Hock Fraud Risk Awareness

Part 1 : 08/25/19 08:14:47
Question 1 - CIA 1193 I.49 - F. Fraud Risk Awareness
A significant employee fraud took place shortly after an internal auditing engagement. The internal auditor may not
have properly fulfilled the responsibility for the deterrence of fraud by failing to note and report that
A. Policies, practices, and procedures to monitor activities and safeguard assets were less extensive in low-risk
areas than in high-risk areas.
B. There were no written policies describing prohibited activities and the action required whenever violations are
discovered.
C. A system of control that depended upon separation of duties could be circumvented by collusion among three
employees.
D. Divisional employees had not been properly trained to distinguish between bona fide signatures and cleverly
forged ones on authorization forms.
Question 2 - CIA 598 1.31 - F. Fraud Risk Awareness
An audit of an international non-profit organization established to finance medical research revealed the following
amounts (in millions):
Current Year Past Year
Revenue $500 $425
Investments (average balances) $210 $185
Medical research grants made $418 $325
Investment income $16 $20
Administrative expense $10 $8
Before an audit report is issued, a front-page article appears in a newspaper alleging that the president has been
using the organization's funds for personal purposes. The auditor has enough information to confirm the allegations
made in the newspaper article. The auditor is contacted by a reporter for the newspaper to confirm the facts. Which
of the following would be the best response by the auditor?
A. Respond truthfully and fully since the auditor is able to confirm the facts concerning the president, not the
organization.
B. Respond that the investigation is not complete.
C. Provide information "off the record" so that the article does not state who gave the information.
D. Direct the inquiry to the audit committee or the board of directors.
When comparing perpetrators who have embezzled an organization's funds with perpetrators of financial statement
fraud (falsified financial statements), those who have falsified financial statements are less likely to
A. Be living beyond their obvious means of support.

B. Use organizational expectations as justification for the act.
C. Have experienced an autocratic management style.
D. Rationalize the fraudulent behavior.
Which of the following best describes an auditor’s responsibility after noting some indicators of fraud?
A. Consult with external legal counsel to determine the course of action to be taken, including the approval of the
proposed audit program to make sure it is acceptable on legal grounds.
B. Report the possibility of fraud to top management and ask them how they would like to proceed.
(c) HOCK international, page 1

Part 1 : 08/25/19 08:14:47
C. Expand activities to determine whether an investigation is warranted.

D. Report the matter to the audit committee and request funding for outside specialists to help investigate the
possible fraud.
Question 5 - CIA 593 II.48 - F. Fraud Risk Awareness
Bank management suspects that a bank loan officer frequently made loans to fictitious entities, disbursed loan
proceeds to personally established accounts, and then let the loans go into default. Some pertinent facts about the
loan officer include:
A high standard of living, explained as the result of sound investments and not taking vacations,
An expensive personal car obtained through business contacts,
Gasoline and repair bills submitted for a car assigned by the bank that are higher than the organization's
average (mileage logs were submitted on a quarterly basis), and
Marked annoyance with questions from internal auditors.
The extent of loans made to fictitious borrowers by the loan officer could best be determined by
A. Comparing current loan approval balances with those of prior years.

B. Reviewing a representative sample of loan files for properly completed documents, such as loan agreements,
credit approvals, and approval of secured collateral.
C. Reviewing a representative sample of the loan officer's transactions for compliance with bank policies and
procedures.
D. Requesting positive confirmations for all outstanding loans made by the loan officer.
An internal auditor is conducting interviews of three employees who had access to a valuable asset that has
disappeared. In conducting the interviews the internal auditor should
A. Respond to non-cooperation by threatening adverse consequences of such behavior.

B. Conduct the interviews in a group.
C. Allow a suspect to return to work after the interview so as not to arouse suspicions.
D. Not indicate that management will forgo prosecution if restitution is made.
An internal auditor suspects that a mailroom clerk is embezzling funds. In exercising due professional care, the
internal auditor should
A. Institute stricter controls over mailroom operations.

B. Reassign the clerk to another department
C. Inform the appropriate authorities in the organization.
D. Confront the clerk with his/her suspicions.
Even though the chief audit executive (CAE) referred a case of potential fraud to the security department, the
suspected perpetrator continued to defraud the organization until discovered by a line manager two years later.
What should the CAE have done?

Part 1 : 08/25/19 08:14:47
A. The CAE should have periodically checked the status of the case with the security department.
B. The CAE should have conducted a fraud investigation.
C. The CAE's actions were correct.
D. The CAE should have discharged the perpetrator.
Which of the following gives the internal auditor the authority to investigate fraud?
A. Management.
B. The Institute of Internal Auditors Code of Ethics.
C. The Standards.
D. Common law.
Internal auditors have a responsibility for helping to deter fraud. Which of the following best describes how this
responsibility is usually met?
A. By assisting in the design of control systems to prevent fraud.

B. By evaluating the adequacy and effectiveness of controls in light of the potential exposure or risk.
C. By coordinating with security personnel and law enforcement agencies in the investigation of possible frauds.
D. By testing for fraud in every engagement and following up as appropriate.
A chief audit executive (CAE) obtains factual documentation of unethical business dealings by the vice president in
charge of internal auditing. The CAE should
A. Schedule an engagement to review the involved business function.

B. Report the facts to the chief executive officer and the audit committee.
C. Conduct an investigation to determine the extent of the vice president's personal involvement in the unethical
conduct.
D. Confront the vice president with the information before proceeding.
During an engagement at a bank, the internal auditors discover that one loan officer had approved loans to a
number of related but separate organizations, in violation of regulatory policies. The loan officer indicated that it
was an oversight and it would not happen again. However, the internal auditors believe it may have been intentional
because the officer is related to one of the primary owners of the group that controls the related organizations. The
internal auditors should
A. Inform management of the conflict of interest and the violation of the regulatory requirements and suggest
further investigation.
B. Not report the violation if the loan officer agrees to take corrective action.
C. Report the violation to the regulatory agency because it constitutes a significant breakdown of the bank's
controls.
D. Expand the engagement procedures to determine if there may be fraudulent activity on the part of the loan
officer and communicate the observations to management when the follow-up investigation is complete.

Part 1 : 08/25/19 08:14:47
When conducting fraud investigations, internal auditors should
A. Perform its investigation independent of lawyers, security personnel, and specialists from outside the
organization who are involved in the investigation.
B. Assign personnel to the investigation in accordance with the engagement schedule established at the beginning
of the fiscal year.
C. Assess the probable level of, and the extent of complicity in, the fraud within the organization.
D. Clearly indicate the extent of the internal auditors' knowledge of the fraud when questioning suspects.
Internal auditing is responsible for assisting in the prevention of fraud by
A. Informing the appropriate authorities within the organization and recommending whatever investigation is
considered necessary in the circumstances when wrongdoing is suspected.
B. Examining and evaluating the adequacy and the effectiveness of control, commensurate with the extent of the
potential exposure or risk in the various segments of the organization's operations.
C. Determining whether operating standards are acceptable and are being met.
D. Establishing the organization's governance, operations, and information systems concerning compliance with
laws, regulations, and contracts.
Which of the following statements is (are) true regarding the deterrence of fraud?
I. The primary means of deterring fraud is through an effective control system initiated by senior management.
II. Internal auditors are responsible for assisting in the deterrence of fraud by examining and evaluating the
adequacy of the internal control system.
III. Internal auditors should determine whether communication channels provide management with adequate and
reliable information regarding the effectiveness of the control system and the occurrence of unusual transactions.
A. II only.
B. I, II, and III.
C. I and II only.
D. I only.
Which of the following policies is most likely to result in an environment conducive to the occurrence of fraud?
A. Unreasonable sales and production goals.

B. Budget preparation input by the employees who are responsible for meeting the budget.
C. The division's hiring process frequently results in the rejection of adequately trained applicants.
D. The application of some accounting controls on a sample basis.

Part 1 : 08/25/19 08:14:47
When an internal auditor identifies multiple factors that have been linked with possible fraudulent conditions, and
suspects that fraud has taken place, the auditor should
A. Immediately report to the board.

B. Extend tests to determine the extent of the fraud.
C. Notify the appropriate authorities within the organization and recommend an investigation.
D. Immediately report to senior management and the board.
A disgruntled former employee calls the chief audit executive (CAE) to report misappropriations of funds by the
supervisor of cash operations. Engagement tests subsequently verify the allegations. The CAE should proceed
with which of the following actions based upon the above information?
A. Inform the treasurer and chief financial officer of the suspected fraud.
B. Notify the bonding agency.
C. Notify local law enforcement authorities.
D. Confront the supervisor of cash operations with the allegations.
The internal audit activity (IAA) has concluded a fraud investigation that revealed a previously undiscovered
materially adverse impact on the financial position and results of operations for 2 years on which financial
statements have already been issued. The chief audit executive (CAE) should immediately inform
A. The external auditing firm responsible for the financial statements affected by the discovery.
B. Senior management and the board.
C. The internal accounting function ultimately responsible for making corrective journal entries.
D. The appropriate governmental or regulatory agency.
Prior to issuing a final communication on a fraud investigation, the internal auditor should submit a proposed draft
for review by the
A. Engagement client's management.

B. Board.
C. Organization's public relations department.
D. Organization's legal counsel.

Part 1 : 08/25/19 08:14:47

The most appropriate trend analysis to indicate this potential fraud is
A. Automobile operating expenses by loan officer.

B. Accumulation of unpaid vacation days.
C. Total monetary volume of loans by loan officer.
D. Loan default rates by loan officer.
Red flags are conditions that indicate a higher likelihood of fraud. Which of the following is not considered a red
flag?
A. An individual handling marketable securities is responsible for making the purchases, recording the purchases,
and reporting any discrepancies and gains/losses to senior management.
B. The assignment of responsibility and accountability in the accounts receivable department is not clear.
C. Management has delegated the authority to make purchases under a certain value to subordinates.
D. An individual has held the same cash-handling job for an extended period without any rotation of duties.
The chief audit executive (CAE) uncovers a significant fraudulent activity that appears to involve the executive vice
president to whom the CAE reports. Which of the following best describes how the CAE should proceed?
A. Report the facts to the chief executive officer and the audit committee.
B. Conduct an investigation to ascertain whether the executive vice president is involved in the fraudulent activity.
C. Notify regulatory authorities and police.
D. Interview the executive vice president to obtain essential evidence.
One factor that distinguishes fraud from other employee crimes is that fraud involves
A. Intentional deception.
B. Collusion with a party outside the organization.
C. Malicious motives.
D. Personal gain for the perpetrator.
If there is fraud in the marketing department, which of the following is beyond the scope of the internal auditor's
responsibility?
A. Including the wrongdoing in a report that will go to the audit committee.

B. Determining the effects of the wrongdoing.
C. Informing the wrongdoer of his or her legal rights.
D. Discussing the wrongdoing with an appropriate level of management.

Part 1 : 08/25/19 08:14:47
Revenue $500 $425
Which of the following possible frauds or misuses of organization assets should be considered the area of greatest
risk if controls are only marginal?
A. A senior manager using company travel and entertainment funds for activities that might be unauthorized.
B. Supplies purchased from fictitious vendors.
C. A payroll clerk adding fictitious employees.
D. Grants made to organizations that might be associated with the president or not for purposes dictated in the
organization's charter.
The legislative auditing bureau of a country is required to perform compliance auditing of companies that are
issued defense contracts on a cost-plus basis. Contracts are clearly written, defining acceptable costs, including
developmental research cost and appropriate overhead rates. During the past year, the government has engaged
in extensive outsourcing of its activities. The outsourcing included contracts to run cafeterias, provide janitorial
services, manage computer operations and systems development, and provide engineering of construction
projects. The contracts were modeled after those which had been used for years in the defense industry. The
legislative auditors are being called upon to expand their audit effort to include compliance audits of these contracts.
Upon initial investigation of these outsourced areas, the auditor found many areas in which the outsourced
management has apparently expanded its authority and responsibility. For example, the contractor that manages
computer operations has developed a highly sophisticated security program which may represent the most
advanced information security in the industry. The auditor reviews the contract and sees reference only to providing
appropriate levels of computing security. The auditor suspects that the governmental agency may be incurring
developmental costs that the outsourcer may use for competitive advantage in marketing services to other
organizations.
Assume the auditor investigates and finds that the company providing the computing services is clearly performing
research and development activities and charging the governmental entity for those activities because it is
experimenting with implementing the security techniques on the governmental entity. Which of the following
statements are correct?
I. Fraud must exhibit intentional deception.
II. Determining whether this is a violation of contract terms is a legal function, not an audit function.
III. It would be fraud only if the outsourcer had implemented similar security measures at other entities.
A. II only.
B. I and II only.
C. I, II, and III.
D. I only.

Part 1 : 08/25/19 08:14:47
Revenue $500 $425
An examination of grants awarded revealed a number of grants approved and documented by the president rather
than by the grant authorization committee as required by the organization’s charter. If the grant authorization
committee meets and retroactively approves the grants before the audit report is issued, the auditor should
A. Report the breakdown in control structure to the audit committee.

B. Include the grants in question in the audit report as a breakdown of the organization's controls. Detail the nature
of each grant and investigate further for fraud.
C. Discuss the matter with the chairperson of the grant authorization committee to determine the rationale for not
approving the grants earlier. If the grants are routine, then omit discussion in the audit report.
D. Not report the grants in question because they were approved before the issuance of the audit report.
Question 29 - CIA QZP2B.9 - F. Fraud Risk Awareness
Which of the following circumstances most likely heighten an auditor’s concern about the risk of material
misstatements due to fraud in an entity's financial statements?
A. Employees who handle cash receipts are not bonded.

B. Bank reconciliations usually include in-transit deposits.
C. The entity's industry is experiencing declining customer demand.
D. Equipment is often sold at a loss before being fully depreciated.
The internal auditors' responsibility for the prevention of fraud includes all of the following except
A. Evaluating the effectiveness of actions taken by management to deter fraud.

B. Ensuring that fraud will not occur.
C. Being aware of activities in which fraud is likely to occur.
D. Determining whether the organizational environment fosters control consciousness.
A fraud report is required
A. At the conclusion of the detection phase.

B. At the conclusion of both the detection and the investigation phases.
C. Neither at the conclusion of the detection phase nor at the conclusion of the investigation phase.
D. At the conclusion of the investigation phase.

Part 1 : 08/25/19 08:14:47
Internal auditors are responsible for reporting fraud to senior management and the board when
A. Irregular transactions have been identified and are under investigation.

B. The review of all suspected fraud-related transactions is complete.
C. Suspicious activities have been reported to the internal auditors.
D. The incidence of significant fraud has been established to a reasonable certainty.
During an engagement involving a purchasing department, an internal auditor discovered that many purchases
were made (at normal prices) from an office supplier whose owner was the brother of the director of purchasing.
Controls were in place to restrict such purchases and no fraud appears to have been committed. In this case, the
internal auditor should recommend
A. Establishment of a price policy (range) for all goods.

B. The inspection of all receipts by receiving inspectors.
C. The initiation of a conflict-of-interest policy.
D. The development of an approved-vendor file initiated by the buyer and approved by the director of purchasing.
To minimize the risk that agents in the purchasing department will use their positions for personal gain, the
organization should
A. Direct the purchasing department to maintain records on purchase prices paid, with review of such being
required each 6 months.
B. Request internal auditors to confirm selected purchases and accounts payable.
C. Rotate purchasing agent assignments periodically.
D. Specify that all items purchased must pass value-per-unit-of-cost reviews.
Which of the following statements correctly characterizes the "red flags" literature that has recently developed in
the auditing profession?
I. Red flags are items or actions that have been associated with fraudulent conduct.
II. The auditor should document all red flags that may have been noted on an audit engagement.
III. Many red flags are "subjective" in nature and might not come to the auditor's attention during the course of an
audit that is properly planned and conducted in accordance with the Standards.
A. I and II.
B. I and III.
C. II and III.
D. III only.

Part 1 : 08/25/19 08:14:47

The extent of loans made to fictitious borrowers by the loan officer is least likely to be discovered by
A. External audits of loan files.

B. Reconciliation of total loans outstanding to the general ledger balance.
C. Analysis of total dollar volume of loans by loan officer.
D. Analysis of the number of loans made by each loan officer.
Internal auditors must exercise due professional care if they are to meet their responsibilities for fraud detection.
Thus, the existence of certain conditions should raise "red flags" and arouse internal auditors' professional
skepticism concerning possible fraud. Which of the following is most likely to be considered an indication of
possible fraud?
A. Rapid expansion into new markets.

B. A taxing authority's audit of tax returns.
C. A new management team installed as the result of a takeover.
D. Rapid turnover of financial executives.
Internal auditors are more likely to detect fraud if they develop and strengthen their ability to
A. Develop internal controls to prevent the occurrence of fraud.

B. Document computerized operating system programs.
C. Recognize and question changes that occur in organizations.
D. Interrogate fraud perpetrators to discover why the fraud was committed.
In the course of their work, internal auditors must be alert for fraud and other forms of white-collar crime. The
important characteristic that distinguishes fraud from other varieties of white-collar crime is that
A. Fraud encompasses an array of irregularities and illegal acts that involve intentional deception.
B. White-collar crime is usually perpetrated for the benefit of an organization, whereas fraud benefits an individual.
C. White-collar crime is usually perpetrated by outsiders to the detriment of an organization, whereas fraud is
perpetrated by insiders to benefit the organization.
D. Unlike other white-collar crimes, fraud is always perpetrated against an outside party.
In an organization with a separate division that is primarily responsible for fraud deterrence, the internal audit
activity (IAA) is responsible for

Part 1 : 08/25/19 08:14:47
A. Controlling that division's fraud deterrence activities.

B. Planning that division's fraud deterrence activities.
C. Examining and evaluating the adequacy and effectiveness of that division's actions taken to deter fraud.
D. Establishing and maintaining that division's system of internal control.
Which of the following describes one of the responsibilities of the internal auditor for the deterrence of fraud in an
organization?
A. Prosecuting perpetrators of fraud.

B. Implementation of systems to discourage fraud.
C. Reporting suspected fraud to law enforcement personnel.
D. Evaluating the adequacy of controls to prevent fraud.
In this situation, typical indicators of the suspected fraud (red flags) include all of the following except
A. Not taking an annual vacation.

B. Becoming easily annoyed with auditor inquiries about questionable loans.
C. Submitting gasoline and repair bills that are higher than company average.
D. Explaining a high standard of living as the result of investments.
Which of the following is most likely to be considered an indication of possible fraud?
A. A government audit of the organization's tax returns.

B. Rapid turnover of the organization's financial executives.
C. Rapid expansion into new markets.
D. The replacement of the management team after a hostile takeover.
Which of the following wrongful acts committed by an employee constitutes fraud?
A. Harassment.
B. Assault.
C. Libel.

Part 1 : 08/25/19 08:14:47
D. Embezzlement.
An internal auditor has detected probable employee fraud and is preparing a preliminary report for management.
This report should include
A. A statement that an internal audit conducted with due professional care cannot provide absolute assurance that
irregularities have not occurred.
B. A list of proposed audit tests to help disclose the existence of similar frauds in the future.
C. The auditor's conclusion as to whether sufficient information exists to conduct an investigation.
D. The results of a polygraph test administered to the suspected perpetrator(s) of the fraud.
A preliminary report (oral or written) is issued following the detection phase of a fraud investigation. Such a report
should
A. Identify the perpetrators of the fraud

B. Never include the observations that serve as the basis for the internal auditor's conclusion.
C. Include the internal auditor's conclusion as to whether sufficient information exists to conduct an investigation.
D. Never be submitted to the board.
Internal auditors have been advised to consider red flags to determine whether management is involved in a fraud.
Which of the following does not represent a difficulty in using the red flags as fraud indicators?
A. Red flag information is not gathered as a normal part of an engagement.

B. Some red flags are difficult to quantify or to evaluate.
C. The red flags literature is not well enough established to have a positive impact on internal auditing.
D. Many common red flags are also associated with situations in which no fraud exists.
An internal auditor's responsibility for reporting fraud includes
A. Issuing a written report at the conclusion of the investigation and not sooner.
B. Providing a draft of the report only to senior management.
C. Notifying management if fraud has been established to a reasonable certainty.
D. Notifying management of fraud when the internal auditor has exhaustively reviewed all the data related to the
fraud.
A key feature that distinguishes fraud from other types of crime or impropriety is that fraud always involves the
A. False representation or concealment of a material fact.

Part 1 : 08/25/19 08:14:47
B. Deceitful wrongdoing of management-level personnel.

C. Unlawful conversion of property that is lawfully in the custody of the perpetrator
D. Violent or forceful taking of property.
An internal auditor who suspects fraud should
A. Recommend whatever investigation is considered necessary under the circumstances.

B. Interview those who have been involved in the control of assets.
C. Determine that a loss has been incurred.
D. Identify the employees who could be implicated in the case.
Which of the following is an indicator of increased risk of fraud? The treasurer
A. Takes all his/her vacations and has refused promotion to vice president of finance.
B. Takes no vacations and has refused promotion to vice president of finance.
C. Takes no vacations and has just accepted a promotion to vice president of finance.
D. Takes all his/her vacations and has just accepted a promotion to vice president of finance.
Question 52 - HOCK CIA P1C H9 - F. Fraud Risk Awareness
Which of the following would be considered part of the fraud area that the internal auditor needs to be alert to?
A. Duplication of payments.
B. Examine the approval process.
C. Regular independent checks.
D. Backup facilities.
A production manager for a moderate-sized manufacturer began ordering excessive raw materials and had them
delivered to a wholesaler he runs as a side business. He falsified receiving documents and approved the invoices
for payment. Which of the following engagement procedures most likely will detect this fraud?
A. Take a sample and confirm the amount purchased, purchase price, and date of shipment with the vendors.
B. Observe the receiving dock and count materials received; compare your counts to receiving reports completed
by receiving personnel.
C. Take a sample of cash disbursements; compare purchase orders, receiving reports, invoices, and check copies.
D. Prepare analytical tests comparing production, materials purchased, and raw materials inventory levels and
investigate differences.
An adequate system of internal controls is most likely to detect a fraud perpetrated by a

Part 1 : 08/25/19 08:14:47
A. Single manager.
B. Single employee.
C. Group of managers in collusion.
D. Group of employees in collusion.
An internal auditor’s field work uncovers a series of transactions that indicate a possible embezzlement. Which of
the following actions should the chief audit executive (CAE) take?
A. Confront the suspected embezzler to determine that the facts are correct.
B. Consult with security personnel.
C. Discuss the case with the board.
D. Review the finding with the suspect's fellow workers to see whether they can furnish additional evidence.

Part 1 : 08/25/19 08:14:47
A. Because of cost-benefit reasons, policies, practices, and procedures to monitor activities will be more extensive
in the high-risk areas.
B. Internal auditors must have sufficient knowledge to evaluate the risk of fraud and the manner in which it
is managed by the organization, but are not expected to have the expertise of a person whose primary
responsibility is detecting and investigating fraud (Standard 1210.A2). The internal auditor can assist in
the deterrence of fraud by examining and evaluating the adequacy and the effectiveness of the system of
internal control, commensurate with the extent of the potential exposure/risk in the various segments of
the organization's operations.
C. Even the best control systems can still be circumvented by collusion.
D. Even an effective control system can still be circumvented by forgery.
A. The board of directors and audit committee are responsible for the oversight function and are the appropriate
authorities to respond to press inquiries.
B. Even if the investigation was not complete, the auditor should direct the inquiry to the audit committee or the
board of directors.
C. The proper response should come from the oversight function in the organization.
D. The board of directors and audit committee are responsible for the oversight function and are the
appropriate authorities to respond to press inquiries.
A. Living beyond one's means is an example of where a person has embezzled organization's funds.
B. Using organizational expectations is a common motivation to distort financial statements.
C. Autocratic management style provides manager with a motive to distort financial statements.
D. Rationalization is common to all fraudulent behavior.
A.
The auditor should first expand work to determine the existence of fraud before reporting the matter to top
management. At this point, the auditor only has suspicions of fraud, given the red flags. More work should be
performed before consulting with management, external legal counsel, or the audit committee.
B.

Part 1 : 08/25/19 08:14:47
C.
In conducting audit assignments, the internal auditor should have sufficient knowledge of fraud to identify
red flags indicating fraud may have been committed. If fraud is indicated then the internal auditor should
expand activities to determine whether an investigation is warranted.
D.
A. Comparing current loan approval balances with those of prior years is an indication of lending activity, not an
indication of fraudulent activity.
B. Reviewing a sample of loan documents, such as loan agreements, credit approvals and approval of
secured collateral could determine the presence of fraudulent loans. For example, it is unlikely that a
fraudulent loan would have secured collateral.
C. Reviewing compliance with bank policies and procedures would not indicate that loans were made to fictitious
borrowers
D. The loan officer could easily make positive confirmations for the bogus loans.
A. Threats are not productive. An attitude of seeking the truth is appropriate.
B. People should be interviewed individually in order to obtain their independent statements.
C. An internal auditor should not allow a suspect to return to work, because doing so could give the suspect an
opportunity to destroy evidence. A suspect should be suspended pending further investigation.
D. An internal auditor should not indicate that management will forgo prosecution if restitution is made.
A. The internal auditor does not have the operating authority or responsibility to institute stricter controls over
mailroom operations.
B. The internal auditor does not have the operating authority or responsibility to reassign the clerk.
C. The responsibility of the internal auditor is to inform the appropriate authorities within the organization
of the wrongdoing. The internal auditor should also recommend any necessary investigation, and follow
up to make sure that the internal audit activity's responsibilities have been met.
D. The internal auditor should not confront the clerk until the proper authorities within the organization have been
informed.

Part 1 : 08/25/19 08:14:47
A. When an internal auditor suspects wrongdoing, the appropriate authorities within the organization
should be informed. The internal auditor may recommend whatever investigation is considered necessary
in the circumstances. Thereafter, the auditor should follow up to see that the internal auditing
department's responsibilities have been met.
B. A security department would generally have more expertise in the investigation of a fraud.
C. According to the Standards, the CAE should have ensured that the internal auditing department's responsibilities
were met.
D. The fraud was only suspected by the CAE. Immediate discharge would have violated the suspect's rights. In
addition, the CAE would not normally have the authority to discharge an employee in an audited area.
A. The internal auditor may recommend whatever investigation is considered necessary in the
circumstances. Thereafter, the auditor should follow up to see that the IAA's responsibilities have been
met. Generally, fraud specialist carries out fraud investigations. Management must authorize any internal
auditor involvement in an investigation.
B. The IIA Code of Ethics does not specifically mention fraud investigation.
C. Internal auditors only have the authority to recommend a fraud investigation.
D. Internal auditors only have the authority to recommend a fraud investigation.
A. Assisting in the design of control systems to prevent fraud would impair objectivity.
B. Internal auditors are responsible for assisting in the deterrence of fraud by examining and evaluating
the adequacy and the effectiveness of controls, commensurate with the extent of the potential
exposure/risk in the various segments of the organization's operations.
C. The investigation of fraud involves detection, not deterrence.
D. Testing for fraud is done only in cases that fraud is suspected. It is not done in every engagement.
A. The first obligation of the CAE is to notify the appropriate authorities within the organization, not to perform an
engagement to review the involved business function.
B. The first obligation of the CAE is to notify the appropriate authorities within the organization. Under
these circumstances, the CAE should report the facts to the CEO and the audit committee.
C. The CAE should first notify the appropriate authorities within the organization.
D. The CAE should not confront the vice president. Criminal investigations should be done by an external specialist.

Part 1 : 08/25/19 08:14:47
A. When an internal auditor suspects wrongdoing, the appropriate authorities within the organization
in the circumstances. Thereafter, the auditor should follow up to see that the internal auditing activity's
responsibilities have been met.
B. All significant findings should be reported.
C. Thee regulatory agency would be notified only after discussion with senior management.
D. All significant findings should be reported immediately to the appropriate authorities in the organization, i.e.,
senior management and the board.
A. It is important that all parties involved in a fraud investigation coordinate their efforts.
B. Fraud investigations are unexpected and therefore cannot be scheduled. When a fraud investigation is
necessary, the personnel assigned should be those most qualified to investigate the particular situation.
C. When conducting fraud investigations, internal auditors should assess the probable level of, and the
extent of complicity in, the fraud within the organization. It is important to know how many people may be
involved and who they are.
D. When interviewing someone who may be involved in fraud, an auditor should not reveal what he or she already
knows. One way of determining whether the interviewee is truthful and wants to cooperate is to ask questions to
which the auditor already knows the answer.
A. This has to do with detecting fraud, not preventing it.
B. The internal audit activity must evaluate the potential for the occurrence of fraud and how the
organization manages fraud risk (Standard 2120.A2). Internal auditors are responsible for assisting
companies prevent fraud by examining and evaluating the adequacy and effectiveness of their internal
controls’ system, commensurate with the extent of a potential exposure within the organization.
C. Determining whether operating standards are acceptable and are being met has to do with the accomplishment
of goals and objectives, not with preventing fraud.
D. Management is responsible for establishing the organization’s governance, operations, and information systems
concerning compliance with laws, regulations, and contracts.
A. Items I and III are also true. Management has a responsibility to establish and maintain an effective control
system. Internal auditors should determine whether communication channels provide management with adequate
and reliable information.
B. All items are true regarding the deterrence of fraud. Internal auditors are responsible for assisting in the
deterrence of fraud by examining and evaluating the adequacy and the effectiveness of the system of

Part 1 : 08/25/19 08:14:47
internal control, commensurate with the extent of the potential exposure/risk in the various segments of
the organization's operations.
C. Item III is also true. Internal auditors should determine whether communication channels provide management
with adequate and reliable information.
D. Items II and III are also true. Internal auditors are responsible to assist in the deterrence of fraud by evaluating
the adequacy of the internal control system, and they should determine whether communication channels provide
management with adequate and reliable information.
A. There's more of an incentive to falsify information, etc., if unreasonable sales and production goals are
set.
B. The person who is responsible of meeting the goals should prepare a budget.
C. The hiring process entails many factors, such as the person's experience, skills, education, etc. The rejection of
an adequately trained applicant does not by itself result in an environment conducive to the occurrence of fraud. All
adequately trained applicants are not likely to be hired.
D. Controls are established based on the cost-benefit concept. Thereby, some accounting controls may be applied
on a sample basis.
A. It would be too soon to report the suspected fraud to the board. This is done only when there is reasonable
certainty that significant fraud has occurred.
B. Extended tests are performed only when fraud has been determined to exist, not just suspected.
C. When an internal auditor suspects wrongdoing, the appropriate authorities within the organization
in the circumstances. Furthermore, only when the incidence of significant fraud has been established to a
reasonable certainty, senior management and the board should be notified immediately.
D. It would be too soon to report the suspected fraud to senior management and the board. This is done only when
there is reasonable certainty that significant fraud has occurred.
A. The CAE has the responsibility to report immediately any incident of significant fraud to senior
management and the board. Thus, the CAE should inform the treasurer and CFO of the suspected fraud.
B. The bonding agency would be notified only after discussion with management, and possibly legal counsel.
C. Local law enforcement authorities would be notified only after discussion with senior management.
D. Confronting the cash operation's supervisor could hinder the investigation and could possibly lead to slander
charges.

Part 1 : 08/25/19 08:14:47
A. It should be management communicating with the external auditors, not the CAE.
B. The CAE is responsible for reporting immediately any incident of significant fraud to senior
management and the board. However, before any fraud reporting is made, a sufficient investigation should
establish with reasonable certainty that a fraud occurred.
C. It should be management communicating with the accounting function, not the CAE.
D. It should be management communicating with the governmental or regulatory agencies, not the CAE.
A. Legal counsel should review the proposed final communication. Review by the engagement client's
management may not be appropriate.
B. The board should receive only the final communications, not the proposed draft.
C. Legal counsel should review the proposed final communication. Publicity of the fraud investigation may not be
appropriate.
D. The IAA must evaluate the potential the potential for the occurrence of fraud and how the organization
manages fraud risk (Standard 2120.A2). It is recommended that a draft of the proposed final
communications on fraud should be submitted to legal counsel for review. When the internal auditor
wants to invoke client privilege, consideration should be given to addressing the report to legal counsel.
A. Trend analysis may indicate higher than normal automobile operating expenses on the part of the loan officer,
but this is not an indication of potential fraud.
B. Trend analysis would not help detect vacation days not taken.
C. Total monetary volume of loans is not an indication of fraud.
D. A trend analysis could help detect an unexplained increase in loan default caused by bogus loans.
A. These functions need to be segregated. Not segregating these functions would be considered a red flag.
B. There needs to be clear and understandable lines of authority and responsibility.
C. Delegating authority to make purchases under a certain value is not considered a red flag.
D. An individual who has access to cash, and has had the job for an extended period without any job rotation is
considered to have a greater opportunity to commit a fraudulent activity.

Part 1 : 08/25/19 08:14:47
A. When an internal auditor suspects fraud, he or she should determine the possible effects and discuss
the matter with the appropriate level of management, who should then initiate an investigation.
B. When an internal auditor suspects fraud, he or she should determine the possible effects and discuss the matter
with the appropriate level of management, who should then initiate an investigation.
C. When an internal auditor suspects fraud, he or she should determine the possible effects and discuss the matter
D. When an internal auditor suspects fraud, he or she should determine the possible effects and discuss the matter
A. Fraud encompasses a range of irregularities and illegal acts characterized by intentional deception or
misrepresentation, which an individual knows to be false or does not believe to be true. Fraud is
perpetrated by a person knowing that it could result in some unauthorized benefit to him, or her, to the
organization, or to another person, and can be perpetrated by persons outside and inside the organization.
B. This is incorrect because an employee may act alone.
C. This is incorrect because fraud may be perpetrated for the organization’s benefit or for otherwise unselfish
reasons.
D. This is incorrect because fraud may be perpetrated for the organization’s benefit or for otherwise unselfish
reasons.
A. Including the wrongdoing in a report that will go to the audit committee is the responsibility of the internal auditor.
B. Determining the effects of the wrongdoing is the responsibility of the internal auditor.
C. The internal auditor does not have the responsibility or possess the proper authority to inform the
wrongdoer of his or her legal rights.
D. Discussing the wrongdoing with the appropriate level of management is the responsibility of the internal auditor.
A. This is an area that is often misused, but it does not have the dollar amounts associated with it that inappropriate
grants would have, since total administrative costs are only $10 million.
B. This is a possible risk area, but the dollar amounts involved would probably be moderate.
C. Total administrative costs are only $10 million in the current year so payroll fraud would not be the area of
greatest risk.
D. This would be the area of greatest risk because the dollars expended are very large and inadequate
controls could lead to grants used for fraudulent purposes.

Part 1 : 08/25/19 08:14:47
A. This statement is correct, but so is statement I.
B. Fraud encompasses a range of irregularities and illegal acts characterized by intentional deception or
misrepresentation, which an individual knows to be false or does not believe to be true. In this situation,
the use of an expert (in this case a lawyer) would be necessary to determine if the activity is in violation of
the contract. If it is not in violation, then it could not be considered an intentional deception.
C. An intentional deception would not require that the company had actually implemented the security techniques at
other companies.
D. This statement is correct, but so is statement II.
A. Auditors are required to report the results of their audit work. The results indicate a breakdown in an
important control procedure that should be brought to the attention of senior oversight officials.
B. There is a need to provide detail on the nature of each grant only if the auditor has reason to believe that fraud
may have been suspected. Also, the auditor should inform management if wrongdoing is suspected. Management
decides whether to pursue investigation.
C. The control breakdown should be reported. Even though the grants were approved retroactively, there was a
breakdown in the control procedures that should be brought to the attention of the audit committee.
D. The control breakdown should be reported.
Question 29 - CIA QZP2B.9 - F. Fraud Risk Awareness
A. Unbonded employees who are handling cash receipts is a potential control weakness, but is not an indication of
fraud.
B. Bank reconciliations usually do require reconciliating in-transit deposits.
C. There are certain risk factors that are related to the fraudulent misstatement of financial reports. These
risk factors include (1) incentives/pressures, (2) opportunities, and (3) attitudes/rationalization. The risks
factors in the incentives/pressures category concerns threats to financial stability or profitability by
economic, industry, or entity operating conditions, such as an industry that is experiencing declining
customer demand.
D. It is not unusual for equipment to be sold at a loss before being fully depreciated.
A. Internal auditors are responsible to evaluate the effectiveness of actions taken by management to deter fraud.
B. The internal auditor's responsibility is to assist in the deterrence of fraud by examining and evaluating
the adequacy and effectiveness of the system of internal control. However, internal auditors cannot ensure
that fraud will not occur.
C. Internal auditors must have sufficient knowledge to evaluate the risk of fraud and the manner in which it is
managed by the organization, but are not expected to have the expertise of a person whose primary responsibility

Part 1 : 08/25/19 08:14:47
is detecting and investigating fraud (Standard 1210.A2).
D. The internal auditor is responsible to evaluate the organization's control environment.
A. A fraud report is desirable, but not mandatory at the conclusion of the detection phase.
B. A fraud report is desirable, not mandatory at the conclusion of the detection phase.
C. A fraud report is required at the conclusion of the investigation phase.
D. A written report or other formal communication should be issued at the conclusion of the investigation
phase. It should include all observations, conclusions, recommendations, and corrective action taken.
A. Until the irregular transactions have been investigated further, it would not be appropriate to make a report to
management and the board.
B. Reporting to management and the board should occur when the incidence of significant fraud has been
established to a reasonable certainty.
C. Reporting of suspicious acts should alert an auditor to do some preliminary investigating. However, it would not
be appropriate to make a report to management and the board at that stage.
D. When an internal auditor suspects fraud, he or she should determine the possible effects and discuss
the matter with the appropriate level of management, who should then initiate an investigation. However,
the internal auditor should have solid reasons to suspect that fraud has taken place before reporting it to
senior management and the board.
A. The establishment of a price policy would not prevent a conflict-of-interest.
B. The inspection of all receipts by receiving inspectors is an appropriate receiving control, but it would not prevent
a conflict-of-interest.
C. The internal auditor should recommend the initiation of a conflict-of-interest policy. A

conflict-of-interest policy is a guideline that restricts business dealings with relatives unless fully
disclosed and approved by senior management.
D. The development of an approved-vendor file initiated by the buyer and approved by the director of purchasing
would not necessarily prevent a conflict-of-interest.
A. Reviewing records on purchase prices paid would not prevent purchasing agents from using their positions for
personal gain.
B. Requesting confirmation by auditors of selected purchases and accounts payable would not prevent purchasing

Part 1 : 08/25/19 08:14:47
agents from using their positions for personal gain.
C. Rotating purchasing agent assignments periodically will limit the risk of agents using their positions for
personal gain, because it will discourage long-term agent relationships with particular vendors.
D. Value-per-unit-of-cost reviews would not prevent purchasing agents from using their positions for personal gain.
A. The auditor should be alert to red flags and should investigate any situations which might include potential fraud.
But, the auditor is not required to document all personal red flags (e.g., excessive gambling debts or excessive
living style). The requirement to document these red flags is pertinent only when the auditor continues a fraud
investigation or when the item is pertinent to a particular audit finding.
B. Red flags are associated with fraudulent conduct. However, many red flags are personal in nature and
would not necessarily come to the attention of the auditor. These would include items such as excessive
living style of a manager or excessive gambling.
C. Item II is not required.
D. Item I is also a correct statement.
A. Performing an external audit of loan files could uncover fraud.
B. Reconciling the outstanding loans to the general ledger balance would not indicate fraudulent activity
since the fraudulent loans would be properly accounted for.
C. Analyzing the total dollar volume of loans made by the loan officer could suggest fraudulent activity if the amount
is excessive.
D. Analyzing the number of loans made by each loan officer could suggest fraudulent activity if the amount is
excessive.
A. Unusual expansion, not necessarily rapid expansion would be considered an indication of possible fraud.
B. The tax authorities may have randomly chosen the firm for an audit.
C. A new management team installed, as the result of a takeover is not something unusual, and would not be
considered an indication of fraud.
D. The rapid turnover of financial executives may be considered an indication of possible fraud. It may be
an indication of weak performance and ineffective internal controls.
A. Developing these internal controls prevent fraud, not detect it.

Part 1 : 08/25/19 08:14:47
B. Documenting computerized operating systems will do little to enhance the detection of fraud.
C. The responsibilities of internal auditors for detecting fraud including having sufficient knowledge of
fraud to be able to identify indicators that fraud may have been committed. Negative organizational
changes may be an indication of fraud. Thus, recognizing and questioning changes that occur in the
organization is critical for fraud detection.
D. Interrogating fraud perpetrators is done only after the detection
A. Fraud can encompass an array of irregularities and illegal acts characterized by intentional deception.
Persons outside as well as inside the organization can perpetrate fraud.
B. Fraud can be perpetrated for the benefit of the organization, or individual.
C. Fraud can be perpetrated for the benefit of or to the detriment of the organization and by persons outside as well
as inside the organization.
D. Fraud may be perpetrated from inside the company as well.
A. Management has a responsibility to control fraud deterrence activities, not the IAA
B. Management has a responsibility to plan fraud deterrence activities, not the IAA.
C. Internal auditors are responsible for assisting in the deterrence of fraud by examining and evaluating
the adequacy and the effectiveness of the system of internal control, commensurate with the extent of the
potential exposure/risk in the various segments of the organization's operations.
D. Management has a responsibility to establish and maintain an effective control system, not the IAA.
A. Prosecuting the perpetrators of fraud is management’s responsibility.
B. Implementing systems to discourage fraud is management’s responsibility.
C. Reporting suspected to external partiers is management’s responsibility.
D. The internal audit activity must evaluate the potential for the occurrence of fraud and how the
organization manages fraud risk (Standard 2120.A2). Internal auditors are responsible for assisting
companies prevent fraud by examining and evaluating the adequacy and the effectiveness of their
controls’ system, commensurate with the extent of the potential exposure with the organization.
A. Not taking an annual vacation is an indication that the loan officer fears that his or her wrongdoing will be
discovered in his or her absence.

Part 1 : 08/25/19 08:14:47
B. Becoming easily annoyed with the auditor's inquiries may indicate a guilty conscience.
C. Submitting gasoline and repair bills that are higher than company average is not an indication of
fraudulent loans. These are factors that are not entirely controllable by the loan officer. For example, if the
car is older it may require more maintenance repair, etc.
D. A high standard of living may indicate that the loan officer is living beyond his or her income level.
A. This is not unusual and, in and of itself, is not an indication of possible fraud.
B. This is considered a "red flag" that indicates possible fraud.
C. This is not unusual and, in and of itself, is not an indication of possible fraud.
D. This is not unusual and, in and of itself, is not an indication of possible fraud.
A. Harassment is when one person persistently annoys another.
B. Assault is a crime of violence against another person.
C. Libel is defamation published in a more permanent form, such as newspaper, film, letter, etc. Libel does not
constitute fraud.
D. Embezzlement is the intentional misappropriation of money or property and falsification of financial

records to cover up the act, thus making detection difficult.
A. A report containing language such as this would be a report reporting that no fraud has been detected.
B. A preliminary audit report detailing probable employee fraud would not contain a list of proposed audit tests to
help disclose the existence of similar frauds in the future.
C. In the event that an internal auditor detects probable employee fraud, the auditor's responsibility is to
immediately report the findings to management and to make a recommendation as to whether sufficient
information exists to conduct an investigation.
D. Results of a polygraph test would be part of the investigation. The investigation would follow the auditor's interim
report of findings, if in fact sufficient information exists to conduct an investigation.
A. At this stage of the investigation, it may be impossible to identify the perpetrators.
B. Observations should be included in order to serve as the basis for the internal auditor's conclusion.
C. A preliminary or final report may be desirable at the conclusion of the detection phase. The report

Part 1 : 08/25/19 08:14:47
should include the internal auditor’s conclusion as to whether sufficient information exists to conduct a
full investigation. It should also summarize observations and recommendations that serve as the basis for
such decision.
D. Management and the board should be notified immediately.
A. Red flags are subjective in nature, so it is quite possible that a red flag might not come to the auditor's attention
during the course of a properly planned and conducted audit.
B. Red flags are subjective thereby making some red flags quite difficult to quantify or to evaluate, i.e., the moral
attitude of management, etc.
C. There has been numerous research information published on the subject, so getting information is not
difficult.
D. Red flags are those items or actions that are associated with fraudulent behavior. But, red flags are quite
subjective, and as such, there may be situations in which no fraud exists, but the red flag is present.
A. Fraud reporting consists of the various oral or written, interim or final communications to senior management
and/or the board of directors regarding the status and results of fraud investigations.
B. A draft of the report should also be submitted to legal counsel for review.
C. The role of the internal auditor in fraud detection is to notify the appropriate authorities within the
organization if a determination is made that fraud has occurred to recommend an investigation.
D. The internal auditor should notify management if fraud has been established to reasonable certainty.
A. Fraud is something that is done intentionally. Fraud is committed when there is false representation or
concealment of a material fact.
B. Fraud can be conducted by any person within the organization.
C. Fraud also involves the misstatement arising from fraudulent financial reporting.
D. Fraud usually does not involve the violent or forceful taking of property.
A. When an internal auditor suspects fraud, it is recommended that he or she should determine the
possible effects and discuss the matter with the appropriate level of management, who should then initiate
an investigation.
B. When an internal auditor suspects fraud, it is recommended that he or she should determine the possible effects

Part 1 : 08/25/19 08:14:47
and discuss the matter with the appropriate level of management, who should then initiate an investigation.
C. When an internal auditor suspects fraud, it is recommended that he or she should determine the possible
effects and discuss the matter with the appropriate level of management, who should then initiate an investigation.
D. When an internal auditor suspects fraud, it is recommended that he or she should determine the possible
effects and discuss the matter with the appropriate level of management, who should then initiate an investigation.
A. Taking vacations and refusing a promotion would not be considered unusual behavior.
B. According to Sawyer's Internal Auditing, one of the 20 danger signs of embezzlement is an employee
who refuses to take vacations and shuns promotions for fear of detection.
C. Not taking a vacation, and accepting a promotion would not be considered unusual behavior.
D. Taking vacations and accepting a promotion would not be considered unusual behavior.
Question 52 - HOCK CIA P1C H9 - F. Fraud Risk Awareness
A. Duplication of payments is an area of fraud that the internal auditor should be alert to.
B. This would not be considered part of the fraud area that the internal auditor would need to be considered with.
C. This would not be considered part of the fraud area that the internal auditor would need to be considered with.
D. A backup facility is part of the data information security system, not connected with the area of fraud.
A. Matching transactions with the vendor would not be useful, since transaction should match.
B. Observing the receiving dock would not be useful since the reports would appear to be normal.
C. Since documents were falsified all supporting documentation to make payment would match.
D. By conducting an analytical test comparing production, materials purchased, and raw materials
inventory levels the internal auditor would be able to show that there was unexplained increase in material
usage.
A. Managers have the authority to override controls, and so the chances of a fraud being detected are less if it is
perpetrated by a single manager than if perpetrated by a single employee.
B. An adequate system of internal controls is most likely to detect a fraud perpetrated by a single
employee. Because of segregation of duties, one employee acting alone may not have the ability to
commit a fraud; or if one employee were to commit a fraud, the chances would be greater that other
employees would detect it.

Part 1 : 08/25/19 08:14:47
C. Managers have the authority to override controls, and so the chances of a fraud being detected are less if it is
perpetrated by a group of managers than if perpetrated by a single employee.
D. A group of employees acting in collusion is more likely to be able to commit a fraud than a single employee
would be.
A. The internal auditor should avoid confronting the suspected embezzler. Employees have certain rights that
should not be infringed upon. Improper infringement could lead to the suspect filing a lawsuit against the
organization.
B. When there is sufficient evidence that fraud has occurred, the internal auditor should notify the
appropriate authorities within the organization, e.g., security, to recommend an investigation.
C. Senior management and the board should be notified immediately when incidents of fraud have been
established to a reasonable certainty.
D. The internal auditor should not review the finding with the suspect’s fellow workers since they may be involved in
the embezzlement.

Hock Fraud Risk Awareness

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Hock Fraud Risk Awareness

Uploaded by

Copyright:

Available Formats

Part 1 : 08/25/19 08:14:47

Question 1 - CIA 1193 I.49 - F. Fraud Risk Awareness

Question 2 - CIA 598 1.31 - F. Fraud Risk Awareness

Question 3 - CIA 594 I.12 - F. Fraud Risk Awareness

A. Be living beyond their obvious means of support.

Question 4 - CIA 598 1.9 - F. Fraud Risk Awareness

(c) HOCK international, page 1

C. Expand activities to determine whether an investigation is warranted.

Question 5 - CIA 593 II.48 - F. Fraud Risk Awareness

A. Comparing current loan approval balances with those of prior years.

Question 6 - CIA 594 II.50 - F. Fraud Risk Awareness

A. Respond to non-cooperation by threatening adverse consequences of such behavior.

Question 7 - CIA 1189 I.46 - F. Fraud Risk Awareness

A. Institute stricter controls over mailroom operations.

Question 8 - CIA 598 2.23 - F. Fraud Risk Awareness

(c) HOCK international, page 2

Question 9 - CIA 1184 I.17 - F. Fraud Risk Awareness

Question 10 - CIA 593 I.47 - F. Fraud Risk Awareness

A. By assisting in the design of control systems to prevent fraud.

Question 11 - CIA 588 I.47 - F. Fraud Risk Awareness

A. Schedule an engagement to review the involved business function.

Question 12 - CIA 597 1.69 - F. Fraud Risk Awareness

(c) HOCK international, page 3

Question 13 - CIA 590 I.50 - F. Fraud Risk Awareness

When conducting fraud investigations, internal auditors should

Question 14 - CIA 590 II.46 - F. Fraud Risk Awareness

Internal auditing is responsible for assisting in the prevention of fraud by

Question 15 - CIA 597 1.57 - F. Fraud Risk Awareness

Question 16 - CIA 593 II.45 - F. Fraud Risk Awareness

A. Unreasonable sales and production goals.

(c) HOCK international, page 4

Question 17 - CIA 594 I.14 - F. Fraud Risk Awareness

A. Immediately report to the board.

Question 18 - CIA 590 II.42 - F. Fraud Risk Awareness

Question 19 - CIA 1193 II.47 - F. Fraud Risk Awareness

Question 20 - CIA 1188 I.50 - F. Fraud Risk Awareness

A. Engagement client's management.

Question 21 - CIA 593 II.47 - F. Fraud Risk Awareness

(c) HOCK international, page 5

average (mileage logs were submitted on a quarterly basis), and

The most appropriate trend analysis to indicate this potential fraud is

A. Automobile operating expenses by loan officer.

Question 22 - CIA 597 1.53 - F. Fraud Risk Awareness

Question 23 - CIA 586 II.8 - F. Fraud Risk Awareness

Question 24 - CIA 589 I.46 - F. Fraud Risk Awareness

Question 25 - CIA 1194 I.4 - F. Fraud Risk Awareness

A. Including the wrongdoing in a report that will go to the audit committee.

(c) HOCK international, page 6

Question 26 - CIA 598 1.30 - F. Fraud Risk Awareness

Question 27 - CIA 596 1.38 - F. Fraud Risk Awareness

I. Fraud must exhibit intentional deception.

Question 28 - CIA 598 1.32 - F. Fraud Risk Awareness

(c) HOCK international, page 7

A. Report the breakdown in control structure to the audit committee.

Question 29 - CIA QZP2B.9 - F. Fraud Risk Awareness

A. Employees who handle cash receipts are not bonded.

Question 30 - CIA 1192 I.50 - F. Fraud Risk Awareness

A. Evaluating the effectiveness of actions taken by management to deter fraud.

Question 31 - CIA 591 I.50 - F. Fraud Risk Awareness

A fraud report is required

A. At the conclusion of the detection phase.

Question 32 - CIA 1192 II.49 - F. Fraud Risk Awareness

(c) HOCK international, page 8