Quiz

Group 3 – AUD6

1. It is a deliberate and systematic effort to identify and document the Institution’s key risks.
Answer: Risk Identification
2. It is a systematic process of identifying hazards and evaluating any associated risks within a workplace.
Answer: Risk Assessment
3. Any uncertain event or condition that will have either a negative or positive effect on portfolios’
objectives is considered a ________________.
Answer: Portfolio Risk
4. It is the process of making and carrying out decisions that will minimize the adverse effects of risk on an
organization.
Answer: Risk Management

5. Which of the following is not one of the three primary objectives of effective internal control?
a. Financial Reporting Reliability
b. Operational Effectiveness and Efficiency
c. Applicable Laws and Regulations Compliance
d. Assurance of elimination of business risk
Answer: D

6. Reducing the probability that the risk will occur and the impact they will have if they do to
acceptable levels.
a. Avoid
b. Exploit
c. Mitigate
d. Enhance
Answer: C

7. It involves transferring of negative risk to a third party.

a. Share
b. Transfer
c. Enhance
d. Mitigate
Answer: B

8. Internal Controls:
a. Are implemented by and are the responsibilities of the auditors.
b. Consists of policies and procedures designed to provide reasonable assurance that the
company achieves its objectives and goals.
c. Guarantee that the company complies with all laws and regulations.
d. Only apply to SEC companies.
Answer: B

9. The Sarbanes-Oxley Act requires:

a. All public companies to issue reports on internal controls.
b. All public companies to define adequate internal controls.
c. The auditor of public companies to design effective internal controls.
d. The auditor of public companies to withdraw from an engagement if internal controls
are weak.
Answer: A
10. All of the following are strategies for negative risk response, except:
a. Avoid
b. Mitigate
c. Share
d. Accept
e. Transfer
Answer: C

11. The internal control framework used by most U.S companies is the _____ framework.
a. SEC
b. PCAOB
c. COSO
d. FASB
Answer: C
12. Which of the following is not one of the subcomponents of the control environment?
a. Management's philosophy and operating style
b. Organizational structure
c. Adequate separation of duties
d. Commitment to competence
Answer: C

13. Without an effective ________, the other components of the COSO framework are unlikely to result in
effective internal control, regardless of their quality.
a. Risk assessment policy
b. Monitoring policy
c. Control environment
d. System of control activities
Answer: C

14. Preventive controls are passive techniques designed to reduce fraud.

True or False
Answer: True

15. Which of the following best describes the purpose of control activities?
a. The actions, policies and procedures that reflect the overall attitudes of management
b. The identification and analysis of risks relevant to the preparation of financial statements
c. The policies and procedures that help ensure that necessary actions are taken to address risks
to the achievement of the entity's objectives
d. Activities that deal with the ongoing assessment of the quality of internal control by
management
Answer: C