Which of the following actions did the Treadway Commission recommend to reduce

fraudulent financial reporting?

a. Establish financial incentives that promote integrity in the financial reporting

process.

b. Identify and understand the factors that lead to fraudulent financial reporting.

c. Assess the risk of corruption and misappropriation of assets within the company.

d. Design and implement internal controls to provide reasonable assurance of preventing

fraudulent financial reporting.

Which of the following statements is (are) TRUE?

a. Perpetrators who do not steal cash or use the stolen assets usually convert the assets to

a spendable form.

b. The biggest fraud opportunity arises from a companys failure to design and enforce

its internal control system.

c. A huge fraud opportunity arises when a company has clear policies and procedures

and teaches and stresses honesty.

d. Strong, mutually beneficial personal relationships with suppliers is unlikely to result

in fraud.

e. Fraud is highly unlikely to occur when a crisis arises and normal controls are

suspended.

The number of incidents and the total dollar losses from computer fraud are increasing

rapidly for which of the following reasons?

a. Many instances of computer fraud go undetected and many computer frauds are not

reported.

Cyber sleuths need which of the following skills?

a. Ability to do complex programming, so they can develop their own software to examine

corporate data and records

b. Ability to follow a trail, think analytically, and be thorough

c. Ability to use their computer engineering experience to evaluate the hardware used by

the company

d. Ability to think like a fraud perpetrator and use hacking tools and techniques

e. Ability to use their legal training to properly prepare the evidence needed to prosecute

perpetrators

b. Many companies are moving to cloud services where there are few data security

controls.

c. Internet sites offer step-by-step instructions on how to perpetrate computer fraud and

abuse.

d. Law enforcement is not interested in preventing or prosecuting computer fraud.

e. There are no laws against computer fraud, so prosecution is difficult.

Which of the following statements is (are) TRUE?

a. The type of computer fraud that is the simplest and most common and that requires the

least amount of skill is data fraud.

b. The type of computer fraud that is the most difficult because it requires the most skill

is computer instructions fraud.

c. The biggest cause of data breaches is organized hacker groups.

d. Losses from the theft of physical assets are much greater than those from the electronic

theft of data.

e. In the absence of controls, it is not hard for a dishonest emplo