes & adequate training.
Table servers giving away food.
Thorough emergency procedures, like an evacuation plan.
Table servers giving away food.
Video surveillance system near the entrance.
Table servers giving away food.
None of the above.
Unusually high employee turnover Computerized records of cash receipts.
Market research before opening the restaurant.
Unusually high employee turnover Computerized records of cash receipts.
Matching customer orders with food prepared.
Unusually high employee turnover Computerized records of cash receipts.
Monitoring order trends & purchasing raw materials based on them.
Unusually high employee turnover Computerized records of cash receipts.
Monthly staff meetings.
Unusually high employee turnover Computerized records of cash receipts.
Placing cash register near the door.
Unusually high employee turnover Computerized records of cash receipts.
Standard recipes & adequate training.
Unusually high employee turnover Computerized records of cash receipts.
Thorough emergency procedures, like an evacuation plan.
Unusually high employee turnover Computerized records of cash receipts.
Video surveillance system near the entrance.
Unusually high employee turnover Computerized records of cash receipts.
None of the above.
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Unlock Deck
k this deck
locked card icon
Unlock Deck
Unlock for access to all 57 flashcards in this deck.
Examlex
Examlex
Work With Us
Policies
Download the App
Scan to downloadDownload the App
qr-code
Links
Links
Work With Us
Download the App

Scan to downloadDownload the App
qr-code

Copyright © 2025 Examlex LLC.
  • facebook-footer
  • instagram-footer
  • x-footer
  • tiktok
  • Linktree