Question 1

The ERM framework addresses four categories of management objectives. Which category addresses the effective and efficient use of resources?

Accepted Answer

A)   compliance
B)   operations
C)   reporting
D)   strategic B

Question 2

Under the Sarbanes Oxley Act of 2002, the section on Corporate Responsibility requires a company's CEO and CFO to certify quarterly and annual reports.

Accepted Answer

A) True 
 B)False  True

Question 3

A(n) ______________________________ is a program that secretly takes over another Internet -attached computer and then uses that computer to launch attacks that can't be traced to the creator.

Accepted Answer

zombie

Question 4

A(n) ______________________________ item is an object or event that is not authorized, never occurred, or is otherwise not genuine.

Accepted Answer

The answer of A(n) ______________________________ item is an object or...

Question 5

This component of the ERM framework that encompasses the tone of an organization and sets the basis for how risk is viewed and addressed by an entity's people, including risk management philosophy and risk appetite, integrity and ethical values and the environment in which they operate.

Accepted Answer

A)   control activities
B)   internal environment
C)   risk assessment
D)   risk response

Question 6

Under the Sarbanes Oxley Act of 2002, the section on Auditor Independence establishes an independent board to oversee public company audits.

Accepted Answer

A) True 
 B)False

Question 7

The control environment reflects the organization's general awareness of and commitment to the importance of control throughout the organization.

Accepted Answer

A) True 
 B)False

Question 8

Opportunities are events that could have a positive impact on organization objectives.

Accepted Answer

A) True 
 B)False

Question 9

A computer abuse technique called ______________________________ involves a programmer's inserting special code or passwords in a computer program that will allow the programmer to bypass the security features of the program.

Accepted Answer

The answer of A computer abuse technique called ______________________________ involves...

Question 10

Fraud is the possibility that an event or action will cause an organization to fail to meet its objectives (or goals).

Accepted Answer

A) True 
 B)False

Question 11

A major reason management must exercise control over an organization's business processes is to provide reasonable assurance that the company is in compliance with applicable laws and regulations.

Accepted Answer

A) True 
 B)False

Question 12

Assuring that the accounts receivable master data reflects all cash collections recorded in the cash receipts event data addresses the control goal of:

Accepted Answer

A)   ensure input accuracy
B)   ensure input completeness
C)   ensure update accuracy
D)   ensure update completeness

Question 13

The control goal that is concerned with the correctness of the transaction data that are entered into a system is called ensure ______________________________.

Accepted Answer

The answer of The control goal that is concerned with...

Question 14

Control goals of operations processes include:

Accepted Answer

A)   validity
B)   the control environment
C)   accuracy
D)   security of resources

Question 15

____ is a process that evaluates the quality of internal control performance over time.

Accepted Answer

A)   Control environment
B)   Risk assessment
C)   Control activities
D)   Monitoring

Question 16

The section of Sarbanes Oxley that makes it a felony to knowingly destroy, alter, or create records and or documents with the intent to impede, obstruct, or influence an ongoing or contemplated federal investigation and offers legal protection to whistle-blowers is ______________________________.

Accepted Answer

The answer of The section of Sarbanes Oxley that makes...

Question 17

The ERM framework addresses four categories of management objectives. Which category addresses the reliability of the financial statements?

Accepted Answer

A)   compliance
B)   operations
C)   reporting
D)   strategic

Question 18

A(n) ______________________________ is program code that can attach itself to other programs or macros thereby infecting those programs and macros.

Accepted Answer

The answer of A(n) ______________________________ is program code that can...

Question 19

Listed below are 13 specific fraud examples taken from some well-known fraud cases: MiniScribe, ZZZZ Best Carpet Cleaning, Lesley Fay, and Equity Funding.
Required:
For each fraud example, enter a letter corresponding to which information control goal was initially violated-Validity, Completeness, or Accuracy. Some examples might involve more than one violation.
NOTE: When we say initially, we mean what control goal failure led to this example, not what is the present condition. For example, master data might contain information that is inaccurate, but it might have been an inaccurate input that initially caused the data to be inaccurate.

Accepted Answer

The answer of Listed below are 13 specific fraud examples...

Question 20

______________________________ are those events that would have a negative impact on organization objectives.

Accepted Answer

The answer of ______________________________ are those events that would have...

Exam 7: Controlling Information Systems: Introduction to Enterprise Risk Management and Internal Control

The ERM framework addresses four categories of management objectives. Which category addresses the effective and efficient use of resources?

Under the Sarbanes Oxley Act of 2002, the section on Corporate Responsibility requires a company's CEO and CFO to certify quarterly and annual reports.

A(n) ______________________________ is a program that secretly takes over another Internet -attached computer and then uses that computer to launch attacks that can't be traced to the creator.

A(n) ______________________________ item is an object or event that is not authorized, never occurred, or is otherwise not genuine.

This component of the ERM framework that encompasses the tone of an organization and sets the basis for how risk is viewed and addressed by an entity's people, including risk management philosophy and risk appetite, integrity and ethical values and the environment in which they operate.

Under the Sarbanes Oxley Act of 2002, the section on Auditor Independence establishes an independent board to oversee public company audits.

The control environment reflects the organization's general awareness of and commitment to the importance of control throughout the organization.

Opportunities are events that could have a positive impact on organization objectives.

A computer abuse technique called ______________________________ involves a programmer's inserting special code or passwords in a computer program that will allow the programmer to bypass the security features of the program.

Fraud is the possibility that an event or action will cause an organization to fail to meet its objectives (or goals).

A major reason management must exercise control over an organization's business processes is to provide reasonable assurance that the company is in compliance with applicable laws and regulations.

Assuring that the accounts receivable master data reflects all cash collections recorded in the cash receipts event data addresses the control goal of:

The control goal that is concerned with the correctness of the transaction data that are entered into a system is called ensure ______________________________.

Control goals of operations processes include:

____ is a process that evaluates the quality of internal control performance over time.

The section of Sarbanes Oxley that makes it a felony to knowingly destroy, alter, or create records and or documents with the intent to impede, obstruct, or influence an ongoing or contemplated federal investigation and offers legal protection to whistle-blowers is ______________________________.

The ERM framework addresses four categories of management objectives. Which category addresses the reliability of the financial statements?

A(n) ______________________________ is program code that can attach itself to other programs or macros thereby infecting those programs and macros.

______________________________ are those events that would have a negative impact on organization objectives.