401 Prelim&Midterm Questionnaire
401 Prelim&Midterm Questionnaire
401 Prelim&Midterm Questionnaire
This COSO component include a range of actions as diverse as Which of the following is not typically one of
approvals, authorizations, verifications, reconciliations, etc management’s concerns in designing an effective internal
Control activities control structure? Obtaining the best internal control
system possible.
According to the COSO report, the correct sequence is
Objectives, risks, actions Proper segregation of duties reduces the opportunities in
which a person could both
An adequate system of internal control is most likely to Perpetuate errors and irregularities and conceal them.
detect an irregularity perpetrated by a
Single employee Giving limited computer access to employees is an example
of what type of control?
Which of the following is not one of the differences Preventive and detective
between a CEO and a Chairman of the Board?
The Chairman implements the decisions of the board, while Which of the following components of internal control
the CEO proposes plans, budgets and strategies would encompass the routine controls over business
processes and transactions?
Corporate management has a role in the maintenance of Control activities
internal control. In fact, management sometimes is a
control. Which of the following involves managerial This type of control ensures that there is clear direction and
functions as a control device? drive towards achieving the stated objectives Directive
Supervision of employees.
The primary responsibility for establishing and maintaining
In a small company that employs inadequate number of internal controls rests with the.
employees to permit proper division of responsibilities, Management
effective internal control can be strengthened by
Direct participation by the owner of the business in the All of the following are primary objectives of the overall
record keeping activities of the business. management process except:
Improving the effectiveness of risk management, control
Inherent limitations in an internal control structure must be and governance processes
considered in evaluating its effectiveness in preventing or
detecting errors and irregularities. Inherent limitations do Internal control is a function of management, and effective
not include control is based upon the concept of charge and discharge
Incompatible functions performed by the same person of responsibility and duty. Which of the following is one of
the overriding principles of internal control? Responsibility
An act of two or more employees to misstate record is for the performance of each duty must be fixed.
called. Collusion
Which of the following is a directive control?
A well-designed system of internal control that is Requiring all members of the internal auditing department
functioning effectively is most likely to detect an to be CIAs.
irregularity arising from. The fraudulent action of an
individual employee. This pertains to the cost of measuring, observing and
controlling the behavior of management
Proper segregation of functional responsibilities in an Monitoring cost
effective structure of internal control calls for separation of
the functions of Which of the following is a preventive type of control?
Authorization, recording and custody Unique usernames requiring passwords are assigned to
each employee
A manager has an interest in receiving benefits from his or The relative roles, rights, and accountability of such
her position as a manager. This is a scenario of the agency stakeholder groups as owners, board members, managers,
conflict under: employees, and others.
Moral hazard
The concept of control should be viewed as. Accomplishing
According to the COSO report, which of the following is the an objective.
most important component of internal control? Control
environment. True or False
The purpose of control is to ensure that the goals of a firm Physical access restrictions can be applied to buildings and
are being achieved. warehouses. T
Which of the following is not a proper role of corporate The control framework needs to be in place to promote the
board of directors? Guarantor right control environment. T
The board of directors should (choose the incorrect one): Physical access restrictions can be applied to buildings and
Make business decisions for the company warehouses. T
Which of the following is not considered an external The organization should employ a process for identifying,
stakeholder? Shareholders assessing and managing risk. T
Corporate directors, management, external auditors and In terms of time horizon, shareholders tend to be more
internal auditors all play important roles in creating a concerned of the short term financial prospects than long
proper control environment. Top management is primarily term ones. F
responsible for
Establishing a proper environment and specifying an overall Seminars, trainings and orientations for employees are
internal control structure examples of a corrective control. F
The major issue embedded in the structure of modern Costs of monitoring pertain to costs that might be incurred
corporations that has contributed to the corporate to provide incentives to managers to act in the best
governance problem has been interests of the shareholders. F
The separation of ownership from control.
Since external auditors are parties outside an organization,
Which of the following best identifies the reason that the external audit process cannot be reviewed by the audit
effective corporate governance is important? committee. F
The separation of ownership from management
The board should be composed of non-executive directors
Internal control structure objectives are to be accomplished only so as to represent the interests of the shareholders in
with reasonable assurance. The concept of reasonable a professional and responsible manner. F
assurance recognizes that
Employee carelessness can weaken an internal control Controls are needed if they guard against unacceptable
structure. risks to the business. F
Which of the following is not a component in the COSO A principle of good corporate governance is that a
framework for internal control? substantial number of the directors of a company should be
Segregation of duties independent. T
The following relates to internal control. Which of the In the agency concept, the owners of an organization act as
following is incorrect? the principal whereas the directors acts as the agent. T
The internal control system is confined to those matters
which relate directly to the functions of the accounting The audit committee can have an involvement in the
system appointment of internal auditors. T
This committee is tasked monitor financial reporting. Audit Operational controls are concerned with making sure that
committee an entity complies with all the requirements of relevant
legislation and regulations. F
Corporate governance is concerned with
Corporate governance is concerned with running the
business operations of a company. F
Internal controls are there to mitigate unacceptable levels The board, not dominated by a sole powerful CEO and
of risk. T Chairman is a good corporate governance practice. T
Monitoring controls assesses the quality of the system’s The governance function is the primary responsibility of the
performance over time. T internal audit activity. F
Shareholders provide capital to management and the Lenders and regulators are considered internal
management in turn provides transparent reporting to the stakeholders of an entity. F
shareholders. T
An internal control system helps ensure compliance with
The internal audit activity and the audit committee are one applicable laws and regulations and also with external
and the same body. F reporting requirements. F
Internal auditors are duty bound to ensure that the control The main driver for corporate governance is based on the
processes are carefully implemented. F agency concept. T
Preparation of bank reconciliation statements is an Risk Assessment includes a range of actions as diverse as
example of a detective control. T approvals, authorizations, verifications, reconciliations, etc.
F
Authorization and approval controls are controls over
spending decisions and decisions to enter into transactions. An internal control framework provides a road map
T regarding the control environment. T
The board should be properly accountable to its Residual risk is the risk left after initial mitigants are being
shareholders, and should be open and transparent with applied. T
investors generally. T
A subject matter, to be appropriate, should be identifiable,
Customers and suppliers of a company are considered part measurable and verifiable. T
of the stakeholders group. T
After the risk management cycle is done, the risks that have
Difficulty in achieving staff collusion is inversely related to been identified, assessed and addressed can be completely
the number of persons involved. F removed from the risk register to make room for new risks.
F
Preventive controls are more cost effective as compared to
detective controls. T The responsible party and intended user should be from
different entities. F
Monitoring is done to ensure that controls continue in
operation. T The risk management process is a cycle, therefore, after the
risk review stage, the risk identification stage starts again. T
Risk registers are only used during the risk review stage of If a company’s significant risks are identified and assessed,
the risk management process. F this can be an indication that the risk management
processes are effective. T
Audit is an example of an assertion-based assurance
engagement. T In discerning whether to invest in an entity’s publicly
traded equity instrument, one may encounter speculative
Risk management is a key responsibility of the board of risk. T
directors. T
Government auditors usually conduct operational audits. F
In an assurance engagement, the person or persons either
as individuals or representatives of an entity, responsible In a consulting engagement, there are only two parties
for the subject matter is the intended user. F involved. T
Risks are not reduced significantly by diversifying into Control risk is the susceptibility of the subject matter
different activities where the risks are similar. T information to a material misstatement assuming no
related controls exist. F
In general, evidences obtained from outside sources other
than the audit client are more reliable than those obtained An independent CPA who is an external auditor can also
internally from the audit client. T perform functions done by an internal auditor. T
Auditing proceeds by means of an ordered and structured Risk management is a dynamic process for taking all
series of steps. T reasonable steps to find out and deal with risks that impact
the company’s objectives. T
There are no available actions for risks with low likelihood
and low impact to the organization. F The PAS/PFRS is the only suitable criteria to be used in a
financial statement audit. F
The auditor should conduct an audit in accordance with the
Philippine Accounting Standards. F Laws, regulations and contracts are the established criteria
used in a compliance audit. T
Both the impact and likelihood of risks are assessed during
the identification stage of the risk management process. F Interest rate risk is an example of a market risk Interest
rate risk is an example of a market risk T
Internal auditing is a systematic process of objectively
obtaining and evaluating evidence regarding assertions The cash basis of accounting could be used as a suitable
about economic actions and events to ascertain the degree criteria. T
of correspondence between these assertions and
established criteria and communicating the results to Attestation services are a type of assurance service. T
interested users. F
Entering into a joint venture agreement is an example of
Tax planning and consulting services can be classified under the risk sharing strategy. T
attestation services. F
In-an assertion based engagement, is responsible for the The Security and Exchange Commission (SEC) engages
subject matter information, and may be responsible for the Felicity Sims to perform an assurance engagement
subject matter? Responsible party regarding a report about Xunnies’ sustainability practices
that the SEC has prepared and is to distribute to intended
Aling Manong purchased a desktop computer for the
users. In this case, Felicity Sims engagement is best
administrative use of his construction company. Using the
described as a(n) Attestation
risk map with the x-axis as the probability of frequency of
the risk materializing and y axis as the impact/size of When managing risk you will only be expected to counter
potential loss, which of the following is the best depiction risks which your business may reasonably be expected to
of the mix of the probability and impact/size of a risk of face while providing its services. However, management of
loss of data due to technical glitch? Low probability – High risk involves a process of steps to be taken in order. This
impact order is: Identification, analysis, treatment, monitoring and
review
Which of the following is responsible for the fairness
of representations made in financial statements? The Regarding risk management, “high” and “low” loss
client's management. frequency and severity are Defined differently for different
firms.
An example of risk mitigation is Using proven technology in
the development of a product to lessen the probability that It means an engagement It means an engagement in which
the product will not work the practitioner expresses a conclusion designed to
enhance the degree of confidence of the intended users
When should a risk be avoided? When the risk event is other than the responsible party: Assurance Engagement
unacceptable -- generally one with a very high probability
of occurrence and high impact