Question
10) Controls may deteriorate over time for several reasons. A change in the way product is sourced, which can significantly impact internal controls, is best
10) Controls may deteriorate over time for several reasons. A change in the way product is sourced, which can significantly impact internal controls, is best categorized as a
A. Organizational size change
B. Process change
C. Technology change
D. Physical safeguard change
E. Human element change
11) Which of the following is not a legitimate role for internal auditing in cloud computing?
A) Reviewing personnel transition and end-user training plans
B) Providing assurance on IT general controls
C) Reviewing service level agreements
D) Ongoing monitoring of vendor performance
E) Implementing the cloud computing strategy
12) Which of the following is not a category of objectives of internal control per the COSO Internal Control Framework?
A) Achievement of strategic objectives
B) Reliability of financial reporting
C) Effectiveness and efficiency of operations
D) Compliance with laws and regulations
E) All of the above are categories of objectives of internal control
13) The amount of time from when a risk event occurs until its impact is felt is called.
A) Likelihood
B) Vulnerability
C) Qualitative risk
D) Speed of onset
E) Impact
14) Which of the following is not a correct statement:
A) If general controls are weak, it may not be possible to rely on application controls
B) Weaknesses in the IT environment at the entity level may result in a conclusion that there is a significant deficiency or material weakness.
C) Weaknesses in application controls at the process level may result in a conclusion that there is a significant deficiency or material weakness.
D) Applications are less prone to mistakes than human beings, if designed, operated, maintained and secured effectively
E) Internal controls downstream from the risk are considered preventive controls
15) The internal audit activity's role in the risk management process of an organization may not encompass:
A) Auditing the risk management process as part of the internal audit plan.
B) Facilitating identification of risks
C) Accountability for risk management
D) Participation on oversight committees, monitoring activities, and status reporting.
E) All of the above are prohibited activities
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access with AI-Powered Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
The Legal Environment of Business A Critical Thinking Approach
Authors: Nancy K Kubasek, Bartley A Brennan, M Neil Browne
6th Edition
978-0132666688, 132666685, 132664844, 978-0132664844
