1. The 2016 ACFE Report to the Nations found that ___________ of existing controls is the second most frequently observed internal control weakness that contributed to fraud; the lack of internal controls was the only weakness more frequently cited by the ACFE's survey respondents.

a - A lack of clarity

b- Override

c- A lack of awareness

d- Overly complex design

2- ____________ are part of the day-to-day operations of most organizations and are often observed by auditors.

a- Risk

b- Anomalie

c- Earnings management

d- Transaction adjustments

3- Management has some latitude to manage earnings as long as the choices are considered ____________; however, any sign of deliberate efforts to do so should be regarded as a red flag by auditors, because it can be fraud, whether or not material.

a- Necessary to achieve performance bonuse

b- Board approve

c- GAAP-compliant

d- Reasonable by investors

4- Management has some latitude to manage earnings as long as the choices are considered ____________; however, any sign of deliberate efforts to do so should be regarded as a red flag by auditors, because it can be fraud, whether or not material.

Necessary to achieve performance bonuses

Board approved

GAAP-compliant

Reasonable by investors

5- The first step to detecting fraud is to build an understanding of the organization and the environment in which it operates. The second step is to ______________________.

Remind your team of the importance of professional skepticism

Develop an understanding of the control environmentthe environment as opposed to the controls themselves

Develop an audit plan that includes discussions with senior management about potential fraud risks

Develop a network of insiders who may have knowledge of actual fraud

Question 6

_______________ is a relative concept. A misstated amount that would be immaterial to a large company could be large enough to wipe out the net worth of most small companies.

Materiality

Truth

Fraud

An external audit

Question 7

Residual fraud risk includes those _______________ that are not adequately mitigated by control activities, and, as such, requires a fraud audit response.

Company-specific characteristics

Industry norms

Personnel

Fraud schemes

Question 8

When conducting an audit, the auditor has a responsibility to design audit tests to address the risk of management override of internal controls. _____________ can be discerned by looking for evidence of concealments such as missing documents, altered documents, nonreconcilable items, misinformation obtained during management inquiries, and other indicators of concealment.

Intent

Scope

Erros

Red flags

Question 9

From a fraud perspective, internal controls have at least three different objectives:

Prevention, deterrence, and detection

Increase perception of detection, improve deterrence, and create a reporting mechanism

Deterrence, detection, and mitigation

Segregation of duties, checks and balances, and detection

Question 10

The starting point for the antifraud professional or forensic accountant is an attitude of ______________________.

Professional rigor

Unbiased professionalism

Professional pessimism

Professional skepticism

Question 11

An overview of the fraud risk assessment process includes the following components:

Propose the scope of the audit, execute the scope, report the findings to the board, and reply to management concerns

Evaluate the fraud risk factors, identify possible fraud schemes and scenarios, prioritize individual fraud risks, evaluate mitigating controls

Money, Ideology, Coercion, and/or Ego/Entitlement (MICE)

Act, concealment, and conversion

Question 12

A major difference between auditors and fraud examiners is that most auditors __________________. Fraud examiners and forensic accountants who detect fraud go beyond this. They determine whether __________________, whether expenditures make sense, and whether all aspects of the documentation are in order.

Merely match documents to numbers to see whether support exists and is adequate; the documents are real or fraudulent

Are not trained in detecting fraud; red flags exist

Don't have the interview skills to assess fraud; people make inconsistent statements

Have at least a 5% threshold for materiality; fraud at any threshold exists

Question 13

_________________ is an illegal offense that is committed where the computer or electronic data device is __________ the criminal act.

Computer fraud; an object of

Computer hacking; a tool in

Computer crime; integral to

Computer phishing; reprogrammed to carry out

Question 14

Access privileges beyond those required to perform assigned job functions, exception reports not reviewed and resolved, access logs not reviewed, production programs run at unusual hours, and lack of separation of duties in the data center are cited in the text as examples of:

Indicators of insider computer fraud that suggest increased risk and require additional security

Typical weaknesses existing in logical controls that exist in most small to medium organizations

Social engineering

Red flags that may suggest a heightened risk to exposure from outside attacks and Distributed Denial of Service (DDoS) and ransomware such as Wannacry

Question 15

The most prevalent method of committing computer fraud is ________________________________.

Network weaving

Social engineerin

Digital device hacking

Alteration or falsification of input transactions (and/or documents)

Question 16

You have just completed a fraud examination in which you concluded, based on security camera footage, that an outside intruder entered the company dressed as a computer repair person. The footage shows the intruder chatting amiably with several individuals in the bookkeeping department, followed by logging onto their computers as they stand watching over his shoulder, using credentials they shared when he showed them his vendor badge (which was counterfeit). This type of attack is executed using:

Social engineering

Spear phishing

Shoulder surfing

a Trojan horse