MULTIPLE CHOICE QUESTIONS

Part A- Multiple- Choice Questions

Highlight or Circle the most appropriate response

1. Internal controls are designed to provide reasonable assurance that: a. Management's planning, organizing, and directing process are properly evaluated. b. Material errors or irregularities would be prevented or detected and corrected within a timely period by employees in the course of performing their assigned duties. c. Management's plans have not been circumvented by worker collusion.

d. The internal audit department's guidance and oversight of management's performance is accomplished economically and efficiently.

1. A disbursement system that uses wire, telephone, or computer to transfer cash from one location to another is called a(n):

a. automated system.

b. electronic funds transfer system.

c. internal system.

d. docket system.

1. Proper segregation of functional responsibilities calls for separation of the

a. Authorization, approval and execution functions.

b. Authorization, execution and payment functions.

c. Receiving, shipping and custodial functions.

d. Authorization, recording and custodial functions.

1. Which of the following is the basis for providing authorization and access to employees in an enterprise?

a. Organization structure

b. Nature of Business process

c. Type of technology

d. Style of management

1. The primary objectives for auditing IT change management is to ensure that:

a. Only approved changes were made

b. All changes are documented

c. Change control procedure variances are recorded and counted

d. Latest version of software is used

1. A requirement that information and programs are changed only in a specified and authorized manner is called:

a. Confidentiality

b. Viability

c. System integrity

d. Data integrity

1. A firewall is a system for:

a. Enforcing an access control policy

b. Preventing viruses

c. Preventing intruders

d. Assisting auditors

1. To business organizations, the term 'stakeholder' means which of the following?

a. All those parties which the company does business with

b. All those interested in working for the company

c. All those who have an interest in the company

d. Shareholders of the company

1. A company's labour distribution report requires extensive correction each month because of labour hours charged to inactive jobs. Which of the following input controls appears to be missing?

a. Completeness test

b. Limit check

c. Validity test

d. Control total

1. Which of the following statements is correct concerning materiality in a financialstatement audit? Analytical procedures performed during an audit's review stage usually decrease materiality levels. If the materiality amount used in evaluating audit findings increases from the amount used in planning, the auditor should apply additional substantive tests. The auditor's materiality judgments generally involve quantitative, but notqualitative, considerations. Materiality levels are generally considered in terms of the smallest aggregate level of misstatement that could be considered material to any one of the financial statements.

1. At the conclusion of an audit, an auditor is reviewing the evidence gathered in support of the financial statements. With regard to the valuation of inventory, the auditor concludes that the evidence obtained is not sufficient to support management's representations. Which of the following actions is the auditor most likely to take?

a. Consult with the audit committee and issue a disclaimer of opinion.

b. Consult with the audit committee and issue a qualified opinion.

c. Obtain additional evidence regarding the valuation of inventory.

d. Obtain a statement from management supporting their inventory valuation.

1. An audit supervisor reviewed the work performed by the staff to determine if the audit was adequately performed. The supervisor accomplished this by primarily reviewing which of the following?

a. Checklists.

b. Working papers.

c. Analytical procedures.

d. Financial statements.

1. When companies use information technology (IT) extensively, evidence may be available only in electronic form. What is an auditor's best course of action in such situations?

a. Assess the control risk as high.

b. Use audit software to perform analytical procedures.

c. Use generalized audit software to extract evidence from client databases.

d. Perform limited tests of controls over electronic data.

1. The ultimate purpose of assessing control risk is to contribute to the auditor's evaluation of the risk that:

a. Specific internal control activities are notoperating as designed.

b. The collective effect of the control environment may notachieve the control objectives.

c. Tests of controls may fail to identify activities relevant to assertions.

d. Material misstatements may exist in the financial statements.

1. Which of the following is not a part of application control in EDP environment?
2. Input controls
3. Processing controls
4. Output controls
5. Checking controls

Part B- Short-Answer Questions

1. Write short note on following:
   1. Segregation of duties
   2. Internal audit
   3. Error of omission

1. What is Corporate Governance? Why do you think it is essential for financial service industries?
2. Why do you think it is important to identify corporate governance requirements of the business you are working for? List some of the principles of corporate governance set out by ASX.
3. It is said internal control may fail due to inherent limitations. Identify any four weaknesses of internal control.
4. Identify the potential benefits of Information Technology to internal control.
5. Identify the three major documentation techniques of monitoring internal control.
6. Why do not- for -profit organizations require independent audits even if they are not obliged to do so?
7. Identify components of general purpose financial statements prescribed by AASB financial reporting standards.
8. Who are the stakeholders of an organization? List them.
9. Case Study:

On a warm day in early February 2015, a key member ("Adam") of the executive team of ABC company sat in his office, preparing a routine travel expense reimbursement request form, attaching documentation in support of the costs of the air ticket portion of his planned trip, which he had purportedly booked recently and paid for using his personal credit card.

After signing the form, Adam walked to the office of the Chief Financial Officer ("CFO") to ask for his approval of the requested reimbursement. The CFO, who knew Adam well and had worked with him at a previous company, probably engaged in social conversation. He must have quickly glanced at the documents, not bothering to inspect them or review the total cost of the trip. The CFO initialled the form and gave it back to Adam who then went to see Peter, the accounts payable clerk with whom he had also worked at the prior company. He wanted Peter to process his travel expense reimbursement request and approve the EFT transfer of $7,500 into his personal bank account. Peter, who also worked with Adam at the prior company, was only too happy to assist him with what he must have considered a routine task. It's likely that he paid no attention to any of the details connected with the travel expense reimbursement request. Peter immediately initiated the EFT transfer, filed the documents into Adam's folder for his trip and then moved on to the rest of his busy day.

The documentation in the case comprised an airline travel itinerary for an international destination, but did not include invoices for hotel accommodations and receipts for transportation and other incidental expenses because the trip had not yet taken place. The total requested reimbursement was $7,500. Adam was pleased to receive the reimbursement but fraud has occurred.

Later, during external audit the fraud has been detected and as part of the findings of the investigation, the organization's Employee Handbook requires that all travel be arranged through the organization's travel agent and paid for by the organization directly, whereas in this case it is clear that the company policy was not been adhered.

Adam was terminated for cause and made restitution (reimbursement) for the money claimed from the organization. The former CFO has agreed to repay some of the money owed and the balance is being negotiated. The organization has taken a number of steps towards improvement of its internal systems and has begun to recognize the events that have occurred as a learning experience.

Based on above case study answer the followings:

1. What kind of fraud happened in the above case?

2. How and where were there breakdowns in internal controls?

3. What internal control systems and mechanism would you have taken/applied in above situation to prevent the above fraud in an organization?