Deck 7: Controlling Information Systems: Introduction to Enterprise Risk Management and Internal Control

A) risk
B) hazard
C) fraud
D) exposure

A) enterprise risk management
B) internal control
C) organizational governance
D) risk assessment

A) compliance
B) operations
C) reporting
D) strategic

A) enterprise risk management
B) internal control
C) organizational governance
D) risk assessment

A) compliance
B) operations
C) reporting
D) strategic

A) control activities
B) event identification
C) monitoring
D) risk response

A) Title I - Public Company Accounting Oversight Board
B) Title II - Auditor Independence
C) Title III -Corporate Responsibility
D) Title IV - Enhanced Financial Disclosures

A) to provide reasonable assurance that the goals of the business are being achieved
B) to mitigate risks of fraud and other intentional and unintentional acts
C) to provide reasonable assurance that the company is in compliance with applicable legal and regulatory obligations
D) all of the above

A) control activities
B) internal environment
C) risk assessment
D) risk response

A) Auditors no longer opine on the effectiveness of management's internal control reporting process.
B) The number of controls that need to be documented, evaluated, and tested is reduced.
C) Both a. and b.
D) Neither a. nor b.

A) control activities
B) event identification
C) risk assessment
D) risk response

A) The most common fraud scheme used was improper revenue recognition.
B) Most companies engaged in fraudulent activities were able to recover and resume operations.
C) CEO's and CFO's were named by the SEC for involvement in approximately 50% of fraud cases.
D) All of the above.

A) opportunities
B) embezzlement
C) fraud
D) risks

A) compliance
B) operations
C) reporting
D) strategic

A) control
B) impact
C) risk
D) opportunity

A) control activities
B) event identification
C) risk assessment
D) risk response

A) the board of directors
B) stakeholders
C) investors
D) management

A) Internal audit is the most effective fraud detection method.
B) Cybercrime ranks as one of the top four economic crimes worldwide.
C) Accounting fraud has increased significantly over the last two years.
D) All of the above.

A) compliance
B) operations
C) reporting
D) strategic

A) control activities
B) Monitoring
C) objective setting
D) risk response

A) Title I - Public Company Accounting Oversight Board
B) Title II - Auditor Independence
C) Title III - Corporate Responsibility
D) Title IV - Enhanced Financial Disclosures

A) control activities
B) event identification
C) risk assessment
D) risk response

A) controls
B) fraud
C) opportunities
D) risks

A) Internal and external events affecting achievement of an entity's objectives must be identified, distinguishing between risks and opportunities.
B) Management selects whether to avoid, accept, reduce, or share risk -developing a set of actions to align risks with the entity's risk tolerances and risk appetite.
C) The entirety of enterprise risk management is monitored and modifications made as necessary.
D) The likelihood and impact of risks are analyzed, as a basis for determining how they should be managed.

A) Control environment
B) Risk assessment
C) Control activities
D) Monitoring

A) Control environment
B) Risk assessment
C) Control activities
D) Monitoring

A) COBIT
B) COSO
C) ERM
D) All of the above.

A) salami slicing
B) back door
C) logic bomb
D) Trojan horse

A) Audits
B) internal controls
C) Managers
D) Tips

A) Title V - Analysts Conflicts of Interests
B) Title VIII - Corporate and Criminal Fraud Accountability
C) Title IX - White-Collar Crime Penalty Enhancements
D) Title XI - Corporate Fraud and Accountability

A) Control environment
B) Risk assessment
C) Control activities
D) Monitoring

A) ensure input validity
B) ensure input accuracy
C) ensure input completeness
D) ensure effectiveness of operations

A) ensure effectiveness of operations
B) ensure efficient employment of resources
C) ensure security of resources
D) ensure input accuracy

A) Evaluate the design of the company's controls to determine if they adequately address the risk that a material misstatement of the financial statements would not be prevented or detected in a timely manner.
B) Gather and evaluate evidence about the operation of controls.
C) Implement key controls to determine their operating efficiency.
D) Present a written assessment of the effectiveness of internal control over financial reporting.

A) audit
B) embezzlement
C) fraud
D) Theft

A) worm
B) back door
C) logic bomb
D) Trojan horse

A) effectiveness
B) monitoring
C) efficiency
D) risk

A) the external auditors
B) management
C) programmers
D) government authorities

A) input validity
B) input completeness
C) input accuracy
D) update validity

A) worm
B) salami slicing
C) logic bomb
D) Trojan horse

A) Title V- Analysts Conflicts of Interests
B) Title VIII - Corporate and Criminal Fraud Accountability
C) Title IX - White-Collar Crime Penalty Enhancements
D) Title XI - Corporate Fraud and Accountability

A) ultimate ownership of the system should rest with the board of directors.
B) a properly implemented system can be expected to provide 100 percent assurance that the organization will meet its objectives.
C) both a. and b.
D) neither a. not b.

A) commitment to the importance of control
B) reward systems
C) tone at the top of the organization
D) all of the above

A) Effective internal control systems provide complete assurance against the occurrence of material frauds and embezzlements.
B) Internal control systems depend largely on the competency and honesty of people.
C) Because internal control systems have a cost, management should evaluate the cost/benefit of each control plan.
D) The development of an internal control system is the responsibility of management.