Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

MT2 Ch 11 Internal Control and COSO Framework, Exams of Financial Management

coso risk management framework

Typology: Exams

2024/2025

Available from 07/02/2025

patrick-maina-2
patrick-maina-2 ๐Ÿ‡ฌ๐Ÿ‡ง

296 documents

1 / 11

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
MT2 Ch 11 Internal Control and COSO Framework
Which of the following is not one of the three primary objectives of effective
internal control?
A) assurance of elimination of business risk
B) efficiency and effectiveness of operations
C) reliability of financial reporting
D) compliance with laws and regulations โœ”โœ”A) assurance of elimination of
business risk
"Management typically has three broad objectives in designing an effective
internal control system: ... Reliability or reporting... Efficiency and effectiveness of
operations... Compliance with laws and regulations."
(Pg343, Internal Control Objectives)
Internal controls
A) only apply to SEC companies.
B) consist of policies and procedures designed to provide reasonable assurance that
the company achieves its objectives and goals.
C) are implemented by and are the responsibility of the auditors.
D) guarantee that the company complies with all laws and regulations. โœ”โœ”B)
consist of policies and procedures designed to provide reasonable assurance that
the company achieves its objectives and goals.
"A system of internal control consists of policies and procedures designed to
provide management with reasonable assurance that the company achieves its
objectives and goals." (Pg343, Internal Control Objectives)
Who is responsible for establishing a private company's internal control?
A) internal auditors
B) senior management
C) FASB
D) audit committee โœ”โœ”B) senior management
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download MT2 Ch 11 Internal Control and COSO Framework and more Exams Financial Management in PDF only on Docsity!

MT2 Ch 11 Internal Control and COSO Framework

Which of the following is not one of the three primary objectives of effective internal control?

A) assurance of elimination of business risk B) efficiency and effectiveness of operations C) reliability of financial reporting

D) compliance with laws and regulations โœ”โœ”A) assurance of elimination of business risk

"Management typically has three broad objectives in designing an effective internal control system: ... Reliability or reporting... Efficiency and effectiveness of operations... Compliance with laws and regulations." (Pg343, Internal Control Objectives)

Internal controls

A) only apply to SEC companies. B) consist of policies and procedures designed to provide reasonable assurance that the company achieves its objectives and goals. C) are implemented by and are the responsibility of the auditors.

D) guarantee that the company complies with all laws and regulations. โœ”โœ”B) consist of policies and procedures designed to provide reasonable assurance that the company achieves its objectives and goals.

"A system of internal control consists of policies and procedures designed to provide management with reasonable assurance that the company achieves its objectives and goals." (Pg343, Internal Control Objectives)

Who is responsible for establishing a private company's internal control?

A) internal auditors B) senior management C) FASB

D) audit committee โœ”โœ”B) senior management

"Management is responsible for establishing and maintaining the entity's internal controls. Management is also required by Section 404 to publicly report on the operating effectiveness of those controls... Management, not the auditor, must establish and maintain the entity's internal controls." (Pg344, Management and Auditor Responsibilities for Internal Control)

Two key concepts that underlie management's design and implementation of internal control are

A) inherent limitations and reasonable assurance. B) absolute assurance and costs. C) costs and materiality.

D) collusion and materiality. โœ”โœ”A) inherent limitations and reasonable assurance.

"Two key concepts underlie management's design and implementation of internal control--reasonable assurance and inherent limitations." (Pg344, Management's Responsibilities for Establishing Internal Control)

The PCAOB places responsibility for the reliability of internal controls over the financial reporting process on

A) the CFO and the independent auditors. B) the company's board of directors. C) the audit committee of the board of directors.

D) management. โœ”โœ”D) management.

Which of the following parties provides an assessment of the effectiveness of internal control over financial reporting for public companies? I. Management II. Financial statement auditors

A) Yes, Yes B) Yes, No C) No, Yes

D) No, No โœ”โœ”A) Yes, Yes

A statement that management is responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting.

An assessment of the effectiveness of the internal control structure and procedures for financial reporting as of the end of the company's fiscal year." (Pg345, Management's Section 404 Reporting Responsibilities)

The auditor's primary purpose in auditing the client's system of internal control over financial reporting is

A) to prevent fraudulent financial statements from being issued to the public. B) to report to management that the internal controls are effective in preventing misstatements from appearing on the financial statements. C) to efficiently conduct the Audit of Financial Statements. D) to evaluate the effectiveness of the company's internal controls over all relevant

assertions in the financial statements. โœ”โœ”D) to evaluate the effectiveness of the company's internal controls over all relevant assertions in the financial statements.

The internal control framework used by most U.S. companies is the ________ framework.

A) SEC

B) PCAOB

C) FASB

D) COSO โœ”โœ”D) COSO

The Sarbanes-Oxley Act requires

A) all public companies to define adequate internal controls. B) all public companies to issue reports on internal controls. C) the auditor of public companies to withdraw from an engagement if internal controls are weak.

D) the auditor of public companies to design effective internal controls. โœ”โœ”B) all public companies to issue reports on internal controls.

An auditor should consider two key issues when obtaining an understanding of a client's internal controls. These issues are

A) the implementation and operating effectiveness of the controls. B) the effectiveness and efficiency of the controls. C) the design and operating effectiveness of the controls.

D) the frequency and effectiveness of the controls. โœ”โœ”C) the design and operating effectiveness of the controls.

Reasonable assurance allows for

A) high likelihood that material misstatements will not be prevented or detected by internal control. B) moderate likelihood that material misstatements will not be prevented or detected by internal control. C) low likelihood that material misstatements will not be prevented or detected by internal controls. D) no likelihood that material misstatements will not be prevented or detected by

internal control. โœ”โœ”C) low likelihood that material misstatements will not be prevented or detected by internal controls.

T/F When a company designs and implements internal controls, the cost of the

controls is not a valid consideration. โœ”โœ”F

Which of the following statements is most correct with respect to separation of duties?

A) Employees who open cash receipts should record the amounts in the subsidiary ledgers. B) Employees who authorize transactions should have recording responsibility for these transactions. C) Employees who authorize transactions should not have custody of the related assets. D) A person who has temporary or permanent custody of an asset should account

for that asset. โœ”โœ”C) Employees who authorize transactions should not have custody of the related assets.

C) develop general controls over technology

D) accountability โœ”โœ”A) consider the potential for fraud

"The four underlying principles related to risk assessment are that the organization should have clear objectives in order to be able to identify and assess the risks relating to those objectives; should determine how the risks should be managed; should consider the potential for fraudulent behavior; and should monitor changes that could impact internal controls." (Pg351; Risk Assessment)

Which of the following is not an underlying principle related to risk assessment?

A) The organization should monitor changes that could impact internal controls. B) The organization should have clear objectives in order to be able to identify and assess the risks relating to the objectives. C) The auditors should determine how the company's risks should be managed.

D) The organization should consider the potential for fraudulent behavior. โœ”โœ”C) The auditors should determine how the company's risks should be managed.

"The four underlying principles related to risk assessment are that the organization should have clear objectives in order to be able to identify and assess the risks relating to those objectives; should determine how the risks should be managed; should consider the potential for fraudulent behavior; and should monitor changes that could impact internal controls." (Pg351; Risk Assessment)

Which of the following is not one of the subcomponents of the control environment?

A) commitment to competence B) adequate separation of duties C) organizational structure

D) management's philosophy and operating style โœ”โœ”B) adequate separation of duties

Proper segregation of functional responsibilities calls for separation of

A) authorization, payment, and recording.

B) authorization, recording, and custody. C) custody, execution, and reporting.

D) authorization, execution, and payment. โœ”โœ”B) authorization, recording, and custody.

Without an effective ________, the other components of the COSO framework are unlikely to result in effective internal control, regardless of their quality.

A) risk assessment policy B) monitoring policy C) system of control activities

D) control environment โœ”โœ”D) control environment

Which of the following statements related to application controls is correct?

A) Application controls relate to various aspects of the IT function including physical security and the processing of transactions in various cycles. B) Application controls relate to all aspects of the IT function. C) Application controls relate to various aspects of the IT function including software acquisition and the processing of transactions.

D) Application controls relate to the processing of individual transactions. โœ”โœ”D) Application controls relate to the processing of individual transactions.

General controls include all of the following except

A) processing controls. B) online security. C) hardware controls.

D) systems development. โœ”โœ”A) processing controls.

A control that relates to all parts of the IT system is called a(n)

A) systems control. B) general control. C) applications control.

D) universal control. โœ”โœ”B) general control.

A) Application controls are likely to be effective only when general controls are effective. B) Application controls are effective even if general controls are extremely weak. C) General controls have no impact on application controls.

D) None of the above. โœ”โœ”A) Application controls are likely to be effective only when general controls are effective.

The most important output control is

A) review of data for reasonableness by someone who knows what the output should look like. B) control totals, which are used to verify that the computer's results are correct. C) logic tests, which verify that no mistakes were made in processing. D) distribution control, which assures that only authorized personnel receive the

reports generated by the system. โœ”โœ”A) review of data for reasonableness by someone who knows what the output should look like.

"The most important output control is review of the data for reasonableness by someone knowledgeable about the output." (Pg 362; Output Controls)

T/F Auditors must assess the design and implementation of controls for all audits,

including both public and private company audits โœ”โœ”T

Which component does the following principle relate to? "The entity uses relevant, quality information to support the functioning of internal control"

A) Risk assessment B) Information and communication C) Control activities

D) Control environment โœ”โœ”B) Information and communication

Which component does the following principle relate to? "Internal control deficiencies are identified and communicated in a timely manner to those parties responsible for taking corrective action"

A) Information and communication

B) Control environment C) Risk assessment

D) Monitoring โœ”โœ”D) Monitoring

Which component does the following statement relate to? "The entity attracts, develops, and retains competent individuals in alignment with financial reporting and internal control objectives"

A) Control activities B) Control environment C) Risk assessment

D) Monitoring โœ”โœ”B) Control environment

Which of the components does the following statement relate to? "Employees who do not perform assigned internal control responsibilities are held accountable (e.g., fired, demoted, transferred to a new role)"

A) Control environment B) Risk assessment C) Monitoring

D) Control activities โœ”โœ”A) Control environment