1. Most fundamentally, the purpose of control is to ensure:

a. Organizational objectives are met

b. Processing controls are effective

c. Employees are aware of requirements

d. B and C

e. None of the above

2. The following are the elements of control systems in general:

a.Segregation of duties, processing controls, reliability of AIS

b. Sensor,objective,feedback signal/mechanism

c. Thermostats, heaters,room temperature

d. COSO,AICPA,AAA

e. None of the above

3. Auditing standards for publicly listed firms are set by the

a. SEC

b. AICPA

c. COSO

d. PCAOB

e. Sarbanes-Oxley Act

4. Management and auditors of publicly listed firms must report on internal control to satisfy requirements of:

a. The traditional financial statement audit

b. The PCAOB Act

c. The Sarbanes-Oxley Act

d. All of the above

e. None of the above

5. Publicly listed firms must report on the of internal control over

a. Effectiveness and efficiency/operations

b.Efficiency/financial reporting

c. Effectiveness/compliance with applicable laws and regulations

d. Efficiency/fraudulent acts by employees or others

e. None of the above

6. Which of the following is not one of the five elements of the COSO framework

a. Control Environment

b. Control Assessment

c. Information and Communication

d. Control Activities

e. All are elements of the COSO framework

7. In risk assessment, the potential dollar loss that could result if an unwanted event occurs is

called a(n):

a. Threat

b. Exposure

c. Risk

d. Extraordinary loss

e. None of the above

8. The audit assertions relate to:

a. The numbers presented in the annual financial statements

b. The financial reporting processes that generate financial statements

c. Database normalization

d. All of the above

e. a and b

9. The assertion addressing whether a transaction is missing is:

a. GAAP

b. Program Testing

CCompleteness

. Validity

e. None of the above

10. The assertion addressing whether a transaction is real or not is:

a. GAAP

b. Program Testing

Completeness

d

Validity

e. None of the above

11.The assertion addressing whether a transaction has been recorded with the appropriate

values is:

a. GAAP

b. Program Testing

c. Completeness

d. Validity

e. None of the above

12.The COSO framework is specifically stated as a requirement in:

a. The Sarbanes-Oxley Act

b. Generally Accepted Accounting Principles

c. Generally Accepted Auditing Standards

d. PCAOB Auditing Standards

e. None of the above

13.The segregation of duties framework presented in class requires that which of the following

three duties be performed by separate individuals?

a. Specific review, accounting, asset handling

b. Secondary authorization, accounting, depositing

c. Secondary authorization, asset custody, reconciliation

d. Authorization, recording, asset handling

14. In the segregation of duties framework, who is/are primarily responsible to identify and act

on losses arising from the actions of people with custody of assets?

a. Security guard

b. Reconciler

c. Recorder

d. Primary Authorizer

e. b and c

15.In the segregation of duties framework, who is primarily responsible to evaluate whether the

Primary Authorizer doing their job effectively?

a. Custodian of Asset

b. Reconciler

c. Recorder

d. Secondary Authorizer

e. No one - this is not addressed

16.In the segregation of duties framework, who is primarily responsible to make sure the

person who records transactions is doing this effectively, if the recorder also handles

assets?

a.

Custodian of Assets

6

Reconciler

c. Primary Authorizer

d. Secondary Authorizer

e. No one-this is not addressed

17.An employee who opens mail which includes customer payments steals cash and changes

the cash receipts listing to cover up the theft. Segregation of which duties would prevent

this?

a. Custody of Assets and Recording

b. Review and Authorization

c. Recording and Reconciliation

d. Primary Authorization and Reconciliation

e. No separation of duties would have helped; the case involved collusion

18.A person who handles inventory also handles cash. From a segregation of duties

perspective, this is:

a. OK

b. Not OK

19. A person who reviews and approves sales orders also reviews and approves shipments.

From a segregation of duties perspective, this is:

Ca. Ok

b. Not OK

20. A person who receives inventory purchases also writes off accounts receivable. From a

segregation of duties perspective, this is:

a. OK

D.Not OK

21.Sales orders created by salespeople in the field are immediately sent to the Credit Manager

to approve credit for the sale, then are immediately sent to the warehouse for picking. No other personnel are involved. From a segregation of duties perspective, this is:

a.OK

b. Not OK

22.Effective segregation of duties in a computerized system does not include:

a. Each user having their own unique userlD

b. User IDs having limited access

c. Recordkeeping of IT purchases

d. Authentication of users

e. All of the above are helpful in achieving SoD

23.[2 points] The rate of theft at a clothing store is $1,000 per day. It is open 7 days per week.

Adding a security guard will cost $100 per day and will reduce theft by 30%. Installing a

a sensor at the door to detect tags on the clothes will cost $175 per week in extra labor and will reduce theft by 35%. Installing the tags/sensor and adding the guard will reduce theft by 43%.Which control(s) should be implemented?

a. Neither control

b. Security guard

c. Tags and sensors

d. Both the guard and the tags/sensor

e. More information is needed to decide