11) Risk management should A) Focus on loss minimization only B) Not be an objective by itself...
Question:
11) Risk management should
A) Focus on loss minimization only
B) Not be an objective by itself
C) Be driven by internal audit
D) Be rules-based so it is the same throughout the organization
E) Should be software driven
12) What is typically the weakest link in internal controls?
A) Technology
B) The human elements
C) Lack of funding
D) Lack of a risk assessment
E) No internal audit department
13) Which of the following is not likely to cause a system of internal controls to become ineffective?
A) Mergers and acquisitions
B) Implementation of new technologies
C) Hiring a new external audit firm regulated by the PCAOB
D) Outsourcing business functions
E) All of the above
14) Risk appetite
A) Can be different for compliance vs. strategic objectives
B) Is the same as an organization’s risk tolerance
C) Is strictly a quantitative measure
D) Tends to be the same for all companies in the same industry
E) Does not change over time
15) Separation of duties controls for application systems are typically applied by
A) IT governance
B) Physical security
C) Logging
D) Access security
E) System software
Ethical Obligations and Decision Making in Accounting Text and Cases
ISBN: 978-0077862213
3rd edition
Authors: Steven Mintz, Roselyn Morris