Question 1

The most difficult type of misstatement to discover is fraud that is concealed by:

Accepted Answer

A) Over-recording the transactions 
B) Nonrecorded transactions 
C) Recording the transactions in subsidiary records 
D) Related parties

Question 2

The Trust Services Principles document divided the risks and controls in IT into five categories.Which of the following is not one of those categories?

Accepted Answer

A) Certification 
B) Security 
C) Processing Integrity 
D) Confidentiality

Question 3

Management circumvention of systems or internal controls that are in place is termed:

Accepted Answer

A) Management override 
B) Management collusion 
C) Management stewardship 
D) Management manipulations

Question 4

Fraudsters typically try to justify their behavior by telling themselves that they intend to repay the amount stolen or that they believe the organization owes them the amount stolen.This justification is referred to as:

Accepted Answer

A) Opportunity 
B) Rationalization 
C) Incentive 
D) Concealment

Question 5

This type of external computer fraud is intended to overwhelm an intended target computer system with so much bogus network traffic so that the system is unable to respond to valid traffic.

Accepted Answer

A) DoS Attack 
B) Hacking 
C) Spoofing 
D) Phishing

Question 6

The accounting profession has accepted this report as the standard definition and description of internal control.

Accepted Answer

A) Sarbanes-Oxley Report 
B) FCPA Report 
C) ERI Report 
D) COSO Report

Question 7

Which of the following is a characteristic of computer fraud?

Accepted Answer

A) A computer is used in some cases to conduct a fraud more quickly and efficiently. 
B) Computer fraud can be conducted by employees within the organization. 
C) Computer fraud can be conducted by users outside an organization. 
D) All of the above are characteristics

Question 8

Independent checks on the performance of others is one of the categories of internal control.These independent checks would include all of the following, except:

Accepted Answer

A) Reviewing batch totals 
B) Reconciliation 
C) Comparison of physical assets with records 
D) Use of appropriate ID to enter restricted areas

Question 9

Segregation of duties is a fundamental concept in an effective system of internal controls.Nevertheless, the effectiveness of this control can be compromised through which situation?

Accepted Answer

A) A lack of employee training 
B) Collusion among employees 
C) Irregular employee reviews 
D) The absence of an internal audit function

Question 10

Establishing and maintaining a culture where ethical conduct is recognized, valued, and exemplified by all employees can be accomplished by doing all of the following except:

Accepted Answer

A) Obeying applicable laws and regulations that govern business 
B) Protecting the Environment 
C) Avoiding some conflicts of interest 
D) Conducting business in a manner that is honest, fair and trustworthy

Question 11

According to the COSO report, there are five different interrelated components of internal control.Which of the following is not one of those five components?

Accepted Answer

A) Code of Ethics 
B) Control Environment 
C) Information and Communication 
D) Monitoring

Question 12

Which of the following is not an obligation of management in an organization with strong ethical practices and internal controls?

Accepted Answer

A) to safegauard the funds invested by owners of the company 
B) to maintain internal controlswithin the organization 
C) to safeguard the personal assets and investments of each owner, and make 
D) to enforce a code of ethics

Question 13

The category of control activities referred to as segregation of duties requires that certain activities should be the responsibility of different person or department.The three duties that are to be separated are:

Accepted Answer

A) Authorizing, recording, and paying 
B) Recording, custody, and disposition 
C) Authorizing, paying, and custody 
D) Authorizing, recording, and custody

Question 14

The process of risk assessment would include all of the following actions, except:

Accepted Answer

A) Identify sources of risk, both internal and external 
B) Determine the impacts of identified risks 
C) Develop and execute an action plan to reduce the impact and probability of identified risks 
D) Report the risks to the audit committee

Question 15

Which is not one of the three conditions necessary for fraud perpetration

Accepted Answer

A) Desire to commit the fraud 
B) Incentive to commit the fraud 
C) Rationalization of the fraudulent action 
D) Opportunity to commit the fraud

Question 16

The ongoing review and evaluation of a system of internal control is referred to as:

Accepted Answer

A) Risk assessment 
B) Monitoring 
C) Segregating 
D) Communication

Question 17

The theft of any item of value is referred to as:

Accepted Answer

A) Fraudulent financial reporting 
B) Misappropriation of assets 
C) Misstatement of financial records 
D) Earnings management

Question 18

Which of the following is generally an external computer fraud, rather than an internal computer fraud?

Accepted Answer

A) Spoofing 
B) Input manipulation 
C) Program manipulation 
D) Output manipulation

Exam 3: Fraud, Ethics, and Internal Control