Need Help in selecting each correct answerto multiple choce to questions as follows:

1. Which of the following statements about internal control is incorrect, based on the COSO framework? a. Internal controls starts with a strong set of policies and procedures. b. Risk assessment and control activities are two of the compoments of the COSO model. . c. Internal control can be expected to provide only reasonable assurance that business objectives will be achieved. d. Monitoring of a companys internal controls are acoomplished with ongoing supervision and independent reviews. 2. Which of the following are strategies that an organization can use to respond to risk? I. Controlling it II. Accepting it III. Transferring it IV. Avoiding it a. I, II and III only b. I, III and IV only c. I, II, and IV only d. I and III only e. All four are valid strategies 3. When a senior manager accepts a level of residual risk that the CAE believes is unacceptable to the organization, the CAE should: a. Report the unacceptable risk level to the chairman of the audit committee and the external audit partner. b. Resign from his/her job c. Discuss the matter with other knowledgeable members of senior management and if not resolved take it to the audit committee. d. Notify the appropriate regulatory agency. e. Accept senior managements position because it establishes the risk appetite for the organization. 4. Which of the following statements is not true regarding the Sarbanes Oxley Act for public companies? a. Requires companies to publicly report on its financial reporting controls b. Requires public company to disclose wthether its audit committee has a member that is a financial expert c. Requires its internal auditors to test financial reporting controls. d. Requires their external auditors to assess the companys financial reporting controls 5. As defined by COSO, which of the following are considered to be part of an organizations control environment? I. Establishing control consciousness within the organization II. Setting realistic goals and objectives III. Assigning authority and responsibility IV. Distributing a written code of conduct a. Only II and III are correct b. Only III and IV are correct c. Only I, II, and III are correct d. I, II, III and IV are correct 6. Which of the following statements is not true about business objectives? a. Business objectives represent targets of performance b. Establishment of meaningful business objectives is a prerequisite to effective internal control. c. Establishing meaning business objectives is a key component of the management process. d. Business objectives are managements means of employing resources and assigning responsibilities. 7. Which of the following would not be considered a primary objectives of a closing conference? a. To resolve conflicts. b. To discuss the engagement observations and recommendations. c. To identify concerns for future audit engagements. d. To identify managements actions and responses to the engagement observations and recommendations. 8. In which of the following situations does the internal auditor potentially lack objectivity? a. A payroll accounting employee assists an internal auditor in verifying the physical inventory of small motors. b. An internal auditor discusses a significant issue with the VP to whom the auditor reports prior to drafting the audit report. c. An internal auditor recommends standards of controls and performance measures for a contract with a service organization for the processing of payroll. d. A former purchasing assistant performs a review or internal controls over purchasing four months after being transferred to the internal audit department. 9. Which of the following is not an example of a risk-sharing strategy? a. Outsourcing a non-core, high risk area. b. Selling a non-strategic business unit. c. Hedging against interest rate fluctuations d. Buying an insurance policy to protect against adverse weather 10. The CAE is asked to conduct the enterprise risk assessment as part of a