What are the correct answers to these questions:

Which of the following is not considered part of a company's "Monitoring"activities (as defined by COSO)?

I. Regluar management & supervisory activities.

II. Comparison activities.

III. Fraud prevention & detection activities.

IV. Management self-control assessment

	a. Only iV is not a part of monitoring activities.
	b. Only I and III are not a part of monitoring activities.

c. Only II is not part of monitoring activities.

d.None of the above (all listed activities are part of monitoring)

Which of the following is the least accurate regarding risk management?

	a. Should consider impact and likelihood to determine critical risks
	b. Is a fairly subjective process requiring sound judgment

	c. Are typically not formally performed by operations management
	d. Requires consideration of inherent risk factors and risk control analysis.

e. Residual risk is what remains of inherent risks after internal controls are put in place

Evaluation of ICFR includes which of the following financial reporting assertions (objectives):

I. Occurrence

II. Safeguarding

III Completeness

IV. Valuation

	a. Only I, II and III are relevant
	b. Only I, III and IV are relevant

	c. Only II, III and IV are relevant
	d. All of the above

The IIAs Professional Practices Framework requires the CAE to periodically report to senior management and the board of directors on internal audits activities.

	True
	False

In audits of a business process, there is little value in testing the operating effectiveness of controls that are inadeuately designed

	True
	False