-
Question 1 - CPA 1183 L-45 - Risk Assessment, Controls and Risk
Management
Which of the following corporations are subject to the
accounting requirements of the Foreign Corrupt Practices Act
(FCPA)?
A. All corporations that have made a public offering under the
Securities Act of 1933.B. All corporations whose securities are
registered pursuant to the Securities Exchange Act of 1934.C. All
corporations engaged in interstate commerce.D. All domestic
corporations engaged in international trade.
A. The accounting and record-keeping provisions of the act apply
to companies regulated by the Securities Exchange Act of 1934. An
initial public offering under the Securities Act of 1933 is not
included. However, after a company makes a public offering, it does
become subject to registration under the Securities Exchange Act of
1934, which makes it subject to the FCPA. The FCPA is actually an
amendment to the Securities Exchange Act of 1934.
B. The accounting and record-keeping provisions of the act apply
to companies regulated by the Securities Exchange Act of 1934.
C. The accounting and record-keeping provisions of the act apply
only to companies regulated by the Securities Exchange Act of
1934.
D. The accounting and record-keeping provisions of the act apply
only to companies regulated by the Securities Exchange Act of
1934.
Question 2 - CIA 1194 I-45 - Risk Assessment, Controls and Risk
Management
A retailer of high-priced durable goods operates a
catalog-ordering division that accepts customer orders by
telephone. The retailer runs frequent price promotions. During
these times, the telephone operators enter the promotional prices.
The risk of this practice is that
A. Customers could systematically be charged lower prices.B.
Operators could give competitors notice of the promotional
prices.C. Frequent price changes could overload the order entry
system.D. Operators could collude with outsiders for unauthorized
prices.
A. There is nothing in this arrangement that would cause
systematic undercharges. If the operators failed to enter a
promotional price or failed to change the promotional price back to
the regular price, a systematic overcharge or undercharge could
occur. However, that would not be unique to the practice of using
operators to change prices, as it could occur regardless of who was
responsible for the job.
B. Having operators enter price changes into the system would
not give operators any advantage if they wanted to give competitors
notice of the promotional prices.
C. When orders are entered into a system, the price charged is
whatever price is in effect at that time. Frequent price changes
will not overload the order entry system.
D. If an operator who makes sales has the authority to also
change prices in the system, that operator could temporarily change
a price without authorization and then make a prearranged sale of
the item to a friend. This would be of concern with any inventory
item, but it is even more of a concern when the product being sold
is a high-priced consumer item. This is an example of the
importance of segregation of duties.
Question 3 - CMA 690 5-8 - Risk Assessment, Controls and Risk
Management
Organizational independence in the processing of payroll is
achieved by functional separations that are built into the system.
Which one of the following functional separations is not required
for internal control purposes?
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 1
-
A. Separation of personnel function from payroll preparation.B.
Separation of timekeeping from payroll preparation.C. Separation of
payroll preparation and maintenance of year-to-date records.D.
Separation of payroll preparation and paycheck distribution.
A. The personnel function is an authorization function, whereas
payroll preparation is a recordkeeping function. These two
functions are incompatible and should be separated.
B.
Separation of timekeeping from payroll preparation is required
for internal control purposes because a person doing both jobs
could enter fraudulent hours for an employee and then also do the
input and prepare the paycheck to pay that employee for the
fraudulent hours. The rule in segregation of duties is that one
person should not be in a position to commit fraud and also to
cover it up, which can happen if there is no second person involved
in the process, looking at the timekeeping data.
C.
The rule in segregation of duties is that one person should not
be in a position to commit fraud and also to cover it up. It would
be appropriate for the peerson who prepares the payroll to also
maintain year-to-date records. There is nothing in these two duties
that would give one person doing both of them an opportunity to
commit fraud and also to cover it up.
Furthermore, payroll preparation and maintenance of year-to-date
records are both recordkeeping functions and for that reason, they
are not incompatible. It is acceptable for both functions to be
performed by the same person.
D.
The rule in segregation of duties is that one person should not
be in a position to commit fraud and also to cover it up. If one
person were to prepare the payroll and also distribute the
paychecks, no second person would have a chance to see them before
they were distributed. The opportunity would exist to commit fraud
without anyone noticing.
Question 4 - IMA 08-P1-105 - Risk Assessment, Controls and Risk
Management
Which one of the following methods for the distribution of
employees' paychecks would provide the best internal control for
the organization?
A. Distribution of paychecks directly to each employee by a
representative of the Human Resource department.B. Delivery of the
paychecks to each department supervisor, who in turn would
distribute paychecks directly to the employees in his/her
department.C. Direct deposit in each employee's personal bank
account.D. Distribution of paychecks directly to each employee by
the payroll manager.
A. Representatives of the Human Resources department authorize
transactions that add employees to the payroll, change pay and
effect other key transactions. Therefore, human resource employees
must not have access to paycheck distribution, nor to timekeeping
or payroll functions. The Human Resource department must be
organizationally separate from the payroll office and payroll
functions. So having a representative of Human Resources distribute
paychecks would be a violation of the principal of segregation of
duties.
B. This would be an acceptable method of distributing paychecks,
as long as controls are in place to minimize the potential for
theft or fraudulent distribution of paychecks, such as payments
made to fictitiouis or terminated employees. The person who
distributes the checks should not also have authority to authorize
payroll checks. However, this is not the method from among those
given that provides for the best internal control for the
organization.
C. Direct deposit to each employee's personal bank account
provides the best internal control over distribution of paychecks.
It lessens the risk of damaged, lost or stolen payroll checks
because no checks
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 2
-
are distributed. The only thing distributed is a statement of
earnings. If earnings are deposited electronically into employees'
accounts, it is important that deposit records be reconciled to a
list of active employees at every pay date so that persons whose
employment has been terminated do not continue receiving payroll
deposits. Cancellation of direct deposit processing should be part
of employment termination procedures, and a terminated employee
should receive his or her final paycheck in the form of a physical
check instead of a direct deposit, as evidence of the direct
deposit cancellation.
D. The payroll manager has oversight over the processing and
production of the payroll. The function of payroll processing must
be segregated from the function of paycheck distribution.
Therefore, having the payroll manager distribute paychecks would be
a violation of the principle of segregation of duties.
Question 5 - CIA 595 I-12 - Risk Assessment, Controls and Risk
Management
ABC is a major retailer with over 52 department stores. The
marketing department is responsible forConducting marketing
surveys.Recommending locations for new store openings.Ordering
products and determining retail prices for the products.Developing
promotion and advertising for each line of products.Determining the
pricing of special sale items.
The marketing department has separate product managers for each
product line. Each product manager is given a purchasing budget by
the marketing manager. Product managers are not rotated among
product lines because of the need to acquire product knowledge and
to build relationships with vendors. A subsection of the department
does marketing surveys.
In addition to ordering and pricing, the product managers also
determine the timing and method of product delivery. Products are
delivered to a central distribution center where goods are
received, retail prices are marked on the product, and the goods
are segregated for distribution to stores.
Receiving documents are created by scanning in receipts; the
number of items scanned in are reconciled with the price tags
generated and attached to products. The average product spends
between 12 and 72 hours in the distribution center before being
loaded on trucks for delivery to each store. Receipts are recorded
at the distribution center, thus the company has not found the need
to maintain a receiving function at each store.
A control deficiency associated with the given scenario is
A. Evaluating product managers by total gross profit generated
by product line will lead to dysfunctional behavior.B. The product
manager negotiates the purchase price and sets the selling price.C.
There is no receiving function located at individual stores.D. The
store manager can require items to be closed out, thus affecting
the potential performance evaluation of individual product
managers.
A. Since product managers are responsible for negotiating
purchase prices and setting selling prices, it is appropriate that
they be evaluated according to gross profit generated by their
product lines. This establishes accountability.
B. Since product managers are evaluated on gross profit
generated by the product(s) they manage, it is appropriate that the
product managers negotiate the purchase prices and set the selling
prices.
C. There should be a receiving function at each individual store
to make sure that products shipped to the stores are received.
Items could get lost in transit or deliberately diverted by an
employee with knowledge that there was no check on the receipt of
items. The receiving reports from the individual stores should be
compared with shipping reports of items shipped to the stores to
detect any discrepancy.
D. Since many products are seasonal, it is appropriate that the
seasonal products be cleared out in a timely manner to make space
for the next season's products. For the company as a whole, this
practice will maximize profits.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 3
-
Question 6 - CMA 690 5-6 - Risk Assessment, Controls and Risk
Management
Marport Company is a manufacturing company that uses forms and
documents in its accounting information systems for record keeping
and internal control.
The departments in Marport's organization structure and their
primary responsibilities are:
Accounts Payable -- authorize payments and prepare
vouchers.Accounts Receivable -- maintain customer accounts.Billing
-- prepare invoices to customers for goods sold.Cashier -- maintain
a record of cash receipts and disbursements.Credit Department --
verify the credit rating of customers.Cost Accounting -- accumulate
manufacturing costs for all goods produced.Finished Goods Storeroom
-- maintain the physical inventory and related stock records of
finished goods.General Accounting -- maintain all records for the
company's general ledger.Internal Audit -- appraise and monitor
internal controls, as well as conduct operational and management
audits.Inventory Control -- maintain perpetual inventory records
for all manufacturing materials and supplies.Mailroom -- process
incoming, outgoing, and interdepartmental mail.Payroll -- compute
and prepare the company payroll.Personnel -- hire employees, as
well as maintain records on job positions and employees.Purchasing
-- place orders for materials and supplies.Production --
manufacture finished goods.Production Planning -- decide the types
and quantities of products to be produced.Receiving -- receive all
materials and supplies.Sales -- accept orders from
customers.Shipping -- ship goods to customers.Stores Control --
safeguard all materials and supplies until needed for
production.Timekeeping -- prepare and control time worked by hourly
employees.
The document that is the authorization to initiate the
manufacture of goods is referred to as a
A. Bill of materials.B. Raw materials requisition.C. Daily
production schedule.D. Production order.
A. A bill of materials is the list of component parts that go
into the manufacture of each item of finished goods. It is not an
authorization to initiate manufacturing.
B. The Production Department would request raw materials by
means of a raw materials requisition, but the raw materials
requisition would not authorize the initiation of
manufacturing.
C. The daily production schedule is used for production
planning. It is not an authorization to initiate manufacturing.
D. The Production Planning Department would use a Production
Order to authorize the Production Department to manufacture certain
items.
Question 7 - CIA 1185 II-20 - Risk Assessment, Controls and Risk
Management
Your objective is to determine that nonrecurring purchases,
initiated by various user organizations, have been properly
authorized. If all purchases are made through the purchasing
department, to which of the following documents would you vouch
purchases?
A. Receiving reports.B. Purchase orders.C. Purchase
requisitions.D. Invoices.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 4
-
A. A receiving report would not contain the user department's
authorization for a purchase.
B. A purchase order would not contain the user department's
authorization for a purchase.
C. The purchase requisition, properly approved, contains the
user department's authorization for a purchase.
D. An invoice would not contain the user department's
authorization for a purchase.
Question 8 - CIA 1192 II-20 - Risk Assessment, Controls and Risk
Management
An audit of the payroll function revealed several instances in
which a payroll clerk had added fictitious employees to the payroll
and deposited the checks in accounts of close relatives. What
control should have prevented such actions?
A. Allowing changes to the payroll to be authorized only by the
personnel department.B. Establishing a policy to deal with close
relatives working in the same department.C. Having the treasurer's
office sign payroll checks.D. Using time cards and attendance
records in the computation of employee gross earnings.
A. Only the personnel department should be authorized to make
changes to the payroll, while only the payroll department should
process payroll checks. Furthermore, to prevent an unauthorized
person from adding a name of a fictitious employee to the payroll,
payroll records should be reconciled with the active employee list
from the personnel department each payday.
B. Establishing a policy for the hiring of close relatives would
not prevent a payroll clerk from adding fictitious employees to the
payroll and keeping and depositing their paychecks.
C. Having the treasurer's office sign payroll checks would not
prevent a payroll clerk from adding fictitious employees to the
payroll and keeping and depositing their paychecks.
D. Using time cards and attendance records would not prevent a
payroll clerk from adding fictitious employees to the payroll and
keeping and depositing their paychecks.
Question 9 - CIA 1193 II-11 - Risk Assessment, Controls and Risk
Management
In an audit of a purchasing department, which of the following
ordinarily would be considered a risk factor?
A. There is a failure to rotate purchases among suppliers
included on an approved vendor list.B. Purchase specifications are
developed by the department requesting the material.C. Purchases
are made from parties related to buyers or other company
officials.D. Purchases are made against blanket or open purchase
orders for certain types of items.
A. Rotating purchases among approved suppliers is not a usual
control procedure, and therefore failure to rotate suppliers is not
a control risk. However, the use of an approved list of vendors is
appropriate because it helps to ensure quality of materials and
reliability of supplies.
B. The department requesting the material would be expected to
develop the purchase specifications, and thus this does not
represent a control risk.
C. Making purchases from related parties is a control risk
because the purchasing agent may have a conflict of interest.
D. When appropriate to do so, making purchases against blanket
or open purchase orders is not a control risk.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 5
-
Question 10 - CIA 590 I-9 - Risk Assessment, Controls and Risk
Management
Which of the following activities represents both an appropriate
personnel department function and a deterrent to payroll fraud?
A. Distribution of paychecks.B. Authorization of overtime.C.
Authorization of additions and deletions from the payroll.D.
Collection and retention of unclaimed paychecks.
A. The personnel department performs the authorization function.
Therefore, it should not also perform the custodial function of
distributing paychecks.
B. Overtime should be authorized by an employee's supervisor,
since he/she is in a position to know whether the employee actually
worked the overtime.
C. Authorization of additions to and deletions from the payroll
should come from the personnel department.
D. Collection and retention of unclaimed paychecks is a
custodial function, and it should not be performed by the personnel
department, which performs the authorization function.
Question 11 - CIA 587 II-24 - Risk Assessment, Controls and Risk
Management
One control objective of the financing/treasury cycle is the
proper authorization of company transactions dealing with debt and
equity instruments. Which of the following controls would best meet
this objective?
A. Use of an underwriter in all cases of new issue of debt or
equity instruments.B. The company serves as its own registrar and
transfer agent.C. Written company policies requiring review of
major funding/repayment proposals by the board of directors.D.
Separation of responsibility for custody of funds from recording of
the transaction.
A. Use of an underwriter for issuance of debt or equity
instruments is not a control that would meet the objective of
proper authorization of debt and equity transactions.
B. The company serving as its own registrar and transfer agent
is not a control that would meet the objective of proper
authorization of debt and equity transactions.
C. Proper authorization of company transactions relating to debt
and equity instruments would be met by a requirement that major
funding and repayment proposals be reviewed by the board of
directors. A policy of requiring this review is the first step,
although the policy also needs to be carried out.
D. Custody of funds relates to safeguarding of assets, not to
proper authorization of debt or equity transactions.
Question 12 - CIA 1192 II-16 - Risk Assessment, Controls and
Risk Management
To minimize the risk that agents in the purchasing department
will use their positions for personal gain, the organization
should
A. Direct the purchasing department to maintain records on
purchase prices paid, with review of such being required each 6
months.B. Request internal auditors to confirm selected purchases
and accounts payable.C. Specify that all items purchased must pass
value-per-unit-of-cost reviews.D. Rotate purchasing agent
assignments periodically.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 6
-
A. Reviewing records on purchase prices paid would not prevent
purchasing agents from using their positions for personal gain.
B. Requesting confirmation by auditors of selected purchases and
accounts payable would not prevent purchasing agents from using
their positions for personal gain.
C. Value-per-unit-of-cost reviews would not prevent purchasing
agents from using their positions for personal gain.
D. Rotating purchasing agent assignments periodically will limit
the risk of agents using their positions for personal gain, because
it will discourage long-term agent relationships with particular
vendors.
Question 13 - CPA 590 L-7 - Risk Assessment, Controls and Risk
Management
Absent a specific provision in its articles of incorporation, a
corporation's board of directors has the power to do all of the
following, except
A. Declare dividends.B. Merge the corporation with another
entity.C. Repeal the bylaws.D. Fix compensation of directors.
A. The board does have the power to declare dividends.
B. The power to merge the corporation with another entity
belongs to the shareholders.
C. The board does have the power to repeal the bylaws.
D. The board does have the power to fix compensation of
directors.
Question 14 - CIA 1190 II-8 - Risk Assessment, Controls and Risk
Management
An internal auditor found that employee time cards in one
department are not properly approved by the supervisor. Which of
the following could result?
A. The wrong hourly rate could be used to calculate gross pay.B.
Payroll checks might not be distributed to the appropriate
payees.C. Duplicate paychecks might be issued.D. Employees might be
paid for hours they did not work.
A. The wrong hourly rate would not be used to calculate gross
pay as a result of the supervisor failing to approve employee time
cards.
B. Payroll checks would not be distributed to the wrong
employees as a result of the supervisor failing to approve employee
time cards.
C. Duplicate paychecks would not be issued as a result of the
supervisor failing to approve employee time cards.
D. The approval of the supervisor on time cards of employees
supervised should prevent employees being paid for hours they did
not work.
Question 15 - CIA 1193 II-8 - Risk Assessment, Controls and Risk
Management
Corporate directors, management, external auditors, and internal
auditors all play important roles in creating a
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 7
-
proper control environment. Top management is primarily
responsible for
A. Implementing and monitoring controls designed by the board of
directors.B. Ensuring that external and internal auditors
adequately monitor the control environment.C. Establishing a proper
environment and specifying an overall internal control structure.D.
Reviewing the reliability and integrity of financial information
and the means used to collect and report such information.
A. Although the board of directors has oversight responsibility,
it is not the responsibility of the board of directors to design
the controls.
B. It is not the responsibility of external and internal
auditors to monitor the control environment. This is the
responsibility of management.
C. It is management's responsibility to establish the proper
control environment and to design an overall internal control
structure.
D. Whereas management is responsible for establishing the proper
control environment and designing an overall internal control
structure, it is the responsibility of internal auditing to review
the reliability and integrity of financial information and the
means used to collect and report such information.
Question 16 - CMA 685 3-17 - Risk Assessment, Controls and Risk
Management
One of the financial statement auditor's major concerns is to
ascertain whether internal control is designed to provide
reasonable assurance that
A. Profit margins are maximized, and operational efficiency is
optimized.B. The chief accounting officer reviews all accounting
transactions.C. Corporate morale problems are addressed immediately
and effectively.D. Financial reporting is reliable.
A. While it is important to maximize profits and optimize
operational efficiency, this is not one of a financial statement
auditor's major concerns.
B. It is not necessary that the chief accounting officer review
all accounting transactions. Therefore, this is not one of a
financial statement auditor's major concerns.
C. Corporate morale problems are not relevant to a financial
statement audit.
D. Internal control is a method, or process, that is carried out
by an entity's board of directors, management, and other personnel,
and designed to provide reasonable assurance that objectives in the
following four categories will be achieved: (1) effectiveness and
efficiency of operations; (2) reliability of financial reporting;
(3) compliance with applicable laws and regulations; and (4)
safeguarding of assets. The concerns of the financial statement
auditor will relate to no. 2, reliability of financial
reporting.
Question 17 - IMA 08-P1-106 - Risk Assessment, Controls and Risk
Management
A firm is constructing a risk analysis to quantify the exposure
of its data center to various types of threats. Which one of the
following situations would represent the highest annual loss
exposure after adjustment for insurance proceeds?
Frequency ofOccurrence (years) Loss
Amount Insurance
(% coverage)
I. 1 $ 15,000 85 II. 8 75,000 80
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 8
-
III. 20 200,000 80 IV. 100 400,000 50
A. IV.B. III.C. I.D. II.
A. The question asks for the highest annual loss exposure after
adjustment for insurance proceeds. The way to calculate that is to
(1) calculate the loss after insurance reimbursement for each
situation by multiplying the loss amount by (1 - insurance coverage
rate), and (2) divide each loss after reimbursement by the
frequency of occurrence in years to calculate the annual loss
amount for each.
B. The question asks for the highest annual loss exposure after
adjustment for insurance proceeds. The way to calculate that is to
(1) calculate the loss after insurance reimbursement for each
situation by multiplying the loss amount by (1 - insurance coverage
rate), and (2) divide each loss after reimbursement by the
frequency of occurrence in years to calculate the annual loss
amount for each.
C.
The question asks for the highest annual loss exposure after
adjustment for insurance proceeds. The way to calculate that is to
(1) calculate the loss after insurance reimbursement for each
situation by multiplying the loss amount by (1 - insurance coverage
rate), and (2) divide each loss after reimbursement by the
frequency of occurrence in years to calculate the annual loss
amount for each, as follows:
Frequency ofOccurrence (years) Loss
Amount Insurance
(% coverage) Loss AfterIns. Reimb.
AnnualLoss
I. 1 $ 15,000 85 $ 2,250 $2,250 II. 8 75,000 80 15,000 1,875
III. 20 200,000 80 40,000 2,000 IV. 100 400,000 50 200,000
2,000
The highest annual loss is I., with an annual loss of
$2,250.
D. The question asks for the highest annual loss exposure after
adjustment for insurance proceeds. The way to calculate that is to
(1) calculate the loss after insurance reimbursement for each
situation by multiplying the loss amount by (1 - insurance coverage
rate), and (2) divide each loss after reimbursement by the
frequency of occurrence in years to calculate the annual loss
amount for each.
Question 18 - CIA 1190 II-7 - Risk Assessment, Controls and Risk
Management
Which of the following features of a large manufacturer's
organizational structure is a control weakness?
A. The information systems department is headed by a vice
president who reports directly to the president.B. The controller
and treasurer report to the chief financial officer.C. The chief
financial officer is a vice president who reports to the chief
executive officer.D. The audit committee of the board consists of
the chief executive officer, the chief financial officer, and a
major shareholder.
A. It is appropriate for the vice president in charge of
information systems to report directly to the president.
B. It is appropriate for the controller and the treasurer to
report to the chief financial officer.
C. It is appropriate for the chief financial officer to report
to the chief executive officer.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 9
-
D. According to Sarbanes-Oxley, the audit committee must consist
of directors who are independent of management. Thus, the chief
executive officer and the chief financial officer may not be
included.
Question 19 - CIA 1195 I-16 - Risk Assessment, Controls and Risk
Management
A restaurant food chain has over 680 restaurants. All food
orders for each restaurant are required to be input into an
electronic device which records all food orders by food servers and
transmits the order to the kitchen for preparation. All food
servers are responsible for collecting cash for all their orders
and must turn in cash at the end of their shift equal to the sales
value of food ordered for their I.D. number. The manager then
reconciles the cash received for the day with the computerized
record of food orders generated. All differences are investigated
immediately by the restaurant. Corporate headquarters has
established monitoring controls to determine when an individual
restaurant might not be recording all its revenue and transmitting
the applicable cash to the corporate headquarters. Which one of the
following would be the best example of a monitoring control?
A. Cash is transmitted to corporate headquarters on a daily
basis.B. The restaurant manager reconciles the cash received with
the food orders recorded on the computer.C. All food orders must be
entered on the computer, and segregation of duties is maintained
between the food servers and the cooks.D. Management prepares a
detailed analysis of gross margin per store and investigates any
store that shows a significantly lower gross margin.
A. There are five interrelated components that comprise internal
control. They are: (1) control environment, (2) risk assessment,
(3) control activities, (4) information and communication, and (5)
monitoring. Monitoring is an activity of management. Monitoring
assesses the quality of the internal control system's performance
over time. Monitoring can be done in two ways: (1) through ongoing
monitoring during normal operations, and (2) separate evaluations
by management with the assistance of the internal audit function.
If monitoring is done regularly during normal operations, it
lessens the need for separate evaluations. Daily transmission of
cash to corporate headquarters is a control activity which serves
as an operational control.
B. There are five interrelated components that comprise internal
control. They are: (1) control environment, (2) risk assessment,
(3) control activities, (4) information and communication, and (5)
monitoring. Monitoring is an activity of management. Monitoring
assesses the quality of the internal control system's performance
over time. Monitoring can be done in two ways: (1) through ongoing
monitoring during normal operations, and (2) separate evaluations
by management with the assistance of the internal audit function.
If monitoring is done regularly during normal operations, it
lessens the need for separate evaluations. The manager's
reconciliation of cash received with food orders entered is a
control activity. A reconciliation is a detective control activity,
because it is intended to detect the occurrence of an unwanted
event. However, it does not represent a monitoring activity of
management.
C. There are five interrelated components that comprise internal
control. They are: (1) control environment, (2) risk assessment,
(3) control activities, (4) information and communication, and (5)
monitoring. Monitoring is an activity of management. Monitoring
assesses the quality of the internal control system's performance
over time. Monitoring can be done in two ways: (1) through ongoing
monitoring during normal operations, and (2) separate evaluations
by management with the assistance of the internal audit function.
If monitoring is done regularly during normal operations, it
lessens the need for separate evaluations. Segregation of duties is
a control activity which serves as a preventive control, because it
is intended to prevent the occurrence of an unwanted event.
Therefore, it does not represent a monitoring activity of
management.
D. There are five interrelated components that comprise internal
control. They are: (1) control environment, (2) risk assessment,
(3) control activities, (4) information and communication, and (5)
monitoring. Monitoring is an activity of management. Monitoring
assesses the quality of the internal control system's performance
over time. Monitoring can be done in two ways: (1) through ongoing
monitoring during normal operations, and (2) separate evaluations
by management with the assistance of the internal audit function.
If monitoring is done regularly during normal operations, it
lessens the need for separate evaluations. When management prepares
a detailed analysis of gross margin per store and investigates any
store that shows a significantly lower gross margin, it is
performing a monitoring activity.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 10
-
Question 20 - CPA 1194 A-26 - Risk Assessment, Controls and Risk
Management
Proper segregation of duties reduces the opportunities for
persons to be in positions to both
A. Journalize entries and prepare financial statements.B. Record
cash receipts and cash disbursements.C. Establish internal control
and authorize transactions.D. Perpetrate and conceal errors or
fraud.
A. It is appropriate for an accountant to prepare both journal
entries and financial statements.
B. The recordkeeping function includes recording both cash
receipts and cash disbursements. As long as the same person does
not perform both recordkeeping and authorization, custody, or
reconciliation responsibilities, segregation of duties is
maintained.
C. Management's responsibility is to establish internal control
policies and procedures. In addition, management has the authority
to authorize transactions. As long as the same person does not
perform both authorization of transactions and recordkeeping,
custody, or reconciliation responsibilities, segregation of duties
is maintained.
D. The purpose of segregation of duties is to prevent one person
from being able to both perpetrate and conceal a fraud or even an
error.
Question 21 - CIA 1187 I-43 - Risk Assessment, Controls and Risk
Management
Which of the following credit approval procedures would be the
basis for developing a deficiency finding for a wholesaler?
A. An authorized signature from the credit department, denoting
approval of the customer's credit, is to appear on all credit-sales
orders.B. Trade-credit standards are reviewed and approved by the
finance committee of the board of directors.C. Salespeople are
responsible for evaluating and monitoring the financial condition
of prospective and continuing customers.D. Customers not meeting
trade-credit standards are shipped merchandise on a
cash-on-delivery (C.O.D.) basis only.
A. Requiring an authorized signature from the credit department
denoting approval of the customer's credit is a control strength,
not the basis for a deficiency finding.
B. Having the finance committee of the board of directors review
and approve trade-credit standards is a control strength and would
not lead to a deficiency finding.
C. Salespeople should not be responsible for monitoring
customers' financial condition. Salespeople make contact with
customers and potential customers, make sales and provide customer
service where appropriate. If salespeople are responsible for
credit approval, their conflict of interest (desire to make the
sale) could lead to inappropriate approvals. There should be a
separate credit approval function.
D. Requiring customers who do not meet trade-credit standards to
purchase on a C.O.D. basis is a common procedure, not a basis for
developing a deficiency finding.
Question 22 - CIA 1187 I-10 - Risk Assessment, Controls and Risk
Management
The internal auditor recognizes that certain limitations are
inherent in any internal control system. Which one of the following
scenarios is the result of an inherent limitation of internal
control?
A. An employee, who is unable to read, is assigned custody of
the firm's computer tape library and run manuals that are used
during the third shift.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 11
-
B. The comptroller both makes and records cash deposits.C. The
firm sells to customers on account, without credit approval.D. A
security guard allows one of the warehouse employees to remove
company assets from the premises without authorization.
A. Assignment of an employee who is unable to read to a job
requiring reading is avoidable through adequate testing of
potential employees. Therefore, it is not an inherent limitation of
internal control.
B. This is not an inherent limitation of internal control,
because it could and should be avoided through adequate segregation
of duties.
C. This is not an inherent limitation of internal control,
because it could and should be avoided through adequate credit
approval of sales.
D. If two employees (the security guard and the warehouse
employee) collude to defraud their employer, a control based on
segregation of functions can be rendered ineffective. This is an
inherent limitation of internal control.
Question 23 - CMA 1290 4-22 - Risk Assessment, Controls and Risk
Management
The most critical aspect of separation of duties within
information systems (IS) is between
A. Programmers and computer operators.B. Management and users.C.
Programmers and systems analysts.D. Project leaders and
programmers.
A. Programmers are the individuals who write, test and document
the systems. Computer operators perform the actual operation of the
computers for processing the data. Computer operators should not
have programming functions and should not be able to program.
Programmers should not have access to the computers and programs
that are in actual use for processing. The most critical separation
of duties is between programmers and computer operators.
B. This is not the most critical aspect of separation of duties
with information systems.
C. This is not the most critical aspect of separation of duties
with information systems.
D. This is not the most critical aspect of separation of duties
with information systems.
Question 24 - CMA 1288 3-22 - Risk Assessment, Controls and Risk
Management
Internal control should follow certain basic principles to
achieve its objectives. One of these principles is the segregation
of functions. Which one of the following examples does not violate
the principle of segregation of functions?
A. The warehouse clerk, who has the custodial responsibility
over inventory in the warehouse, may authorize disposal of damaged
goods.B. The sales manager has the responsibility to approve credit
and the authority to write off accounts.C. The treasurer has the
authority to sign checks but gives the signature block to the
assistant treasurer to run the check-signing machine.D. The
department time clerk is given the undistributed payroll checks to
mail to absent employees.
A. The warehouse clerk, who has custodial responsibility over
inventory in the warehouse, should not also have authority to
authorize disposal of damaged goods. If the warehouse clerk did
have this authority, he/she could steal goods and cover it up by
authorizing disposal of the goods as damaged goods.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 12
-
B. The sales manager should not have authority to approve credit
or write off accounts. The sales manager could be tempted to
approve credit to a less-than-creditworthy customer in order to be
able to book more sales. And if a sales manager had authority to
approve credit and write off accounts, he/she could approve credit
to a phantom corporation, "sell" inventory to that corporation, and
then write off the debt as uncollectible. The sales manager has
access to inventory and thus performs a custodial function; so the
sales manager should not have authorization or recordkeeping duties
as well.
C. Check signing is a custodial function. By giving the
signature block to the assistant treasurer, the treasurer is
delegating the check-signing function. As long as neither the
treasurer nor the assistant treasurer performs the authorization,
recordkeeping, or reconciliation functions as well, there is no
violation of the principle of segregation of functions.
D. The department time clerk performs a recordkeeping function
whereas the mailing of checks to absent employees is a custodial
function. The two should not be performed by the same person.
Question 25 - CMA 693 4-4 - Risk Assessment, Controls and Risk
Management
Accounting controls are concerned with the safeguarding of
assets and the reliability of financial records. Consequently,
these controls are designed to provide reasonable assurance that
all of the following take place except
A. Compliance with methods and procedures ensuring operational
efficiency and adherence to managerial policies.B. Permitting
access to assets in accordance with management's authorization.C.
Executing transactions in accordance with management's general or
specific authorization.D. Comparing recorded assets with existing
assets at periodic intervals and taking appropriate action with
respect to differences.
A. Compliance with methods and procedures ensuring operational
efficiency and adherence to managerial policies is an objective of
operational control, not accounting control.
B. The safeguarding of assets and reliability of financial
records requires that management control who can have access to the
assets to be safeguarded.
C. The safeguarding of assets and reliability of financial
records requires that transactions be executed in accordance with
management's general or specific authorization.
D. The safeguarding of assets and reliability of financial
records requires that physical assets be compared with recorded
assets at periodic intervals, and that action be taken to resolve
any differences.
Question 26 - CIA 589 II-10 - Risk Assessment, Controls and Risk
Management
Which of the following observations, made during the preliminary
survey of a local department store's disbursement cycle, reflects a
control strength?
A. Individual department managers are responsible for the
movement of merchandise from the receiving dock to storage or sales
areas as appropriate.B. Individual department managers use
prenumbered forms to order merchandise from vendors.C. The
treasurer's office prepares checks for suppliers based on vouchers
prepared by the accounts payable department.D. The receiving
department is given a copy of the purchase order complete with a
description of goods, quantity ordered, and extended price for all
merchandise ordered.
A. Individual managers should not be responsible for the
movement of merchandise because the receiving department should
move the merchandise to a storage area.
B. Purchasing should not be done by individual department
managers. The individual department managers should
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 13
-
instead prepare purchase requisitions and send them to the
purchasing department, which should be responsible for issuing a
purchase order.
C. The treasurer's office should prepare vendor checks (the
custody function), while accounting for payables is a recording
function.
D. The copy of the purchase order that the receiving department
has should not include the quantity ordered or the unit or extended
prices. This enhances the probability that the receiving department
will submit the correct count.
Question 27 - CMA 1288 3-26 - Risk Assessment, Controls and Risk
Management
In a well-designed internal control structure where the cashier
receives remittances from the mail room, the cashier should not
A. Deposit remittances daily at a local bank.B. Prepare the bank
deposit slip.C. Post the receipts to the accounts receivable
subsidiary ledger cards.D. Endorse the checks.
A. The cashier keeps physical custody of the assets received,
and depositing remittances daily at a local bank is part of the
custody function.
B.
The cashier keeps physical custody of the assets received, and
preparing the bank deposit slip is part of the custody
function.
However, this would be true only for checks received, not for
cash. Remittances received from the mailroom should be only checks,
because cash would not be received through the mail. It would be
acceptable for the person receiving checks to immediately endorse
them with a restrictive endorsement and then to prepare the bank
deposit slip. It would not be appropriate for a person receiving
cash to also prepare the deposit slip, however, because it would be
very easy for that person to pocket some of the cash. There is much
more potential for fraud with cash than there is with checks.
C. The cashier keeps physical custody of the assets received,
and posting the receipts to the accounts receivable ledger cards is
a recordkeeping function, not a custody function. The person
performing the custody function should have no access to the
customer records. If that person did have access to customer
records, that person could perform a fraudulent activity called
"lapping." In lapping, an employee receives a cash payment on a
customer's account. Instead of applying the cash payment to that
customer's account, though, the employee pockets the cash. The
employee wuld then apply the next check that comes in on another
customer's account to the first customer's account instead of to
the correct customer's account; and apply a third customer's
payment to the second customer's account, and so forth. The
customers would see the amount they paid credited on their
accounts, but it would not be their payment that was being credited
to them. The employee could continue pocketing cash receipts like
that for some time.
D. It is appropriate for the person who receives checks as
remittances by mail to endorse the checks with a restrictive
endorsement. This should be done as soon as the checks are
received, to prevent them being negotiated by an unauthorized party
if they are stolen. A restrictive endorsement is an endorsement
stamp that says "For Deposit Only" and gives the name of the
account to which the check must be deposited.
Question 28 - CMA 1286 3-29 - Risk Assessment, Controls and Risk
Management
One characteristic of an effective internal control structure is
the proper segregation of duties. The combination of
responsibilities that would not be considered a violation of
segregation of functional responsibilities is
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 14
-
A. Timekeeping and preparation of payroll journal entries.B.
Approval of time cards and preparation of paychecks.C. Preparation
of paychecks and check distribution.D. Signing of paychecks and
custody of blank payroll checks.
A.
The rule in segregation of duties is that one person should not
be in a position to commit fraud and also to cover it up.
Timekeeping and preparation of payroll journal entries are two
duties that can be done by the same person. Preparation of payroll
journal entries is creating the entries to the accounting system
that are used to record the payroll. It does not involve writing
the payroll checks. So a person who records time for others can
also create the entries to record the payroll in the accounting
system, because there is nothing in those two duties that would
give that person any additional opportunity to commit fraud and
also cover it up.
B.
The rule in segregation of duties is that one person should not
be in a position to commit fraud and also to cover it up.
A person who approves time cards and also prepares the paychecks
could approve hours that an employee had not worked and then pay
that employee. No one else would be looking at the paychecks or the
backup to the paychecks. Therefore, the opportunity to commit fraud
would exist.
Furthermore, the following four functions must always be done by
different people: (1) Authorizing a transaction; (2) Recording the
transaction, preparing source documents, maintaining journals; (3)
Keeping physical custody of the related asset - for instance,
receiving checks in the mail; and (4) The periodic reconciliation
of the physical assets to the recorded amounts for those
assets.
In the example of the combination of approval of time cards and
preparation of paychecks, approval of time cards comes under the
classification of authorizing a transaction, whereas preparation of
paychecks is classified as recordkeeping. Thus, these two jobs
should be performed by different people.
C.
The rule in segregation of duties is that one person should not
be in a position to commit fraud and also to cover it up. If one
person were to prepare the paychecks and also distribute them, no
second person would have a chance to see them before they were
distributed. The opportunity would exist to commit fraud without
anyone noticing.
Furthermore, the following four functions must always be done by
different people: (1) Authorizing a transaction; (2) Recording the
transaction, preparing source documents, maintaining journals; (3)
Keeping physical custody of the related asset - for instance,
receiving checks in the mail; and (4) The periodic reconciliation
of the physical assets to the recorded amounts for those assets. In
the example of the combination of preparation of paychecks and
check distribution, payroll preparation is a recordkeeping
function, whereas the distribution of payroll checks is a custody
function. Thus, these two jobs should be performed by different
people.
D.
The rule in segregation of duties is that one person should not
be in a position to commit fraud and also to cover it up. If the
person who has custody of blank payroll checks has the authority to
sign paychecks, that person could write a check to anyone at all
and sign it, and no one else would see it.
Furthermore, the following four functions must always be done by
different people: (1) Authorizing a transaction; (2) Recording the
transaction, preparing source documents, maintaining journals; (3)
Keeping physical custody of the related asset - for instance,
receiving checks in the mail; and (4) The periodic reconciliation
of the physical assets to the recorded amounts for those assets. In
the example of the combination of signing paychecks and custody of
blank payroll checks, the custody of the payroll checks (which by
themselves are not assets) is a recordkeeping function, whereas the
signing of the payroll checks is a custodianship function. Thus,
these two jobs should be performed by different people.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 15
-
Question 29 - CIA 1186 I-6 - Risk Assessment, Controls and Risk
Management
A company has computerized sales and cash receipts journals. The
computer programs for these journals have been properly debugged.
The auditor discovered that the total of the accounts receivable
subsidiary accounts differs materially from the accounts receivable
control account. This could indicate
A. Statements being intercepted prior to mailing.B. Receivables
not being properly aged.C. Credit memoranda being improperly
recorded.D. Lapping of receivables.
A. Interception of customer statements might be a sign that
fraud is taking place, but it would not cause the subsidiary
accounts to not reconcile with the control account.
B. If receivables are being aged improperly, this would not
affect customer balances or the general ledger control account
balance.
C. If subsidiary accounts are being credited for returns but the
general ledger account is not being credited, this would cause
material differences between the total of the accounts receivable
subsidiary accounts and the accounts receivable control account.
This can occur easily if an incorrect procedure is being used to
record returns. The auditor should query the people who process the
credits to customers' accounts to find out what procedure is being
used and should investigate what accounting entries result from
that procedure.
D. Lapping of receivable would not result in a difference
between the subsidiary accounts and the general ledger control
account. Lapping of receivables occurs when an employee pockets a
payment received on one customer's account and then applies a
payment made by another customer to the first customer's account,
and on and on. If that is occurring, the total of the subsidiary
accounts will reconcile with the general ledger control account,
but they will both be incorrect because of the theft.
Question 30 - CMA 690 5-11 - Risk Assessment, Controls and Risk
Management
A bill of lading is a document that
A. Is used to transfer responsibility for goods between the
seller of goods and a common carrier.B. Reduces a customer's
account for goods returned to the seller.C. Is sent with the goods
giving a listing of the quantities of items included in the
shipment.D. Summarizes data relating to a disbursement and
represents final authorization for payment.
A. A bill of lading is a document that transfers possession of
goods from the seller to a common carrier.
B. The description is given is that of a credit memo, not a bill
of lading.
C. The description given is that of a packing slip, not a bill
of lading.
D. The description given is related to a payment order, not a
bill of lading.
Question 31 - CMA 1280 3-26 - Risk Assessment, Controls and Risk
Management
A major impact of the Foreign Corrupt Practices Act of 1977 is
that registrants subject to the Securities Exchange Act of 1934 are
now required to
A. Prepare financial statements in accord with international
accounting standards.B. Provide access to records by authorized
agencies of the federal government.C. Produce full, fair, and
accurate periodic reports on foreign commerce and/or foreign
political party affiliations.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 16
-
D. Keep records that reflect the transactions and dispositions
of assets and to maintain a system of internal accounting
controls.
A. The Foreign Corrupt Practices Act contains no such
provision.
B. The Foreign Corrupt Practices Act contains no such
provision.
C. The Foreign Corrupt Practices Act contains no such
provision.
D. The Foreign Corrupt Practices Act of 1977 (substantially
revised in 1988) was enacted in response to disclosures of
questionable payments that had been made by large companies. The
payments were either illegal political contributions or payments to
foreign officials that bordered on bribery. The FCPA makes it
illegal to offer or authorize corrupt political payments (bribes)
to any foreign official, foreign party chief or official or a
candidate for political office in a foreign country, or to make
corrupt payments through an intermediary while knowing that all or
part of the payment will go to a foreign official. The company must
ensure that all transactions are in accordance with management's
general, or specific, authorization and are recorded properly.
Corporate management is required to maintain books, records and
accounts that accurately and fairly reflect transactions and to
develop and maintain a system of internal accounting control. The
internal control requirements were included in the Act because of
the fundamental premise that effective internal control should
provide a deterrent to illegal payments.
Question 32 - CMA 1288 3-21 - Risk Assessment, Controls and Risk
Management
Which one of the following would be considered an accounting
control rather than an administrative control?
A. Marketing analysis of sales generated by advertising
projects.B. Maintenance of statistical production analyses.C.
Maintenance of control over unused checks.D. Timely reporting and
review of quality control results.
A. Although the marketing analysis of sales generated by
advertising projects is a control objective, it is not an
accounting control.
B. Although maintenance of statistical production analyses is a
control objective, it is not an accounting control.
C. Policies and procedures for maintenance of control over
unused checks are accounting controls because they relate to the
control objective of safeguarding cash.
D. Although quality control results and their timely reporting
and review are a control objective, they are not accounting
control.
Question 33 - CIA 1191 II-4 - Risk Assessment, Controls and Risk
Management
Which of the following is not an appropriate member of an audit
committee?
A. The organization's vice president of operations.B. An
academic specializing in business administration.C. A retired
executive of a firm that had been associated with the
organization.D. The vice president of the local bank used by the
organization.
A. The organization's vice president of operations is a member
of management and thus would not be independent.
B. An academic specializing in business administration would be
an independent director and would be an appropriate member of the
audit committee.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 17
-
C. A retired executive of a firm that had been associated with
the organization would be an independent director and would be an
appropriate member of the audit committee.
D. The vice president of the local bank would be an independent
director and would be an appropriate member of the audit
committee.
Question 34 - CIA 1191 I-12 - Risk Assessment, Controls and Risk
Management
The treasurer makes disbursements by check and reconciles the
monthly bank statements to accounting records. Which of the
following best describes the control impact of this
arrangement?
A. Internal control will be enhanced because these are duties
that the treasurer should perform.B. The treasurer will be in a
position to make and conceal unauthorized payments.C. The treasurer
will be able to make unauthorized adjustments to the cash
account.D. Controls will be enhanced because the treasurer will
have two opportunities to discover inappropriate disbursements.
A. The following four functions must always be done by different
people: (1) Authorizing a transaction; (2) Recording the
transaction, preparing source documents, maintaining journals; (3)
Keeping physical custody of the related asset - for instance,
receiving checks in the mail; and (4) The periodic reconciliation
of the physical assets to the recorded amounts for those assets. In
the example of the combination of making disbursements by check (a
custody function) and reconciling the checking account (a
reconciliation function), we have the treasurer performing two
duties that are not compatible.
B. The following four functions must always be done by different
people: (1) Authorizing a transaction; (2) Recording the
transaction, preparing source documents, maintaining journals; (3)
Keeping physical custody of the related asset - for instance,
receiving checks in the mail; and (4) The periodic reconciliation
of the physical assets to the recorded amounts for those assets.
Because the treasurer is performing two duties that are not
compatible, making disbursements by check (a custody function) and
reconciling the checking account (a reconciliation function), the
treasurer is in a position to make and conceal unauthorized
payments.
C. The question does not state that the treasurer has access to
the accounting records. Thus there is no basis for saying that the
treasurer would be able to make unauthorized adjustments to the
cash account.
D. The following four functions must always be done by different
people: (1) Authorizing a transaction; (2) Recording the
transaction, preparing source documents, maintaining journals; (3)
Keeping physical custody of the related asset - for instance,
receiving checks in the mail; and (4) The periodic reconciliation
of the physical assets to the recorded amounts for those assets.
Having the treasurer both make disbursements and reconcile the
checking account is a control weakness, not a control enhancement,
because the treasurer is in a position to both make and conceal
unauthorized payments.
Question 35 - CPA 1183 L-19 - Risk Assessment, Controls and Risk
Management
At their annual meeting, shareholders of the Bones Corp.
approved several proposals made by the board of directors. Among
them was the ratification of the salaries of the executives of the
corporation. In this connection, which of the following is
correct?
A. The action by the shareholders serves the purpose of
confirming the board's action.B. Such ratification by the
shareholders is required as a matter of law.C. The shareholders
cannot legally ratify the compensation paid to director-officers.D.
The salaries ratified are automatically valid for federal income
tax purposes.
A. The board of directors has the power to set executive
salaries, and shareholder ratification is not required. Shareholder
ratification is equivalent to the shareholders having merely
confirmed the board's action.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 18
-
B. Usually shareholder ratification of executive salaries is not
required, unless the corporation's articles of incorporation or
bylaws require it.
C. If the corporation's articles of incorporation or bylaws
require ratification by shareholders of executive compensation,
then it is not only legal but required to obtain it.
D. If the IRS decides that executive salaries are excessive, the
company may not be able to deduct the excessive compensation for
federal income tax purposes. Ratification by the shareholders does
not change that.
Question 36 - CMA 690 5-1 - Risk Assessment, Controls and Risk
Management
Marport Company is a manufacturing company that uses forms and
documents in its accounting information systems for record keeping
and internal control.
The departments in Marport's organization structure and their
primary responsibilities are:
Accounts Payable -- authorize payments and prepare
vouchers.Accounts Receivable -- maintain customer accounts.Billing
-- prepare invoices to customers for goods sold.Cashier -- maintain
a record of cash receipts and disbursements.Credit Department --
verify the credit rating of customers.Cost Accounting -- accumulate
manufacturing costs for all goods produced.Finished Goods Storeroom
-- maintain the physical inventory and related stock records of
finished goods.General Accounting -- maintain all records for the
company's general ledger.Internal Audit -- appraise and monitor
internal controls, as well as conduct operational and management
audits.Inventory Control -- maintain perpetual inventory records
for all manufacturing materials and supplies.Mailroom -- process
incoming, outgoing, and interdepartmental mail.Payroll -- compute
and prepare the company payroll.Personnel -- hire employees, as
well as maintain records on job positions and employees.Purchasing
-- place orders for materials and supplies.Production --
manufacture finished goods.Production Planning -- decide the types
and quantities of products to be produced.Receiving -- receive all
materials and supplies.Sales -- accept orders from
customers.Shipping -- ship goods to customers.Stores Control --
safeguard all materials and supplies until needed for
production.Timekeeping -- prepare and control time worked by hourly
employees.
The initiation of the purchase of materials and supplies would
be the responsibility of the
A. Inventory Control Department.B. Production Department.C.
Stores Control Department.D. Purchasing Department.
A. The Inventory Control Department maintains perpetual
inventory records for all manufacturing materials and supplies.
Therefore, it would be in a position to know when supplies are
getting low and would be responsible for initiating a purchase
requisition.
B. The Production Department manufactures the goods, obtaining
its materials from the Stores Control Department. It does not
initiate requests for purchases.
C. Stores Control safeguards the materials and supplies until
they are needed for production. They do not maintain inventory
records or initiate purchase requisitions.
D. The Purchasing Department places orders, but they do not
initiate them. Orders are initiated and authorized by others.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 19
-
Question 37 - CIA 1190 I-10 - Risk Assessment, Controls and Risk
Management
Which of the following controls would be the most appropriate
means to ensure that terminated employees had been removed from the
payroll?
A. Establishing direct-deposit procedures with employees'
banks.B. Mailing checks to employees' residences.C. Establishing
computerized limit checks on payroll rates.D. Reconciling payroll
and time-keeping records.
A. Establishing direct-deposit procedures with employees' banks
does nothing to verify whether all the paychecks are valid. Using
this procedure, terminated employees who had not been removed from
the payroll would continue to receive paychecks.
B. Mailing checks to employees' homes does nothing to verify
whether all the paychecks are valid. Using this procedure,
terminated employees who had not been removed from the payroll
would continue to receive paychecks.
C. This procedure would detect excessive pay to current
employees but not inappropriate pay to terminated employees.
D. If an employee has been terminated but the employee has not
been removed from the payroll, a reconciliation of payroll records
with time-keeping records should detect it.
Question 38 - CMA 689 3-15 - Risk Assessment, Controls and Risk
Management
Which one of the following situations represents an internal
control weakness in accounts receivable?
A. Internal auditors confirm customer accounts periodically.B.
Delinquent accounts are reviewed only by the sales manager.C.
Customers' statements are mailed monthly by the accounts receivable
department.D. The cashier is denied access to customers' records
and monthly statements.
A. Confirming customer account balances periodically is an
important internal control procedure.
B. If delinquent accounts are reviewed only by the sales
manager, this is an internal control weakness. The sales manager
may have a conflict of interest, not wanting to report an account
as delinquent if it means additional sales cannot be made to that
customer. Delinquent accounts should be reviewed regularly by the
credit manager and the accounts receivable manager.
C. This is not an internal control weakness. Customer statements
should be mailed monthly by the accounts receivable department.
D. This is not an internal control weakness but is an important
segregation of duties.
Question 39 - CMA 689 3-17 - Risk Assessment, Controls and Risk
Management
Which one of the following situations represents a strength of
internal control for purchasing and accounts payable?
A. Prenumbered receiving reports are issued randomly.B. Invoices
are approved for payment by the purchasing department.C. Vendors'
invoices are matched against purchase orders and receiving reports
before a liability is recorded.D. Unmatched receiving reports are
reviewed on an annual basis.
A. Receiving reports should be prenumbered and should be issued
sequentially, not randomly, so that a missing
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 20
-
report or a report out of sequence can be investigated.
B. The purchasing department should not approve invoices for
payment. The accounts payable department should approve invoices
for payment, based on a review of all the supporting documentation
which includes the purchase requisition, the purchase order, and
the receiving report/packing slip.
C. Vendor's invoices should be matched against purchase
requisitions, purchase orders, and receiving reports before any
liability is recorded. When the payment has been approved, the
accounts payable department should prepare a voucher, which is an
internal document that is the authorization for payment.
D. Unmatched receiving reports should be reviewed more
frequently than annually.
Question 40 - CMA 1288 3-23 - Risk Assessment, Controls and Risk
Management
In a well designed internal control system, two tasks that
should be performed by different persons are
A. Recording of cash receipts and preparation of bank
reconciliations.B. Distribution of payroll checks and approval of
sales returns for credit.C. Approval of bad debt write-offs, and
reconciliation of the accounts payable subsidiary ledger and
controlling account.D. Posting of amounts from both the cash
receipts journal and cash payments journal to the general
ledger.
A. Recording of cash receipts is a recordkeeping function and
preparation of bank reconciliations is a reconciliation function.
If the same person were to perform both functions, that person
could misappropriate cash payments and conceal the misappropriation
by falsifying the reconciliation.
B. Even though distribution of payroll checks is a custodial
function and approval of sales returns is an authorization
function, since the two functions are unrelated, there is no
incompatibility between them.
C. Since approval of bad debt write-offs is an accounts
receivable authorization function and reconciliation of accounts
payable is an accounts payable reconciliation function, there is no
incompatibility between the two functions.
D. Posting to the general ledger is a recordkeeping function,
and the fact that posting is done for both cash receipts and cash
payments does not create an incompatibility, since they are
different functions.
Question 41 - CIA 1190 II-9 - Risk Assessment, Controls and Risk
Management
Which of the following controls would most likely minimize
defects in finished goods because of poor quality raw
materials?
A. Proper handling of work-in-process inventory to prevent
damage.B. Timely follow-up on unfavorable usage variances.C.
Implementation of specifications for purchases.D. Determination of
spoilage at the end of the manufacturing process.
A. While proper handling of work-in-process inventory is
important, this will not ensure that raw materials are not of poor
quality, and it will not minimize defects caused by poor quality
raw materials.
B. Timely follow-up on unfavorable usage variances is at best a
detective control, which may identify poor quality materials that
may be causing unfavorable usage variances. It will not minimize
defects caused by the poor quality raw materials.
C. Developing and implementing specifications for purchases of
raw materials is a preventive control, as it should limit the
purchase of defective raw materials.
D. Determination of spoilage after production is complete will
not minimize defects caused by poor quality raw
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 21
-
materials. It is at best a detective control.
Question 42 - CMA 1287 5-17 - Risk Assessment, Controls and Risk
Management
The reporting of accounting information plays a central role in
the regulation of business operations. The importance of sound
internal control practices is underscored by the Foreign Corrupt
Practices Act of 1977 which requires publicly owned U.S.
corporations to maintain systems of internal control that meet
certain minimum standards. Preventive controls are an integral part
of virtually all accounting processing systems, and much of the
information generated by the accounting system is used for
preventive control purposes. Which one of the following is not an
essential element of a sound preventive control system?
A. Implementation of state-of-the-art software and hardware.B.
Sound personnel practices.C. Documentation of policies and
procedures.D. Separation of responsibilities for the recording,
custodial, and authorization functions.
A. Implementation of state-of-the-art software and hardware is
not necessary for an organization to have a sound control
system.
B. Sound personnel practices contribute to sound control
systems. Organizations with effective control environments transmit
guidance to their employees both verbally and by example,
communicating the entity's values, standards and code of conduct;
and they follow up on violations. There are mechanisms to encourage
employee reporting of suspected violations, and disciplinary
actions are taken when employees fail to report them. Formal and
clearly communicated policies and procedures that result in shared
values and teamwork are followed at all times, without exception.
The competence level needed for particular jobs is specified,
competent people are hired and retained, and authority and
responsibility are appropriately assigned. Internal control is an
explicit or implicit part of everyone's job description, and all
individuals in the organization realize that they will be held
accountable.
C. Documented policies and procedures are an important part of a
sound control system. Formal and clearly communicated policies and
procedures that result in shared values and teamwork should be
followed at all times, without exception.
D. Separation of responsibilities for the recording, custodial,
and authorization functions is an essential element of a sound
preventive control system, because without such separation of
responsibilities, a person could commit a fraud and conceal it.
Question 43 - CIA 1189 I-10 - Risk Assessment, Controls and Risk
Management
Which of the following describes the most effective preventive
control to ensure proper handling of cash receipt transactions?
A. The employee who receives customer mail receipts prepares the
daily bank deposit, which is then deposited by another employee.B.
Bank reconciliations are prepared by an employee not involved with
cash collections and then are reviewed by a supervisor.C. One
employee issues a prenumbered receipt for all cash collections;
another employee reconciles the daily total of prenumbered receipts
to the bank deposits.D. Predetermined totals (hash totals) of cash
receipts are used to control posting routines.
A. The person who receives customer receipts should prepare a
list of them. The person who prepares the bank deposit should be a
different person, and that person should prepare an independent
list.
B. A bank reconciliation is a detective control, not a
preventive control.
C. It is important to establish accountability for cash received
at the earliest possible point. Use of prenumbered receipts assures
that all receipts are accounted for, and having a different
employee do the
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 22
-
reconciliation is an additional control against misappropriation
of funds.
D. Hash totals are control totals used in processing to ensure
that data has not been changed during the processing, not cash
custody controls.
Question 44 - CIA 1192 I-18 - Risk Assessment, Controls and Risk
Management
Controls can be classified according to the function they are
intended to perform; for example, to discover the occurrence of an
unwanted event (detective), to avoid the occurrence of an unwanted
event (preventive), or to ensure the occurrence of a desirable
event (directive). Which of the following is a directive
control?
A. Requiring all members of the internal auditing department to
be CIAs.B. Monthly bank statement reconciliations.C. Dual
signatures on all disbursements over a specific dollar amount.D.
Recording every transaction on the day it occurs.
A. Requiring all members of the internal auditing department to
be CIAs is a directive control. It increases the probability that
the internal auditors will have the requisite knowledge, experience
and professionalism to perform their jobs.
B. Monthly bank statement reconciliations are detective
controls, not directive controls. A bank reconciliation is used to
detect errors on either the accountholder's part or on the bank's
part after they have occurred.
C. Requiring dual signatures on all disbursements over a
specific dollar amount is a preventive control.
D. Recording every transaction on the day it occurs is a
preventive control.
Question 45 - CIA 1186 I-7 - Risk Assessment, Controls and Risk
Management
An auditor noted that the accounts receivable department is
separate from other accounting activities. Credit is approved by a
separate credit department. Control accounts and subsidiary ledgers
are balanced monthly. Similarly, accounts are aged monthly. The
accounts receivable manager writes off delinquent accounts after 1
year, or sooner if a bankruptcy or other unusual circumstances are
involved. Credit memoranda are prenumbered and must correlate with
receiving reports. Which of the following areas could be viewed as
an internal control weakness of the above organization?
A. Monthly aging of receivables.B. Write-offs of delinquent
accounts.C. Handling of credit memos.D. Credit approvals.
A. Monthly aging of receivable is not a control weakness but is
an appropriate control procedure.
B. If the accounts receivable manager is both approving the
write-offs of delinquent accounts and performing the write-off,
this is a weakness in internal control. The person who authorizes a
transaction should be different from the person who records the
transaction.
C. The controls on credit memoranda are appropriate. The credit
memoranda are prenumbered and also there is a procedure in place to
verify that the goods being credited to the customer were in fact
received back from the customer.
D. Credit is approved by a separate credit department, which is
appropriate segregation of duties.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 23
-
Question 46 - CMA 690 3-25 - Risk Assessment, Controls and Risk
Management
Auditors document their understanding of internal control with
questionnaires, flowcharts, and narrative descriptions. A
questionnaire consists of a series of questions concerning controls
that auditors consider necessary to prevent or detect errors and
irregularities. The most appropriate question designed to
contribute to the auditors' understanding of the completeness of
the expenditure cycle would concern the
A. Use and accountability of prenumbered checks.B.
Qualifications of accounting personnel.C. Disposition of cash
receipts.D. Internal verification of quantities, prices, and
mathematical accuracy of sales invoices.
A. In understanding the completeness of the expenditure cycle,
the auditor is interested in whether all the transactions have been
recorded. If prenumbered checks are used sequentially, a gap in
check numbers would be something for the auditor to investigate,
because it may mean that there are unrecorded transactions.
B. Qualifications of accounting personnel are unrelated to the
controls over the expenditure cycle.
C. Cash receipts are unrelated to the expenditure cycle and can
contribute nothing to the auditors' understanding of the
completeness of the expenditure cycle.
D. Verification of sales invoices will not contribute to an
understanding of the completeness of the expenditure cycle, because
sales invoices are part of the revenue cycle.
Question 47 - CMA 686 3-20 - Risk Assessment, Controls and Risk
Management
The procedure that would best discourage the resubmission of
vendor invoices after they have been paid is
A. The cancellation of vouchers by treasurer personnel.B. A
requirement for double endorsement of checks.C. The cancellation of
vouchers by accounting personnel.D. The mailing of payments
directly to payees by accounting personnel.
A. The voucher and all supporting documents should be cancelled
by personnel in the treasurer's office at the time the check is
signed. This will prevent the documents from being resubmitted for
duplicate payment.
B. Requiring two signatures on a check would not prevent
resubmission and double paying of vendor invoices after they have
been paid.
C. Cancellation of vouchers should not take place until the
check in payment of the invoice has been signed.
D. The account payable personnel should not have access to
checks after they have been signed.
Question 48 - CIA 1193 I-12 - Risk Assessment, Controls and Risk
Management
An audit of the receiving function at the company's distribution
center revealed inadequate control over receipts. Which of the
following controls would be appropriate for the receiving
function?
A. Require that all receipts receive the approval of the
warehouse manager.B. To ensure adequate separation of duties, the
warehouse receiving clerk should work independently from the
warehouse manager.C. Ensure that the warehouse receiving department
has a true copy of the original purchase order.D. Ensure that the
warehouse receiving department has a purchase order copy with the
units described, but both prices and quantities omitted.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 24
-
A. Shipment receipts should be backed up by authorized purchase
orders, not the warehouse manager's approval.
B. Having the receiving clerk work independently of the
warehouse manager is not a control but is in fact a risk, because
the clerk would be working without supervision.
C. The warehouse receiving department should have a copy of the
purchase order, but its copy should not include prices and
quantities.
D. The receiving clerk should have access to authorized purchase
orders in order to make sure that only authorized shipments are
accepted. Prices and quantities should not appear on this copy in
order to increase the likelihood that the count of received items
will be accurate.
Question 49 - CIA 1195 I-67 - Risk Assessment, Controls and Risk
Management
Internal auditors regularly evaluate controls and control
procedures. Which of the following best describes the concept of
control as recognized by internal auditors?
A. Control represents specific procedures that accountants and
auditors design to ensure the correctness of processing.B.
Management takes action to enhance the likelihood that established
goals and objectives will be achieved.C. Control procedures should
be designed from the "bottom up" to ensure attention to detail.D.
Management regularly discharges personnel who do not perform up to
expectations.
A. Control encompasses much more than controls designed to
ensure the correctness of processing. Furthermore, control is
designed and instituted by management, not by accountants or
auditors.
B. A control is any action taken by management to enhance the
likelihood that established goals and objectives will be
achieved.
C. While control procedures may be designed from the bottom up,
the concept of control flows from the top down.
D. This is not the definition of a control.
Question 50 - CIA 594 P4 Q8 - Risk Assessment, Controls and Risk
Management
On January 1, a company establishes a petty cash account and
designates one employee as petty cash custodian. The original
amount included in the petty cash fund is $500, and it will be used
to make small cash disbursements. The fund will be replenished on
the first of each month, after the petty cash custodian presents
receipts for disbursements to the general cashier. The following
disbursements are made in January. The balance in the petty cash
box at the end of January is $163.
Office supplies: $173Postage: $112Entertainment: $42
Who is responsible, at all times, for the amount of the petty
cash fund?
A. The general cashier.B. The petty cash custodian.C. The
general office manager.D. The president of the company.
A. The general cashier should not be responsible for petty
cash.
B. The petty cash custodian should be responsible for petty
cash.
Part 1 : 07/28/10 08:58:14
(c) HOCK international, page 25
-
C. The general office manager should not be responsible for
petty cash.
D. The president of the company should not be responsible for
petty cash.
Question 51 - CPA 594 A-33 - Risk Assessment, Controls and Risk
Management
Which of the following controls most likely would be used to
maintain accurate inventory records?
A. Periodic inventory counts are used to adjust the perpetual
inventory records.B. Requisitions, receiving reports, and purchase
orders are independently matched before payment is approved.C.
Perpetual inventory records are periodically compared with the
current cost of individual inventory items.D. A just-in-time
inventory ordering system keeps inventory levels to a desired
minimum.
A. Periodic inventory counts, independently arrived at, should
be periodically compared with perpetual inventory records, and if
there any differences, the perpetual inventory record should be
adjusted.
B. While matching backup documents to invoices before paying the
invoices is important, this does nothing to confirm that the
quantity of each individual item on hand matches the count
according to the perpetual inventory system.
C. Comparing perpetual inventory records with the current cost
of individual inventory items does nothing to confirm that the
quantity of each individual inventory item on hand matches the
count according to the perpetual inventory system.
D. Just-in-time inventory ordering may be used to keep inventory
levels to a desired minimum; however, it does nothing to confirm
that the quantity of each individual item on hand matches the count
according to the perpetual inventory system.
Question 52 - CIA 591 I-23 - Risk Assessment, Controls and Risk
Management
A means of ensuring that payroll checks are drawn for properly
authorized amounts is to
A. Require supervisory approval of employee time cards.B.
Require that undelivered checks be returned to the cashier.C.
Witness the distribution of payroll checks.D. Conduct periodic
floor verification of employees on the payroll.
A. It is appropriate to require supervisory approval of employee
time cards, because supervisors are in a position to know whether
their employees' time is being reported accurately.
B. While requiring undelivered checks to be returned to the
cashier is a good control procedure, it does nothing to ensure that
the payroll checks are for the proper amounts.
C. Witnessing the distribution of payroll checks does not ensure
that the payroll checks are for the correct amounts.
D. While conducting periodic floor verification of employees on
the payroll will confirm that the employees exist, it would do
nothing to ensure that their payroll checks are drawn for properly
authorized am