No proper documentation of adds, changes or deletions to vendor master file is a fraud warning sign of:
Apply principles of risk management at every management level for identifying, evaluating, avoiding, minimizing and controlling risks, is called:
The process of identifying best practices and comparing them to one’s own organization is called:
The internal audit activity should evaluate risk exposures relating to the organization’s risk management system, is:
In order to achieve balance between ________ and _______, internal controls should be proactive, value-added, cost-effective, and manage risk exposure.
A methodology that can be used by managers and internal auditors to assess the adequacy of an organization’s risk management and control processes is called:
Tall organization structures have a large number of levels between the top of the organization and the bottom.
Proficiency in initiating new ideas and leading people in a new direction is called:
The identification and analysis of relevant risks associated with achieving objectives the forming a basis for determining how risks should be managed and controlled is called:
____________ refers the assessment of risks and opportunities affecting the achievement of the organization’s goals and objectives.
Who identified internal control components including Control environment, Information & communication, risk assessment, control activities and Monitoring?
An ethical tone has been established at the top of the organization and has been communicated throughout the organization.
Determination that the evidence has a logical relationship to the findings is known as:
To improve the quality of financial reporting through a focus on corporate governance, internal controls and ethical standards, is the mission of:
Compliance is related to the company’s compliance with applicable laws and regulations.
The emergence of _____________ as a key organizational process gives the internal auditing profession a unique opportunity to shift its focus to risk.
Which of the following is NOT the COSO internal controls interrelated component?
Which program evaluations focus on the results of the program in order to determine the program’s effect?
A weak control is equal to high vulnerability and a strong control is equal to the low vulnerability.
What flow from and are linked with the organization’s entity wide objectives and strategic plans?
Work group participants may be suspicious and even hostile, seeing CSA as a management ploy to find out more about them, when:
Which activities are designed and implemented to reduce, or otherwise manage, risk at levels that were determined to be acceptable to the management and board?
In traditional approach, evaluating risks and controls were done by auditors and in control self-assessment approach it is done by work teams.
_________ refers to recommended actions should take into account relevant resource limitations.
Adjusting entries made without formal approval is a fraud warning of financial characteristics.
Alleged perpetrators have the right to expect an objective investigation and that allegations against them will be kept as confidential as possible until they are substantiated, this refers to;