1.Which of the following are used as part of the monitoring component of the COSO internal control integrated framework?

A. Training workshops

B. Contingency plans

C. Backup procedures and check digit account numbers

D. Performance reviews and surprise audits

2. Which of the following is an example of an event risk (as opposed to an information processing risk or a system resource risk)?

A. A report is printed too late to be useful for a decision.

B. The enterprise fails to update a customer s address when the customer moved.

C. An enterprise acquires merchandise it doesn t need.

D. A company doesn t make regular backups of its operating data.

3. Which of the following is an example of a business process risk?

A. A global economic downturn

B. Receipt of goods that were not ordered

C. Low employee morale

D. Reduction of perceived brand quality

4. Which of the following is NOT primarily a preventive control?

A. The general ledger master file is locked in a safe each night.

B. All bills are marked "paid" to preclude duplicate payment.

C. The accounts receivable subsidiary ledger is reconciled against the general ledger accounts receivable control account.

D. Only the credit manager may approve customers credit sale orders

5.Who is ultimately responsible for a company's internal control structure?

A. The company's management

B. The company's internal auditors

C. The company's external auditors

D. The company's stockholders