1. Which of the following is not an appropriate governance role for an organization's board of directors? a. Evaluating and approving strategic objectives. b. Influencing the organization's risk-taking philosophy. c. Providing assurance directly to third parties that the organization's governance processes are effective. d. Establishing broad boundaries of conduct, outside of which the organization should not operate. 2. Which of the following are typically governance responsibilities of senior management? I. Delegating its tolerance levels to risk managers. II. Monitoring day-to-day performance of specific risk management activities. III. Establishing a governance committee of the board. IV. Ensuring that sufficient information is gathered to support reporting to the board. a. I and IV. b. II and III. c. I, II, and IV. d. I, II, III, and IV. 3. ABC utility company sells electricity to residential customers and is a member of an industry association that provides guidance to electric utilities, lobbies on behalf of the industry, and facilitates sharing among its members. From ABC's perspective, what type of stakeholder is this industry association? a. Directly involved in the operation of the company. b. Interested in the success of the company. c. Influences the company. d. Not a stakeholder Who is responsible for establishing the strategic 4 ?objectives of an organization a. The board of directors. b. Senior management c. Consensus among all levels of management. d. The board and senior management jointly. WIL 6. The internal audit function should not a. Assess the organization's governance and risk management processes. b. Provide advice about how to improve the organization's governance and risk management processes. c. Oversee the organization's governance and risk management processes. d. Coordinate its governance and risk management- related activities with those of the independent outside auditor 7. Which of the following would not be considered a first line of defense in the Three Lines of Defense model a. A divisional controller conducts a peer review of compliance with financial control standards. b. An accounts payable clerk reviews supporting documents before processing an invoice for payment c. An accounting supervisor conducts a monthly review to ensure all reconciliations were completed properly. d. A production line worker inspects finished goods to ensure the company's quality standards are met 8. Which of the following would be considered a first line of defense in the Three Lines of Defense model? a. An accounts payable supervisor conducting a weekly review to ensure all payments were issued by the required payment date. b. A divisional compliance and ethics officer conducting a review of employee training records to ensure that all marketing and sales staff have completed the required FCPA training. c. The external audit team observes the counting of inventory on December 31. d. An internal audit team conducting an engagement to provide assurance on the company's Sarbanes-Oxley compliance with internal controls over financial reporting 9. Which of the following would be considered a second line of defense in the Three Lines of Defense model? a. An accounts payable supervisor conducting a weekly review to ensure all payments were issued by the required neyment inte 3. ABC utility company sells electricity to residential customers and is a member of an industry association that provides guidance to electric utilities, lobbies on behalf of the industry, and facilitates sharing among its members. From ABC's perspective, what type of stakeholder is this industry association? a. Directly involved in the operation of the company b. Interested in the success of the company. c. Influences the company. d. Not a stakeholder Who is responsible for establishing the strategic 4 ?objectives of an organization 1. The board of directors. b. Senior management c. Consensus among all levels of management d. The board and senior management jointly. 5. Who is ultimately responsible for identifying new or emerging key risk areas that should be covered by the organization's governance process? a. The board of directors. b. Senior management c. Risk owners d. The internal audit function. 6. The internal audit function should not a. Assess the organization's governance and risk management processes. b. Provide advice about how to improve the organization's governance and risk management processes. c. Oversee the organization's governance and risk management processes. d. Coordinate its governance and risk management- related activities with those of the independent outside auditor 7. Which of the following would not be considered a first line of defense in the Three Lines of Defense model? a. A divisional controller conducts a peer review of compliance with financial control standards. b. An accounts payable clerk reviews supporting documents before processing an invoice for payment. c. An accounting supervisor conducts a monthly review to ensure all reconciliations were completed properly, d. A production line worker inspects finished goods to morpliance with internal controls over financial reporting. 9. Which of the following would be considered a second line of defense in the Three Lincs of Defense model? a. An accounts payable supervisor conducting a weekly review to ensure all payments were issued by the required payment date. b. A divisional compliance and ethics officer conducting a review of employee training records to ensure that all marketing and sales staff have completed the required FCPA training c. A shift supervisor inspecting a sample of finished goods to ensure quality standards are met. d. An internal audit team conducting an engagement to provide assurance on the company's Sarbanes-Oxley compliance with internal controls over financial reporting. 10. Companies in industries that are heavily regulated may be subject to audits by the regulator's auditors. While not specifically covered in the Three Lines of Defense model, such auditors would most likely be considered: a. Part of the first line of defense. b. Part of the second line of defense. c. Part of the third line of defense. d. Not a line of defense 11. Which of the following is not a role of the internal audit function in best practice governance activities? 2. Support the board in enterprisewide risk assessment. b. Ensure the timely implementation of audit recommendations c. Monitor compliance with the corporate code of conduct. d. Discuss areas of significant risks. 12. Which of the following statements regarding corporate governance is not correct? a. Corporate control mechanisms include internal and external mechanisms b. The compensation scheme for management is part of the corporate control mechanisms. c. The dilution of shareholders' wealth resulting from employee stock options or employee stock bonuses is an accounting issue rather than a corporate governance issue. d. The internal audit function of a company has more responsibility than the board for the company's corporate gover a. Part of the first line of defense. b. Part of the second line of defense. c. Part of the third line of defense. d. Not a line of defense 11. Which of the following is not a role of the internal audit function in best practice governance activities? a. Support the board in enterprisewide risk assessment b. Ensure the timely implementation of audit recommendations, c. Monitor compliance with the corporate code of conduct. d. Discuss areas of significant risks. 12. Which of the following statements regarding corporate governance is not correct? a. Corporate control mechanisms include internal and external mechanisms. b. The compensation scheme for management is part of the corporate control mechanisms. c. The dilution of shareholders' wealth resulting from employee stock options or employee stock bonuses is an accounting issue rather than a corporate governance issue. d. The internal audit function of a company has more responsibility than the board for the company's corporate governance 13. What types of business events tend to drive new legislation and guidance? a. Economic downturns. b. Fraud or other corporate wrongdoing. c. Elections or other political changes. d. Economic growth 14. Which of the following represents the best governance structure? Operating Management Executive Management Internal Auditing a. Responsibility for risk Oversight role Advisory role b. Oversight role Responsibility for risk Advisory role c. Responsibility for risk Advisory role Oversight role d. Oversight role Advisory role Responsibility for risk