27 risk assessment controls and risk management

Question 1 - CPA 1183 L-45 - Risk Assessment, Controls and Risk Management

Which of the following corporations are subject to the accounting requirements of the Foreign Corrupt Practices Act (FCPA)?

A. All corporations that have made a public offering under the Securities Act of 1933.B. All corporations whose securities are registered pursuant to the Securities Exchange Act of 1934.C. All corporations engaged in interstate commerce.D. All domestic corporations engaged in international trade.

A. The accounting and record-keeping provisions of the act apply to companies regulated by the Securities Exchange Act of 1934. An initial public offering under the Securities Act of 1933 is not included. However, after a company makes a public offering, it does become subject to registration under the Securities Exchange Act of 1934, which makes it subject to the FCPA. The FCPA is actually an amendment to the Securities Exchange Act of 1934.

B. The accounting and record-keeping provisions of the act apply to companies regulated by the Securities Exchange Act of 1934.

C. The accounting and record-keeping provisions of the act apply only to companies regulated by the Securities Exchange Act of 1934.

D. The accounting and record-keeping provisions of the act apply only to companies regulated by the Securities Exchange Act of 1934.

Question 2 - CIA 1194 I-45 - Risk Assessment, Controls and Risk Management

A retailer of high-priced durable goods operates a catalog-ordering division that accepts customer orders by telephone. The retailer runs frequent price promotions. During these times, the telephone operators enter the promotional prices. The risk of this practice is that

A. Customers could systematically be charged lower prices.B. Operators could give competitors notice of the promotional prices.C. Frequent price changes could overload the order entry system.D. Operators could collude with outsiders for unauthorized prices.

A. There is nothing in this arrangement that would cause systematic undercharges. If the operators failed to enter a promotional price or failed to change the promotional price back to the regular price, a systematic overcharge or undercharge could occur. However, that would not be unique to the practice of using operators to change prices, as it could occur regardless of who was responsible for the job.

B. Having operators enter price changes into the system would not give operators any advantage if they wanted to give competitors notice of the promotional prices.

C. When orders are entered into a system, the price charged is whatever price is in effect at that time. Frequent price changes will not overload the order entry system.

D. If an operator who makes sales has the authority to also change prices in the system, that operator could temporarily change a price without authorization and then make a prearranged sale of the item to a friend. This would be of concern with any inventory item, but it is even more of a concern when the product being sold is a high-priced consumer item. This is an example of the importance of segregation of duties.

Question 3 - CMA 690 5-8 - Risk Assessment, Controls and Risk Management

Organizational independence in the processing of payroll is achieved by functional separations that are built into the system. Which one of the following functional separations is not required for internal control purposes?

Part 1 : 07/28/10 08:58:14

(c) HOCK international, page 1

A. Separation of personnel function from payroll preparation.B. Separation of timekeeping from payroll preparation.C. Separation of payroll preparation and maintenance of year-to-date records.D. Separation of payroll preparation and paycheck distribution.

A. The personnel function is an authorization function, whereas payroll preparation is a recordkeeping function. These two functions are incompatible and should be separated.

B.

Separation of timekeeping from payroll preparation is required for internal control purposes because a person doing both jobs could enter fraudulent hours for an employee and then also do the input and prepare the paycheck to pay that employee for the fraudulent hours. The rule in segregation of duties is that one person should not be in a position to commit fraud and also to cover it up, which can happen if there is no second person involved in the process, looking at the timekeeping data.

C.

The rule in segregation of duties is that one person should not be in a position to commit fraud and also to cover it up. It would be appropriate for the peerson who prepares the payroll to also maintain year-to-date records. There is nothing in these two duties that would give one person doing both of them an opportunity to commit fraud and also to cover it up.

Furthermore, payroll preparation and maintenance of year-to-date records are both recordkeeping functions and for that reason, they are not incompatible. It is acceptable for both functions to be performed by the same person.

D.

The rule in segregation of duties is that one person should not be in a position to commit fraud and also to cover it up. If one person were to prepare the payroll and also distribute the paychecks, no second person would have a chance to see them before they were distributed. The opportunity would exist to commit fraud without anyone noticing.

Question 4 - IMA 08-P1-105 - Risk Assessment, Controls and Risk Management

Which one of the following methods for the distribution of employees' paychecks would provide the best internal control for the organization?

A. Distribution of paychecks directly to each employee by a representative of the Human Resource department.B. Delivery of the paychecks to each department supervisor, who in turn would distribute paychecks directly to the employees in his/her department.C. Direct deposit in each employee's personal bank account.D. Distribution of paychecks directly to each employee by the payroll manager.

A. Representatives of the Human Resources department authorize transactions that add employees to the payroll, change pay and effect other key transactions. Therefore, human resource employees must not have access to paycheck distribution, nor to timekeeping or payroll functions. The Human Resource department must be organizationally separate from the payroll office and payroll functions. So having a representative of Human Resources distribute paychecks would be a violation of the principal of segregation of duties.

B. This would be an acceptable method of distributing paychecks, as long as controls are in place to minimize the potential for theft or fraudulent distribution of paychecks, such as payments made to fictitiouis or terminated employees. The person who distributes the checks should not also have authority to authorize payroll checks. However, this is not the method from among those given that provides for the best internal control for the organization.

C. Direct deposit to each employee's personal bank account provides the best internal control over distribution of paychecks. It lessens the risk of damaged, lost or stolen payroll checks because no checks

Part 1 : 07/28/10 08:58:14


are distributed. The only thing distributed is a statement of earnings. If earnings are deposited electronically into employees' accounts, it is important that deposit records be reconciled to a list of active employees at every pay date so that persons whose employment has been terminated do not continue receiving payroll deposits. Cancellation of direct deposit processing should be part of employment termination procedures, and a terminated employee should receive his or her final paycheck in the form of a physical check instead of a direct deposit, as evidence of the direct deposit cancellation.

D. The payroll manager has oversight over the processing and production of the payroll. The function of payroll processing must be segregated from the function of paycheck distribution. Therefore, having the payroll manager distribute paychecks would be a violation of the principle of segregation of duties.


ABC is a major retailer with over 52 department stores. The marketing department is responsible forConducting marketing surveys.Recommending locations for new store openings.Ordering products and determining retail prices for the products.Developing promotion and advertising for each line of products.Determining the pricing of special sale items.

The marketing department has separate product managers for each product line. Each product manager is given a purchasing budget by the marketing manager. Product managers are not rotated among product lines because of the need to acquire product knowledge and to build relationships with vendors. A subsection of the department does marketing surveys.

In addition to ordering and pricing, the product managers also determine the timing and method of product delivery. Products are delivered to a central distribution center where goods are received, retail prices are marked on the product, and the goods are segregated for distribution to stores.

Receiving documents are created by scanning in receipts; the number of items scanned in are reconciled with the price tags generated and attached to products. The average product spends between 12 and 72 hours in the distribution center before being loaded on trucks for delivery to each store. Receipts are recorded at the distribution center, thus the company has not found the need to maintain a receiving function at each store.

A control deficiency associated with the given scenario is

A. Evaluating product managers by total gross profit generated by product line will lead to dysfunctional behavior.B. The product manager negotiates the purchase price and sets the selling price.C. There is no receiving function located at individual stores.D. The store manager can require items to be closed out, thus affecting the potential performance evaluation of individual product managers.

A. Since product managers are responsible for negotiating purchase prices and setting selling prices, it is appropriate that they be evaluated according to gross profit generated by their product lines. This establishes accountability.

B. Since product managers are evaluated on gross profit generated by the product(s) they manage, it is appropriate that the product managers negotiate the purchase prices and set the selling prices.

C. There should be a receiving function at each individual store to make sure that products shipped to the stores are received. Items could get lost in transit or deliberately diverted by an employee with knowledge that there was no check on the receipt of items. The receiving reports from the individual stores should be compared with shipping reports of items shipped to the stores to detect any discrepancy.

D. Since many products are seasonal, it is appropriate that the seasonal products be cleared out in a timely manner to make space for the next season's products. For the company as a whole, this practice will maximize profits.

Part 1 : 07/28/10 08:58:14



Marport Company is a manufacturing company that uses forms and documents in its accounting information systems for record keeping and internal control.

The departments in Marport's organization structure and their primary responsibilities are:

Accounts Payable -- authorize payments and prepare vouchers.Accounts Receivable -- maintain customer accounts.Billing -- prepare invoices to customers for goods sold.Cashier -- maintain a record of cash receipts and disbursements.Credit Department -- verify the credit rating of customers.Cost Accounting -- accumulate manufacturing costs for all goods produced.Finished Goods Storeroom -- maintain the physical inventory and related stock records of finished goods.General Accounting -- maintain all records for the company's general ledger.Internal Audit -- appraise and monitor internal controls, as well as conduct operational and management audits.Inventory Control -- maintain perpetual inventory records for all manufacturing materials and supplies.Mailroom -- process incoming, outgoing, and interdepartmental mail.Payroll -- compute and prepare the company payroll.Personnel -- hire employees, as well as maintain records on job positions and employees.Purchasing -- place orders for materials and supplies.Production -- manufacture finished goods.Production Planning -- decide the types and quantities of products to be produced.Receiving -- receive all materials and supplies.Sales -- accept orders from customers.Shipping -- ship goods to customers.Stores Control -- safeguard all materials and supplies until needed for production.Timekeeping -- prepare and control time worked by hourly employees.

The document that is the authorization to initiate the manufacture of goods is referred to as a

A. Bill of materials.B. Raw materials requisition.C. Daily production schedule.D. Production order.

A. A bill of materials is the list of component parts that go into the manufacture of each item of finished goods. It is not an authorization to initiate manufacturing.

B. The Production Department would request raw materials by means of a raw materials requisition, but the raw materials requisition would not authorize the initiation of manufacturing.

C. The daily production schedule is used for production planning. It is not an authorization to initiate manufacturing.

D. The Production Planning Department would use a Production Order to authorize the Production Department to manufacture certain items.

Question 7 - CIA 1185 II-20 - Risk Assessment, Controls and Risk Management

Your objective is to determine that nonrecurring purchases, initiated by various user organizations, have been properly authorized. If all purchases are made through the purchasing department, to which of the following documents would you vouch purchases?

A. Receiving reports.B. Purchase orders.C. Purchase requisitions.D. Invoices.

Part 1 : 07/28/10 08:58:14


A. A receiving report would not contain the user department's authorization for a purchase.

B. A purchase order would not contain the user department's authorization for a purchase.

C. The purchase requisition, properly approved, contains the user department's authorization for a purchase.

D. An invoice would not contain the user department's authorization for a purchase.


An audit of the payroll function revealed several instances in which a payroll clerk had added fictitious employees to the payroll and deposited the checks in accounts of close relatives. What control should have prevented such actions?

A. Allowing changes to the payroll to be authorized only by the personnel department.B. Establishing a policy to deal with close relatives working in the same department.C. Having the treasurer's office sign payroll checks.D. Using time cards and attendance records in the computation of employee gross earnings.

A. Only the personnel department should be authorized to make changes to the payroll, while only the payroll department should process payroll checks. Furthermore, to prevent an unauthorized person from adding a name of a fictitious employee to the payroll, payroll records should be reconciled with the active employee list from the personnel department each payday.

B. Establishing a policy for the hiring of close relatives would not prevent a payroll clerk from adding fictitious employees to the payroll and keeping and depositing their paychecks.

C. Having the treasurer's office sign payroll checks would not prevent a payroll clerk from adding fictitious employees to the payroll and keeping and depositing their paychecks.

D. Using time cards and attendance records would not prevent a payroll clerk from adding fictitious employees to the payroll and keeping and depositing their paychecks.


In an audit of a purchasing department, which of the following ordinarily would be considered a risk factor?

A. There is a failure to rotate purchases among suppliers included on an approved vendor list.B. Purchase specifications are developed by the department requesting the material.C. Purchases are made from parties related to buyers or other company officials.D. Purchases are made against blanket or open purchase orders for certain types of items.

A. Rotating purchases among approved suppliers is not a usual control procedure, and therefore failure to rotate suppliers is not a control risk. However, the use of an approved list of vendors is appropriate because it helps to ensure quality of materials and reliability of supplies.

B. The department requesting the material would be expected to develop the purchase specifications, and thus this does not represent a control risk.

C. Making purchases from related parties is a control risk because the purchasing agent may have a conflict of interest.

D. When appropriate to do so, making purchases against blanket or open purchase orders is not a control risk.

Part 1 : 07/28/10 08:58:14



Which of the following activities represents both an appropriate personnel department function and a deterrent to payroll fraud?

A. Distribution of paychecks.B. Authorization of overtime.C. Authorization of additions and deletions from the payroll.D. Collection and retention of unclaimed paychecks.

A. The personnel department performs the authorization function. Therefore, it should not also perform the custodial function of distributing paychecks.

B. Overtime should be authorized by an employee's supervisor, since he/she is in a position to know whether the employee actually worked the overtime.

C. Authorization of additions to and deletions from the payroll should come from the personnel department.

D. Collection and retention of unclaimed paychecks is a custodial function, and it should not be performed by the personnel department, which performs the authorization function.


One control objective of the financing/treasury cycle is the proper authorization of company transactions dealing with debt and equity instruments. Which of the following controls would best meet this objective?

A. Use of an underwriter in all cases of new issue of debt or equity instruments.B. The company serves as its own registrar and transfer agent.C. Written company policies requiring review of major funding/repayment proposals by the board of directors.D. Separation of responsibility for custody of funds from recording of the transaction.

A. Use of an underwriter for issuance of debt or equity instruments is not a control that would meet the objective of proper authorization of debt and equity transactions.

B. The company serving as its own registrar and transfer agent is not a control that would meet the objective of proper authorization of debt and equity transactions.

C. Proper authorization of company transactions relating to debt and equity instruments would be met by a requirement that major funding and repayment proposals be reviewed by the board of directors. A policy of requiring this review is the first step, although the policy also needs to be carried out.

D. Custody of funds relates to safeguarding of assets, not to proper authorization of debt or equity transactions.


To minimize the risk that agents in the purchasing department will use their positions for personal gain, the organization should

A. Direct the purchasing department to maintain records on purchase prices paid, with review of such being required each 6 months.B. Request internal auditors to confirm selected purchases and accounts payable.C. Specify that all items purchased must pass value-per-unit-of-cost reviews.D. Rotate purchasing agent assignments periodically.

Part 1 : 07/28/10 08:58:14


A. Reviewing records on purchase prices paid would not prevent purchasing agents from using their positions for personal gain.

B. Requesting confirmation by auditors of selected purchases and accounts payable would not prevent purchasing agents from using their positions for personal gain.

C. Value-per-unit-of-cost reviews would not prevent purchasing agents from using their positions for personal gain.

D. Rotating purchasing agent assignments periodically will limit the risk of agents using their positions for personal gain, because it will discourage long-term agent relationships with particular vendors.


Absent a specific provision in its articles of incorporation, a corporation's board of directors has the power to do all of the following, except

A. Declare dividends.B. Merge the corporation with another entity.C. Repeal the bylaws.D. Fix compensation of directors.

A. The board does have the power to declare dividends.

B. The power to merge the corporation with another entity belongs to the shareholders.

C. The board does have the power to repeal the bylaws.

D. The board does have the power to fix compensation of directors.


An internal auditor found that employee time cards in one department are not properly approved by the supervisor. Which of the following could result?

A. The wrong hourly rate could be used to calculate gross pay.B. Payroll checks might not be distributed to the appropriate payees.C. Duplicate paychecks might be issued.D. Employees might be paid for hours they did not work.

A. The wrong hourly rate would not be used to calculate gross pay as a result of the supervisor failing to approve employee time cards.

B. Payroll checks would not be distributed to the wrong employees as a result of the supervisor failing to approve employee time cards.

C. Duplicate paychecks would not be issued as a result of the supervisor failing to approve employee time cards.

D. The approval of the supervisor on time cards of employees supervised should prevent employees being paid for hours they did not work.


Corporate directors, management, external auditors, and internal auditors all play important roles in creating a

Part 1 : 07/28/10 08:58:14


proper control environment. Top management is primarily responsible for

A. Implementing and monitoring controls designed by the board of directors.B. Ensuring that external and internal auditors adequately monitor the control environment.C. Establishing a proper environment and specifying an overall internal control structure.D. Reviewing the reliability and integrity of financial information and the means used to collect and report such information.

A. Although the board of directors has oversight responsibility, it is not the responsibility of the board of directors to design the controls.

B. It is not the responsibility of external and internal auditors to monitor the control environment. This is the responsibility of management.

C. It is management's responsibility to establish the proper control environment and to design an overall internal control structure.

D. Whereas management is responsible for establishing the proper control environment and designing an overall internal control structure, it is the responsibility of internal auditing to review the reliability and integrity of financial information and the means used to collect and report such information.


One of the financial statement auditor's major concerns is to ascertain whether internal control is designed to provide reasonable assurance that

A. Profit margins are maximized, and operational efficiency is optimized.B. The chief accounting officer reviews all accounting transactions.C. Corporate morale problems are addressed immediately and effectively.D. Financial reporting is reliable.

A. While it is important to maximize profits and optimize operational efficiency, this is not one of a financial statement auditor's major concerns.

B. It is not necessary that the chief accounting officer review all accounting transactions. Therefore, this is not one of a financial statement auditor's major concerns.

C. Corporate morale problems are not relevant to a financial statement audit.

D. Internal control is a method, or process, that is carried out by an entity's board of directors, management, and other personnel, and designed to provide reasonable assurance that objectives in the following four categories will be achieved: (1) effectiveness and efficiency of operations; (2) reliability of financial reporting; (3) compliance with applicable laws and regulations; and (4) safeguarding of assets. The concerns of the financial statement auditor will relate to no. 2, reliability of financial reporting.

Question 17 - IMA 08-P1-106 - Risk Assessment, Controls and Risk Management

A firm is constructing a risk analysis to quantify the exposure of its data center to various types of threats. Which one of the following situations would represent the highest annual loss exposure after adjustment for insurance proceeds?

Frequency ofOccurrence (years) Loss

Amount Insurance

(% coverage)

I. 1 $ 15,000 85 II. 8 75,000 80

Part 1 : 07/28/10 08:58:14


III. 20 200,000 80 IV. 100 400,000 50

A. IV.B. III.C. I.D. II.

A. The question asks for the highest annual loss exposure after adjustment for insurance proceeds. The way to calculate that is to (1) calculate the loss after insurance reimbursement for each situation by multiplying the loss amount by (1 - insurance coverage rate), and (2) divide each loss after reimbursement by the frequency of occurrence in years to calculate the annual loss amount for each.

B. The question asks for the highest annual loss exposure after adjustment for insurance proceeds. The way to calculate that is to (1) calculate the loss after insurance reimbursement for each situation by multiplying the loss amount by (1 - insurance coverage rate), and (2) divide each loss after reimbursement by the frequency of occurrence in years to calculate the annual loss amount for each.

C.

The question asks for the highest annual loss exposure after adjustment for insurance proceeds. The way to calculate that is to (1) calculate the loss after insurance reimbursement for each situation by multiplying the loss amount by (1 - insurance coverage rate), and (2) divide each loss after reimbursement by the frequency of occurrence in years to calculate the annual loss amount for each, as follows:

Frequency ofOccurrence (years) Loss

Amount Insurance

(% coverage) Loss AfterIns. Reimb.

AnnualLoss

I. 1 $ 15,000 85 $ 2,250 $2,250 II. 8 75,000 80 15,000 1,875 III. 20 200,000 80 40,000 2,000 IV. 100 400,000 50 200,000 2,000

The highest annual loss is I., with an annual loss of $2,250.

D. The question asks for the highest annual loss exposure after adjustment for insurance proceeds. The way to calculate that is to (1) calculate the loss after insurance reimbursement for each situation by multiplying the loss amount by (1 - insurance coverage rate), and (2) divide each loss after reimbursement by the frequency of occurrence in years to calculate the annual loss amount for each.


Which of the following features of a large manufacturer's organizational structure is a control weakness?

A. The information systems department is headed by a vice president who reports directly to the president.B. The controller and treasurer report to the chief financial officer.C. The chief financial officer is a vice president who reports to the chief executive officer.D. The audit committee of the board consists of the chief executive officer, the chief financial officer, and a major shareholder.

A. It is appropriate for the vice president in charge of information systems to report directly to the president.

B. It is appropriate for the controller and the treasurer to report to the chief financial officer.

C. It is appropriate for the chief financial officer to report to the chief executive officer.

Part 1 : 07/28/10 08:58:14


D. According to Sarbanes-Oxley, the audit committee must consist of directors who are independent of management. Thus, the chief executive officer and the chief financial officer may not be included.


A restaurant food chain has over 680 restaurants. All food orders for each restaurant are required to be input into an electronic device which records all food orders by food servers and transmits the order to the kitchen for preparation. All food servers are responsible for collecting cash for all their orders and must turn in cash at the end of their shift equal to the sales value of food ordered for their I.D. number. The manager then reconciles the cash received for the day with the computerized record of food orders generated. All differences are investigated immediately by the restaurant. Corporate headquarters has established monitoring controls to determine when an individual restaurant might not be recording all its revenue and transmitting the applicable cash to the corporate headquarters. Which one of the following would be the best example of a monitoring control?

A. Cash is transmitted to corporate headquarters on a daily basis.B. The restaurant manager reconciles the cash received with the food orders recorded on the computer.C. All food orders must be entered on the computer, and segregation of duties is maintained between the food servers and the cooks.D. Management prepares a detailed analysis of gross margin per store and investigates any store that shows a significantly lower gross margin.

A. There are five interrelated components that comprise internal control. They are: (1) control environment, (2) risk assessment, (3) control activities, (4) information and communication, and (5) monitoring. Monitoring is an activity of management. Monitoring assesses the quality of the internal control system's performance over time. Monitoring can be done in two ways: (1) through ongoing monitoring during normal operations, and (2) separate evaluations by management with the assistance of the internal audit function. If monitoring is done regularly during normal operations, it lessens the need for separate evaluations. Daily transmission of cash to corporate headquarters is a control activity which serves as an operational control.

B. There are five interrelated components that comprise internal control. They are: (1) control environment, (2) risk assessment, (3) control activities, (4) information and communication, and (5) monitoring. Monitoring is an activity of management. Monitoring assesses the quality of the internal control system's performance over time. Monitoring can be done in two ways: (1) through ongoing monitoring during normal operations, and (2) separate evaluations by management with the assistance of the internal audit function. If monitoring is done regularly during normal operations, it lessens the need for separate evaluations. The manager's reconciliation of cash received with food orders entered is a control activity. A reconciliation is a detective control activity, because it is intended to detect the occurrence of an unwanted event. However, it does not represent a monitoring activity of management.

C. There are five interrelated components that comprise internal control. They are: (1) control environment, (2) risk assessment, (3) control activities, (4) information and communication, and (5) monitoring. Monitoring is an activity of management. Monitoring assesses the quality of the internal control system's performance over time. Monitoring can be done in two ways: (1) through ongoing monitoring during normal operations, and (2) separate evaluations by management with the assistance of the internal audit function. If monitoring is done regularly during normal operations, it lessens the need for separate evaluations. Segregation of duties is a control activity which serves as a preventive control, because it is intended to prevent the occurrence of an unwanted event. Therefore, it does not represent a monitoring activity of management.

D. There are five interrelated components that comprise internal control. They are: (1) control environment, (2) risk assessment, (3) control activities, (4) information and communication, and (5) monitoring. Monitoring is an activity of management. Monitoring assesses the quality of the internal control system's performance over time. Monitoring can be done in two ways: (1) through ongoing monitoring during normal operations, and (2) separate evaluations by management with the assistance of the internal audit function. If monitoring is done regularly during normal operations, it lessens the need for separate evaluations. When management prepares a detailed analysis of gross margin per store and investigates any store that shows a significantly lower gross margin, it is performing a monitoring activity.

Part 1 : 07/28/10 08:58:14


Question 20 - CPA 1194 A-26 - Risk Assessment, Controls and Risk Management

Proper segregation of duties reduces the opportunities for persons to be in positions to both

A. Journalize entries and prepare financial statements.B. Record cash receipts and cash disbursements.C. Establish internal control and authorize transactions.D. Perpetrate and conceal errors or fraud.

A. It is appropriate for an accountant to prepare both journal entries and financial statements.

B. The recordkeeping function includes recording both cash receipts and cash disbursements. As long as the same person does not perform both recordkeeping and authorization, custody, or reconciliation responsibilities, segregation of duties is maintained.

C. Management's responsibility is to establish internal control policies and procedures. In addition, management has the authority to authorize transactions. As long as the same person does not perform both authorization of transactions and recordkeeping, custody, or reconciliation responsibilities, segregation of duties is maintained.

D. The purpose of segregation of duties is to prevent one person from being able to both perpetrate and conceal a fraud or even an error.


Which of the following credit approval procedures would be the basis for developing a deficiency finding for a wholesaler?

A. An authorized signature from the credit department, denoting approval of the customer's credit, is to appear on all credit-sales orders.B. Trade-credit standards are reviewed and approved by the finance committee of the board of directors.C. Salespeople are responsible for evaluating and monitoring the financial condition of prospective and continuing customers.D. Customers not meeting trade-credit standards are shipped merchandise on a cash-on-delivery (C.O.D.) basis only.

A. Requiring an authorized signature from the credit department denoting approval of the customer's credit is a control strength, not the basis for a deficiency finding.

B. Having the finance committee of the board of directors review and approve trade-credit standards is a control strength and would not lead to a deficiency finding.

C. Salespeople should not be responsible for monitoring customers' financial condition. Salespeople make contact with customers and potential customers, make sales and provide customer service where appropriate. If salespeople are responsible for credit approval, their conflict of interest (desire to make the sale) could lead to inappropriate approvals. There should be a separate credit approval function.

D. Requiring customers who do not meet trade-credit standards to purchase on a C.O.D. basis is a common procedure, not a basis for developing a deficiency finding.


The internal auditor recognizes that certain limitations are inherent in any internal control system. Which one of the following scenarios is the result of an inherent limitation of internal control?

A. An employee, who is unable to read, is assigned custody of the firm's computer tape library and run manuals that are used during the third shift.

Part 1 : 07/28/10 08:58:14


B. The comptroller both makes and records cash deposits.C. The firm sells to customers on account, without credit approval.D. A security guard allows one of the warehouse employees to remove company assets from the premises without authorization.

A. Assignment of an employee who is unable to read to a job requiring reading is avoidable through adequate testing of potential employees. Therefore, it is not an inherent limitation of internal control.

B. This is not an inherent limitation of internal control, because it could and should be avoided through adequate segregation of duties.

C. This is not an inherent limitation of internal control, because it could and should be avoided through adequate credit approval of sales.

D. If two employees (the security guard and the warehouse employee) collude to defraud their employer, a control based on segregation of functions can be rendered ineffective. This is an inherent limitation of internal control.


The most critical aspect of separation of duties within information systems (IS) is between

A. Programmers and computer operators.B. Management and users.C. Programmers and systems analysts.D. Project leaders and programmers.

A. Programmers are the individuals who write, test and document the systems. Computer operators perform the actual operation of the computers for processing the data. Computer operators should not have programming functions and should not be able to program. Programmers should not have access to the computers and programs that are in actual use for processing. The most critical separation of duties is between programmers and computer operators.

B. This is not the most critical aspect of separation of duties with information systems.

C. This is not the most critical aspect of separation of duties with information systems.

D. This is not the most critical aspect of separation of duties with information systems.


Internal control should follow certain basic principles to achieve its objectives. One of these principles is the segregation of functions. Which one of the following examples does not violate the principle of segregation of functions?

A. The warehouse clerk, who has the custodial responsibility over inventory in the warehouse, may authorize disposal of damaged goods.B. The sales manager has the responsibility to approve credit and the authority to write off accounts.C. The treasurer has the authority to sign checks but gives the signature block to the assistant treasurer to run the check-signing machine.D. The department time clerk is given the undistributed payroll checks to mail to absent employees.

A. The warehouse clerk, who has custodial responsibility over inventory in the warehouse, should not also have authority to authorize disposal of damaged goods. If the warehouse clerk did have this authority, he/she could steal goods and cover it up by authorizing disposal of the goods as damaged goods.

Part 1 : 07/28/10 08:58:14


B. The sales manager should not have authority to approve credit or write off accounts. The sales manager could be tempted to approve credit to a less-than-creditworthy customer in order to be able to book more sales. And if a sales manager had authority to approve credit and write off accounts, he/she could approve credit to a phantom corporation, "sell" inventory to that corporation, and then write off the debt as uncollectible. The sales manager has access to inventory and thus performs a custodial function; so the sales manager should not have authorization or recordkeeping duties as well.

C. Check signing is a custodial function. By giving the signature block to the assistant treasurer, the treasurer is delegating the check-signing function. As long as neither the treasurer nor the assistant treasurer performs the authorization, recordkeeping, or reconciliation functions as well, there is no violation of the principle of segregation of functions.

D. The department time clerk performs a recordkeeping function whereas the mailing of checks to absent employees is a custodial function. The two should not be performed by the same person.


Accounting controls are concerned with the safeguarding of assets and the reliability of financial records. Consequently, these controls are designed to provide reasonable assurance that all of the following take place except

A. Compliance with methods and procedures ensuring operational efficiency and adherence to managerial policies.B. Permitting access to assets in accordance with management's authorization.C. Executing transactions in accordance with management's general or specific authorization.D. Comparing recorded assets with existing assets at periodic intervals and taking appropriate action with respect to differences.

A. Compliance with methods and procedures ensuring operational efficiency and adherence to managerial policies is an objective of operational control, not accounting control.

B. The safeguarding of assets and reliability of financial records requires that management control who can have access to the assets to be safeguarded.

C. The safeguarding of assets and reliability of financial records requires that transactions be executed in accordance with management's general or specific authorization.

D. The safeguarding of assets and reliability of financial records requires that physical assets be compared with recorded assets at periodic intervals, and that action be taken to resolve any differences.


Which of the following observations, made during the preliminary survey of a local department store's disbursement cycle, reflects a control strength?

A. Individual department managers are responsible for the movement of merchandise from the receiving dock to storage or sales areas as appropriate.B. Individual department managers use prenumbered forms to order merchandise from vendors.C. The treasurer's office prepares checks for suppliers based on vouchers prepared by the accounts payable department.D. The receiving department is given a copy of the purchase order complete with a description of goods, quantity ordered, and extended price for all merchandise ordered.

A. Individual managers should not be responsible for the movement of merchandise because the receiving department should move the merchandise to a storage area.

B. Purchasing should not be done by individual department managers. The individual department managers should

Part 1 : 07/28/10 08:58:14


instead prepare purchase requisitions and send them to the purchasing department, which should be responsible for issuing a purchase order.

C. The treasurer's office should prepare vendor checks (the custody function), while accounting for payables is a recording function.

D. The copy of the purchase order that the receiving department has should not include the quantity ordered or the unit or extended prices. This enhances the probability that the receiving department will submit the correct count.


In a well-designed internal control structure where the cashier receives remittances from the mail room, the cashier should not

A. Deposit remittances daily at a local bank.B. Prepare the bank deposit slip.C. Post the receipts to the accounts receivable subsidiary ledger cards.D. Endorse the checks.

A. The cashier keeps physical custody of the assets received, and depositing remittances daily at a local bank is part of the custody function.

B.

The cashier keeps physical custody of the assets received, and preparing the bank deposit slip is part of the custody function.

However, this would be true only for checks received, not for cash. Remittances received from the mailroom should be only checks, because cash would not be received through the mail. It would be acceptable for the person receiving checks to immediately endorse them with a restrictive endorsement and then to prepare the bank deposit slip. It would not be appropriate for a person receiving cash to also prepare the deposit slip, however, because it would be very easy for that person to pocket some of the cash. There is much more potential for fraud with cash than there is with checks.

C. The cashier keeps physical custody of the assets received, and posting the receipts to the accounts receivable ledger cards is a recordkeeping function, not a custody function. The person performing the custody function should have no access to the customer records. If that person did have access to customer records, that person could perform a fraudulent activity called "lapping." In lapping, an employee receives a cash payment on a customer's account. Instead of applying the cash payment to that customer's account, though, the employee pockets the cash. The employee wuld then apply the next check that comes in on another customer's account to the first customer's account instead of to the correct customer's account; and apply a third customer's payment to the second customer's account, and so forth. The customers would see the amount they paid credited on their accounts, but it would not be their payment that was being credited to them. The employee could continue pocketing cash receipts like that for some time.

D. It is appropriate for the person who receives checks as remittances by mail to endorse the checks with a restrictive endorsement. This should be done as soon as the checks are received, to prevent them being negotiated by an unauthorized party if they are stolen. A restrictive endorsement is an endorsement stamp that says "For Deposit Only" and gives the name of the account to which the check must be deposited.


One characteristic of an effective internal control structure is the proper segregation of duties. The combination of responsibilities that would not be considered a violation of segregation of functional responsibilities is

Part 1 : 07/28/10 08:58:14


A. Timekeeping and preparation of payroll journal entries.B. Approval of time cards and preparation of paychecks.C. Preparation of paychecks and check distribution.D. Signing of paychecks and custody of blank payroll checks.

A.

The rule in segregation of duties is that one person should not be in a position to commit fraud and also to cover it up.

Timekeeping and preparation of payroll journal entries are two duties that can be done by the same person. Preparation of payroll journal entries is creating the entries to the accounting system that are used to record the payroll. It does not involve writing the payroll checks. So a person who records time for others can also create the entries to record the payroll in the accounting system, because there is nothing in those two duties that would give that person any additional opportunity to commit fraud and also cover it up.

B.

The rule in segregation of duties is that one person should not be in a position to commit fraud and also to cover it up.

A person who approves time cards and also prepares the paychecks could approve hours that an employee had not worked and then pay that employee. No one else would be looking at the paychecks or the backup to the paychecks. Therefore, the opportunity to commit fraud would exist.

Furthermore, the following four functions must always be done by different people: (1) Authorizing a transaction; (2) Recording the transaction, preparing source documents, maintaining journals; (3) Keeping physical custody of the related asset - for instance, receiving checks in the mail; and (4) The periodic reconciliation of the physical assets to the recorded amounts for those assets.

In the example of the combination of approval of time cards and preparation of paychecks, approval of time cards comes under the classification of authorizing a transaction, whereas preparation of paychecks is classified as recordkeeping. Thus, these two jobs should be performed by different people.

C.

The rule in segregation of duties is that one person should not be in a position to commit fraud and also to cover it up. If one person were to prepare the paychecks and also distribute them, no second person would have a chance to see them before they were distributed. The opportunity would exist to commit fraud without anyone noticing.

Furthermore, the following four functions must always be done by different people: (1) Authorizing a transaction; (2) Recording the transaction, preparing source documents, maintaining journals; (3) Keeping physical custody of the related asset - for instance, receiving checks in the mail; and (4) The periodic reconciliation of the physical assets to the recorded amounts for those assets. In the example of the combination of preparation of paychecks and check distribution, payroll preparation is a recordkeeping function, whereas the distribution of payroll checks is a custody function. Thus, these two jobs should be performed by different people.

D.

The rule in segregation of duties is that one person should not be in a position to commit fraud and also to cover it up. If the person who has custody of blank payroll checks has the authority to sign paychecks, that person could write a check to anyone at all and sign it, and no one else would see it.

Furthermore, the following four functions must always be done by different people: (1) Authorizing a transaction; (2) Recording the transaction, preparing source documents, maintaining journals; (3) Keeping physical custody of the related asset - for instance, receiving checks in the mail; and (4) The periodic reconciliation of the physical assets to the recorded amounts for those assets. In the example of the combination of signing paychecks and custody of blank payroll checks, the custody of the payroll checks (which by themselves are not assets) is a recordkeeping function, whereas the signing of the payroll checks is a custodianship function. Thus, these two jobs should be performed by different people.

Part 1 : 07/28/10 08:58:14



A company has computerized sales and cash receipts journals. The computer programs for these journals have been properly debugged. The auditor discovered that the total of the accounts receivable subsidiary accounts differs materially from the accounts receivable control account. This could indicate

A. Statements being intercepted prior to mailing.B. Receivables not being properly aged.C. Credit memoranda being improperly recorded.D. Lapping of receivables.

A. Interception of customer statements might be a sign that fraud is taking place, but it would not cause the subsidiary accounts to not reconcile with the control account.

B. If receivables are being aged improperly, this would not affect customer balances or the general ledger control account balance.

C. If subsidiary accounts are being credited for returns but the general ledger account is not being credited, this would cause material differences between the total of the accounts receivable subsidiary accounts and the accounts receivable control account. This can occur easily if an incorrect procedure is being used to record returns. The auditor should query the people who process the credits to customers' accounts to find out what procedure is being used and should investigate what accounting entries result from that procedure.

D. Lapping of receivable would not result in a difference between the subsidiary accounts and the general ledger control account. Lapping of receivables occurs when an employee pockets a payment received on one customer's account and then applies a payment made by another customer to the first customer's account, and on and on. If that is occurring, the total of the subsidiary accounts will reconcile with the general ledger control account, but they will both be incorrect because of the theft.


A bill of lading is a document that

A. Is used to transfer responsibility for goods between the seller of goods and a common carrier.B. Reduces a customer's account for goods returned to the seller.C. Is sent with the goods giving a listing of the quantities of items included in the shipment.D. Summarizes data relating to a disbursement and represents final authorization for payment.

A. A bill of lading is a document that transfers possession of goods from the seller to a common carrier.

B. The description is given is that of a credit memo, not a bill of lading.

C. The description given is that of a packing slip, not a bill of lading.

D. The description given is related to a payment order, not a bill of lading.


A major impact of the Foreign Corrupt Practices Act of 1977 is that registrants subject to the Securities Exchange Act of 1934 are now required to

A. Prepare financial statements in accord with international accounting standards.B. Provide access to records by authorized agencies of the federal government.C. Produce full, fair, and accurate periodic reports on foreign commerce and/or foreign political party affiliations.

Part 1 : 07/28/10 08:58:14


D. Keep records that reflect the transactions and dispositions of assets and to maintain a system of internal accounting controls.

A. The Foreign Corrupt Practices Act contains no such provision.

B. The Foreign Corrupt Practices Act contains no such provision.

C. The Foreign Corrupt Practices Act contains no such provision.

D. The Foreign Corrupt Practices Act of 1977 (substantially revised in 1988) was enacted in response to disclosures of questionable payments that had been made by large companies. The payments were either illegal political contributions or payments to foreign officials that bordered on bribery. The FCPA makes it illegal to offer or authorize corrupt political payments (bribes) to any foreign official, foreign party chief or official or a candidate for political office in a foreign country, or to make corrupt payments through an intermediary while knowing that all or part of the payment will go to a foreign official. The company must ensure that all transactions are in accordance with management's general, or specific, authorization and are recorded properly. Corporate management is required to maintain books, records and accounts that accurately and fairly reflect transactions and to develop and maintain a system of internal accounting control. The internal control requirements were included in the Act because of the fundamental premise that effective internal control should provide a deterrent to illegal payments.


Which one of the following would be considered an accounting control rather than an administrative control?

A. Marketing analysis of sales generated by advertising projects.B. Maintenance of statistical production analyses.C. Maintenance of control over unused checks.D. Timely reporting and review of quality control results.

A. Although the marketing analysis of sales generated by advertising projects is a control objective, it is not an accounting control.

B. Although maintenance of statistical production analyses is a control objective, it is not an accounting control.

C. Policies and procedures for maintenance of control over unused checks are accounting controls because they relate to the control objective of safeguarding cash.

D. Although quality control results and their timely reporting and review are a control objective, they are not accounting control.


Which of the following is not an appropriate member of an audit committee?

A. The organization's vice president of operations.B. An academic specializing in business administration.C. A retired executive of a firm that had been associated with the organization.D. The vice president of the local bank used by the organization.

A. The organization's vice president of operations is a member of management and thus would not be independent.

B. An academic specializing in business administration would be an independent director and would be an appropriate member of the audit committee.

Part 1 : 07/28/10 08:58:14


C. A retired executive of a firm that had been associated with the organization would be an independent director and would be an appropriate member of the audit committee.

D. The vice president of the local bank would be an independent director and would be an appropriate member of the audit committee.


The treasurer makes disbursements by check and reconciles the monthly bank statements to accounting records. Which of the following best describes the control impact of this arrangement?

A. Internal control will be enhanced because these are duties that the treasurer should perform.B. The treasurer will be in a position to make and conceal unauthorized payments.C. The treasurer will be able to make unauthorized adjustments to the cash account.D. Controls will be enhanced because the treasurer will have two opportunities to discover inappropriate disbursements.

A. The following four functions must always be done by different people: (1) Authorizing a transaction; (2) Recording the transaction, preparing source documents, maintaining journals; (3) Keeping physical custody of the related asset - for instance, receiving checks in the mail; and (4) The periodic reconciliation of the physical assets to the recorded amounts for those assets. In the example of the combination of making disbursements by check (a custody function) and reconciling the checking account (a reconciliation function), we have the treasurer performing two duties that are not compatible.

B. The following four functions must always be done by different people: (1) Authorizing a transaction; (2) Recording the transaction, preparing source documents, maintaining journals; (3) Keeping physical custody of the related asset - for instance, receiving checks in the mail; and (4) The periodic reconciliation of the physical assets to the recorded amounts for those assets. Because the treasurer is performing two duties that are not compatible, making disbursements by check (a custody function) and reconciling the checking account (a reconciliation function), the treasurer is in a position to make and conceal unauthorized payments.

C. The question does not state that the treasurer has access to the accounting records. Thus there is no basis for saying that the treasurer would be able to make unauthorized adjustments to the cash account.

D. The following four functions must always be done by different people: (1) Authorizing a transaction; (2) Recording the transaction, preparing source documents, maintaining journals; (3) Keeping physical custody of the related asset - for instance, receiving checks in the mail; and (4) The periodic reconciliation of the physical assets to the recorded amounts for those assets. Having the treasurer both make disbursements and reconcile the checking account is a control weakness, not a control enhancement, because the treasurer is in a position to both make and conceal unauthorized payments.


At their annual meeting, shareholders of the Bones Corp. approved several proposals made by the board of directors. Among them was the ratification of the salaries of the executives of the corporation. In this connection, which of the following is correct?

A. The action by the shareholders serves the purpose of confirming the board's action.B. Such ratification by the shareholders is required as a matter of law.C. The shareholders cannot legally ratify the compensation paid to director-officers.D. The salaries ratified are automatically valid for federal income tax purposes.

A. The board of directors has the power to set executive salaries, and shareholder ratification is not required. Shareholder ratification is equivalent to the shareholders having merely confirmed the board's action.

Part 1 : 07/28/10 08:58:14


B. Usually shareholder ratification of executive salaries is not required, unless the corporation's articles of incorporation or bylaws require it.

C. If the corporation's articles of incorporation or bylaws require ratification by shareholders of executive compensation, then it is not only legal but required to obtain it.

D. If the IRS decides that executive salaries are excessive, the company may not be able to deduct the excessive compensation for federal income tax purposes. Ratification by the shareholders does not change that.


Marport Company is a manufacturing company that uses forms and documents in its accounting information systems for record keeping and internal control.

The departments in Marport's organization structure and their primary responsibilities are:

Accounts Payable -- authorize payments and prepare vouchers.Accounts Receivable -- maintain customer accounts.Billing -- prepare invoices to customers for goods sold.Cashier -- maintain a record of cash receipts and disbursements.Credit Department -- verify the credit rating of customers.Cost Accounting -- accumulate manufacturing costs for all goods produced.Finished Goods Storeroom -- maintain the physical inventory and related stock records of finished goods.General Accounting -- maintain all records for the company's general ledger.Internal Audit -- appraise and monitor internal controls, as well as conduct operational and management audits.Inventory Control -- maintain perpetual inventory records for all manufacturing materials and supplies.Mailroom -- process incoming, outgoing, and interdepartmental mail.Payroll -- compute and prepare the company payroll.Personnel -- hire employees, as well as maintain records on job positions and employees.Purchasing -- place orders for materials and supplies.Production -- manufacture finished goods.Production Planning -- decide the types and quantities of products to be produced.Receiving -- receive all materials and supplies.Sales -- accept orders from customers.Shipping -- ship goods to customers.Stores Control -- safeguard all materials and supplies until needed for production.Timekeeping -- prepare and control time worked by hourly employees.

The initiation of the purchase of materials and supplies would be the responsibility of the

A. Inventory Control Department.B. Production Department.C. Stores Control Department.D. Purchasing Department.

A. The Inventory Control Department maintains perpetual inventory records for all manufacturing materials and supplies. Therefore, it would be in a position to know when supplies are getting low and would be responsible for initiating a purchase requisition.

B. The Production Department manufactures the goods, obtaining its materials from the Stores Control Department. It does not initiate requests for purchases.

C. Stores Control safeguards the materials and supplies until they are needed for production. They do not maintain inventory records or initiate purchase requisitions.

D. The Purchasing Department places orders, but they do not initiate them. Orders are initiated and authorized by others.

Part 1 : 07/28/10 08:58:14



Which of the following controls would be the most appropriate means to ensure that terminated employees had been removed from the payroll?

A. Establishing direct-deposit procedures with employees' banks.B. Mailing checks to employees' residences.C. Establishing computerized limit checks on payroll rates.D. Reconciling payroll and time-keeping records.

A. Establishing direct-deposit procedures with employees' banks does nothing to verify whether all the paychecks are valid. Using this procedure, terminated employees who had not been removed from the payroll would continue to receive paychecks.

B. Mailing checks to employees' homes does nothing to verify whether all the paychecks are valid. Using this procedure, terminated employees who had not been removed from the payroll would continue to receive paychecks.

C. This procedure would detect excessive pay to current employees but not inappropriate pay to terminated employees.

D. If an employee has been terminated but the employee has not been removed from the payroll, a reconciliation of payroll records with time-keeping records should detect it.


Which one of the following situations represents an internal control weakness in accounts receivable?

A. Internal auditors confirm customer accounts periodically.B. Delinquent accounts are reviewed only by the sales manager.C. Customers' statements are mailed monthly by the accounts receivable department.D. The cashier is denied access to customers' records and monthly statements.

A. Confirming customer account balances periodically is an important internal control procedure.

B. If delinquent accounts are reviewed only by the sales manager, this is an internal control weakness. The sales manager may have a conflict of interest, not wanting to report an account as delinquent if it means additional sales cannot be made to that customer. Delinquent accounts should be reviewed regularly by the credit manager and the accounts receivable manager.

C. This is not an internal control weakness. Customer statements should be mailed monthly by the accounts receivable department.

D. This is not an internal control weakness but is an important segregation of duties.


Which one of the following situations represents a strength of internal control for purchasing and accounts payable?

A. Prenumbered receiving reports are issued randomly.B. Invoices are approved for payment by the purchasing department.C. Vendors' invoices are matched against purchase orders and receiving reports before a liability is recorded.D. Unmatched receiving reports are reviewed on an annual basis.

A. Receiving reports should be prenumbered and should be issued sequentially, not randomly, so that a missing

Part 1 : 07/28/10 08:58:14


report or a report out of sequence can be investigated.

B. The purchasing department should not approve invoices for payment. The accounts payable department should approve invoices for payment, based on a review of all the supporting documentation which includes the purchase requisition, the purchase order, and the receiving report/packing slip.

C. Vendor's invoices should be matched against purchase requisitions, purchase orders, and receiving reports before any liability is recorded. When the payment has been approved, the accounts payable department should prepare a voucher, which is an internal document that is the authorization for payment.

D. Unmatched receiving reports should be reviewed more frequently than annually.


In a well designed internal control system, two tasks that should be performed by different persons are

A. Recording of cash receipts and preparation of bank reconciliations.B. Distribution of payroll checks and approval of sales returns for credit.C. Approval of bad debt write-offs, and reconciliation of the accounts payable subsidiary ledger and controlling account.D. Posting of amounts from both the cash receipts journal and cash payments journal to the general ledger.

A. Recording of cash receipts is a recordkeeping function and preparation of bank reconciliations is a reconciliation function. If the same person were to perform both functions, that person could misappropriate cash payments and conceal the misappropriation by falsifying the reconciliation.

B. Even though distribution of payroll checks is a custodial function and approval of sales returns is an authorization function, since the two functions are unrelated, there is no incompatibility between them.

C. Since approval of bad debt write-offs is an accounts receivable authorization function and reconciliation of accounts payable is an accounts payable reconciliation function, there is no incompatibility between the two functions.

D. Posting to the general ledger is a recordkeeping function, and the fact that posting is done for both cash receipts and cash payments does not create an incompatibility, since they are different functions.


Which of the following controls would most likely minimize defects in finished goods because of poor quality raw materials?

A. Proper handling of work-in-process inventory to prevent damage.B. Timely follow-up on unfavorable usage variances.C. Implementation of specifications for purchases.D. Determination of spoilage at the end of the manufacturing process.

A. While proper handling of work-in-process inventory is important, this will not ensure that raw materials are not of poor quality, and it will not minimize defects caused by poor quality raw materials.

B. Timely follow-up on unfavorable usage variances is at best a detective control, which may identify poor quality materials that may be causing unfavorable usage variances. It will not minimize defects caused by the poor quality raw materials.

C. Developing and implementing specifications for purchases of raw materials is a preventive control, as it should limit the purchase of defective raw materials.

D. Determination of spoilage after production is complete will not minimize defects caused by poor quality raw

Part 1 : 07/28/10 08:58:14


materials. It is at best a detective control.


The reporting of accounting information plays a central role in the regulation of business operations. The importance of sound internal control practices is underscored by the Foreign Corrupt Practices Act of 1977 which requires publicly owned U.S. corporations to maintain systems of internal control that meet certain minimum standards. Preventive controls are an integral part of virtually all accounting processing systems, and much of the information generated by the accounting system is used for preventive control purposes. Which one of the following is not an essential element of a sound preventive control system?

A. Implementation of state-of-the-art software and hardware.B. Sound personnel practices.C. Documentation of policies and procedures.D. Separation of responsibilities for the recording, custodial, and authorization functions.

A. Implementation of state-of-the-art software and hardware is not necessary for an organization to have a sound control system.

B. Sound personnel practices contribute to sound control systems. Organizations with effective control environments transmit guidance to their employees both verbally and by example, communicating the entity's values, standards and code of conduct; and they follow up on violations. There are mechanisms to encourage employee reporting of suspected violations, and disciplinary actions are taken when employees fail to report them. Formal and clearly communicated policies and procedures that result in shared values and teamwork are followed at all times, without exception. The competence level needed for particular jobs is specified, competent people are hired and retained, and authority and responsibility are appropriately assigned. Internal control is an explicit or implicit part of everyone's job description, and all individuals in the organization realize that they will be held accountable.

C. Documented policies and procedures are an important part of a sound control system. Formal and clearly communicated policies and procedures that result in shared values and teamwork should be followed at all times, without exception.

D. Separation of responsibilities for the recording, custodial, and authorization functions is an essential element of a sound preventive control system, because without such separation of responsibilities, a person could commit a fraud and conceal it.


Which of the following describes the most effective preventive control to ensure proper handling of cash receipt transactions?

A. The employee who receives customer mail receipts prepares the daily bank deposit, which is then deposited by another employee.B. Bank reconciliations are prepared by an employee not involved with cash collections and then are reviewed by a supervisor.C. One employee issues a prenumbered receipt for all cash collections; another employee reconciles the daily total of prenumbered receipts to the bank deposits.D. Predetermined totals (hash totals) of cash receipts are used to control posting routines.

A. The person who receives customer receipts should prepare a list of them. The person who prepares the bank deposit should be a different person, and that person should prepare an independent list.

B. A bank reconciliation is a detective control, not a preventive control.

C. It is important to establish accountability for cash received at the earliest possible point. Use of prenumbered receipts assures that all receipts are accounted for, and having a different employee do the

Part 1 : 07/28/10 08:58:14


reconciliation is an additional control against misappropriation of funds.

D. Hash totals are control totals used in processing to ensure that data has not been changed during the processing, not cash custody controls.


Controls can be classified according to the function they are intended to perform; for example, to discover the occurrence of an unwanted event (detective), to avoid the occurrence of an unwanted event (preventive), or to ensure the occurrence of a desirable event (directive). Which of the following is a directive control?

A. Requiring all members of the internal auditing department to be CIAs.B. Monthly bank statement reconciliations.C. Dual signatures on all disbursements over a specific dollar amount.D. Recording every transaction on the day it occurs.

A. Requiring all members of the internal auditing department to be CIAs is a directive control. It increases the probability that the internal auditors will have the requisite knowledge, experience and professionalism to perform their jobs.

B. Monthly bank statement reconciliations are detective controls, not directive controls. A bank reconciliation is used to detect errors on either the accountholder's part or on the bank's part after they have occurred.

C. Requiring dual signatures on all disbursements over a specific dollar amount is a preventive control.

D. Recording every transaction on the day it occurs is a preventive control.


An auditor noted that the accounts receivable department is separate from other accounting activities. Credit is approved by a separate credit department. Control accounts and subsidiary ledgers are balanced monthly. Similarly, accounts are aged monthly. The accounts receivable manager writes off delinquent accounts after 1 year, or sooner if a bankruptcy or other unusual circumstances are involved. Credit memoranda are prenumbered and must correlate with receiving reports. Which of the following areas could be viewed as an internal control weakness of the above organization?

A. Monthly aging of receivables.B. Write-offs of delinquent accounts.C. Handling of credit memos.D. Credit approvals.

A. Monthly aging of receivable is not a control weakness but is an appropriate control procedure.

B. If the accounts receivable manager is both approving the write-offs of delinquent accounts and performing the write-off, this is a weakness in internal control. The person who authorizes a transaction should be different from the person who records the transaction.

C. The controls on credit memoranda are appropriate. The credit memoranda are prenumbered and also there is a procedure in place to verify that the goods being credited to the customer were in fact received back from the customer.

D. Credit is approved by a separate credit department, which is appropriate segregation of duties.

Part 1 : 07/28/10 08:58:14



Auditors document their understanding of internal control with questionnaires, flowcharts, and narrative descriptions. A questionnaire consists of a series of questions concerning controls that auditors consider necessary to prevent or detect errors and irregularities. The most appropriate question designed to contribute to the auditors' understanding of the completeness of the expenditure cycle would concern the

A. Use and accountability of prenumbered checks.B. Qualifications of accounting personnel.C. Disposition of cash receipts.D. Internal verification of quantities, prices, and mathematical accuracy of sales invoices.

A. In understanding the completeness of the expenditure cycle, the auditor is interested in whether all the transactions have been recorded. If prenumbered checks are used sequentially, a gap in check numbers would be something for the auditor to investigate, because it may mean that there are unrecorded transactions.

B. Qualifications of accounting personnel are unrelated to the controls over the expenditure cycle.

C. Cash receipts are unrelated to the expenditure cycle and can contribute nothing to the auditors' understanding of the completeness of the expenditure cycle.

D. Verification of sales invoices will not contribute to an understanding of the completeness of the expenditure cycle, because sales invoices are part of the revenue cycle.


The procedure that would best discourage the resubmission of vendor invoices after they have been paid is

A. The cancellation of vouchers by treasurer personnel.B. A requirement for double endorsement of checks.C. The cancellation of vouchers by accounting personnel.D. The mailing of payments directly to payees by accounting personnel.

A. The voucher and all supporting documents should be cancelled by personnel in the treasurer's office at the time the check is signed. This will prevent the documents from being resubmitted for duplicate payment.

B. Requiring two signatures on a check would not prevent resubmission and double paying of vendor invoices after they have been paid.

C. Cancellation of vouchers should not take place until the check in payment of the invoice has been signed.

D. The account payable personnel should not have access to checks after they have been signed.


An audit of the receiving function at the company's distribution center revealed inadequate control over receipts. Which of the following controls would be appropriate for the receiving function?

A. Require that all receipts receive the approval of the warehouse manager.B. To ensure adequate separation of duties, the warehouse receiving clerk should work independently from the warehouse manager.C. Ensure that the warehouse receiving department has a true copy of the original purchase order.D. Ensure that the warehouse receiving department has a purchase order copy with the units described, but both prices and quantities omitted.

Part 1 : 07/28/10 08:58:14


A. Shipment receipts should be backed up by authorized purchase orders, not the warehouse manager's approval.

B. Having the receiving clerk work independently of the warehouse manager is not a control but is in fact a risk, because the clerk would be working without supervision.

C. The warehouse receiving department should have a copy of the purchase order, but its copy should not include prices and quantities.

D. The receiving clerk should have access to authorized purchase orders in order to make sure that only authorized shipments are accepted. Prices and quantities should not appear on this copy in order to increase the likelihood that the count of received items will be accurate.


Internal auditors regularly evaluate controls and control procedures. Which of the following best describes the concept of control as recognized by internal auditors?

A. Control represents specific procedures that accountants and auditors design to ensure the correctness of processing.B. Management takes action to enhance the likelihood that established goals and objectives will be achieved.C. Control procedures should be designed from the "bottom up" to ensure attention to detail.D. Management regularly discharges personnel who do not perform up to expectations.

A. Control encompasses much more than controls designed to ensure the correctness of processing. Furthermore, control is designed and instituted by management, not by accountants or auditors.

B. A control is any action taken by management to enhance the likelihood that established goals and objectives will be achieved.

C. While control procedures may be designed from the bottom up, the concept of control flows from the top down.

D. This is not the definition of a control.

Question 50 - CIA 594 P4 Q8 - Risk Assessment, Controls and Risk Management

On January 1, a company establishes a petty cash account and designates one employee as petty cash custodian. The original amount included in the petty cash fund is $500, and it will be used to make small cash disbursements. The fund will be replenished on the first of each month, after the petty cash custodian presents receipts for disbursements to the general cashier. The following disbursements are made in January. The balance in the petty cash box at the end of January is $163.

Office supplies: $173Postage: $112Entertainment: $42

Who is responsible, at all times, for the amount of the petty cash fund?

A. The general cashier.B. The petty cash custodian.C. The general office manager.D. The president of the company.

A. The general cashier should not be responsible for petty cash.

B. The petty cash custodian should be responsible for petty cash.

Part 1 : 07/28/10 08:58:14


C. The general office manager should not be responsible for petty cash.

D. The president of the company should not be responsible for petty cash.

Question 51 - CPA 594 A-33 - Risk Assessment, Controls and Risk Management

Which of the following controls most likely would be used to maintain accurate inventory records?

A. Periodic inventory counts are used to adjust the perpetual inventory records.B. Requisitions, receiving reports, and purchase orders are independently matched before payment is approved.C. Perpetual inventory records are periodically compared with the current cost of individual inventory items.D. A just-in-time inventory ordering system keeps inventory levels to a desired minimum.

A. Periodic inventory counts, independently arrived at, should be periodically compared with perpetual inventory records, and if there any differences, the perpetual inventory record should be adjusted.

B. While matching backup documents to invoices before paying the invoices is important, this does nothing to confirm that the quantity of each individual item on hand matches the count according to the perpetual inventory system.

C. Comparing perpetual inventory records with the current cost of individual inventory items does nothing to confirm that the quantity of each individual inventory item on hand matches the count according to the perpetual inventory system.

D. Just-in-time inventory ordering may be used to keep inventory levels to a desired minimum; however, it does nothing to confirm that the quantity of each individual item on hand matches the count according to the perpetual inventory system.


A means of ensuring that payroll checks are drawn for properly authorized amounts is to

A. Require supervisory approval of employee time cards.B. Require that undelivered checks be returned to the cashier.C. Witness the distribution of payroll checks.D. Conduct periodic floor verification of employees on the payroll.

A. It is appropriate to require supervisory approval of employee time cards, because supervisors are in a position to know whether their employees' time is being reported accurately.

B. While requiring undelivered checks to be returned to the cashier is a good control procedure, it does nothing to ensure that the payroll checks are for the proper amounts.

C. Witnessing the distribution of payroll checks does not ensure that the payroll checks are for the correct amounts.

D. While conducting periodic floor verification of employees on the payroll will confirm that the employees exist, it would do nothing to ensure that their payroll checks are drawn for properly authorized am

27 risk assessment controls and risk management

Documents

securities act

securities exchange

promotional prices

regular price

frequent price changes

risk assessment

frequent price promotions

telephone operators