13-16 Flashcards by Brad Hunt

Which of the following is NOT one of the three sources of external fraud discussed?
a. Vendors
b. Customers
c. Auditors
d. Unrelated third parties

c. Auditors

How well did you know this?

Not at all

Perfectly

Which of the following statements is true with regard to external fraud threats?
a. Unrelated third parties pose the greatest threat to an organization
b. Only companies that contract with vendors are at a risk of external fraud
c. A member of an organization’s board of directors committing fraud against that organization is an example of external fraud
d. Companies that house large amounts of customer payment data are especially vulnerable to external fraud threats

d. Companies that house large amounts of customer payment data are especially vulnerable to external fraud threats

How well did you know this?

Not at all

Perfectly

What is a paperhanger?
a. A person who is an expert in check fraud
b. A person who counterfeits money
c. A person who specializes in e-commerce check scams
d. A person who is an expert in credit card fraud

a. A person who is an expert in check fraud

How well did you know this?

Not at all

Perfectly

Which of the following statements is true with regard to credit cards?
a. Less than half of the U.S. population has a credit card
b. The chances of being caught using an unauthorized card are small
c. Counterfeit credit cards are known as “black plastic” cards
d. The hologram is the easiest part of a credit card to duplicate

b. The chances of being caught using an unauthorized card are small

How well did you know this?

Not at all

Perfectly

Taylor is a procurement specialist for Hillside Corporation. He is reviewing contracts, and notices a pattern between three particular contractors. Contractor A bid the lowest on the first job, Contractor B bid the lowest on the second job, and Contractor C bid the lowest on the third job. All three contractors bid on all three jobs. Which of the following is a potential scheme perpetrated by these contractors?
a. Bid tailoring
b. Bid rotation
c. Complementary bids
d. Phantom bids

b. Bid rotation

How well did you know this?

Not at all

Perfectly

Which of the following is NOT one of the four phases of the procurement process?
a. The presolicitation phase
b. The solicitation phase
c. The performance phase
d. The project review phase

d. The project review phase

How well did you know this?

Not at all

Perfectly

A caterer has been contracted by Austin Corp. to provide the food for a large banquet. The catering contract explicitly states that the caterer will serve a fish entrée and a chicken entrée, and the fish entrée will consist of red snapper. The caterer decides to use tilapia instead, which costs about a third as much as red snapper, but is also a white fish and looks quite similar. He figures that no one at the banquet will be able to tell the difference. Austin Corp. is charged the price of the red snapper. What type of scheme has the caterer perpetrated?
a. Product substitution
b. Cost mischarging
c. Material deception
d. Contract falsification

a. Product substitution

How well did you know this?

Not at all

Perfectly

Which of the following is the best way to prevent vendor fraud?
a. Conduct vendor audits
b. Perform services in-house rather than using vendors
c. Disallow any contract modifications
d. Require a minimum of three vendors to be considered for any project

a. Conduct vendor audits

How well did you know this?

Not at all

Perfectly

Which of the following is a key finding from the 2010/2011 Computer Crime and Security Survey?
a. Data manipulation is one of the most commonly seen attacks.
b. Almost 80% of the survey respondents experienced at least one security incident.
c. Respondents believed that the activities of outsiders accounted for much of their losses from cybercrime.
d. All companies surveyed had a technical expert on staff.

c. Respondents believed that the activities of outsiders accounted for much of their losses from cybercrime.

How well did you know this?

Not at all

Perfectly

Why are computer fraud cases difficult for a fraud examiner to investigate?
a. They lack a traditional paper audit trail.
b. They require an understanding of the technology used to commit the crime.
c. They require the use of one or more specialists to assist the fraud examiner.
d. All of the above are reasons why computer fraud cases are difficult to investigate.

d. All of the above are reasons why computer fraud cases are difficult to investigate.

How well did you know this?

Not at all

Perfectly

________________ is the use of technology to gain unauthorized access to sensitive information on a computer system.
a. Data manipulation
b. Computer hacking
c. Social engineering
d. Computer crime

b. Computer hacking

How well did you know this?

Not at all

Perfectly

Password cracking, social engineering, and phishing are all:
a. Methods used to gain unauthorized access
b. Data manipulation tactics
c. Corporate espionage tactics
d. None of the above

a. Methods used to gain unauthorized access

How well did you know this?

Not at all

Perfectly

Max Reynolds is trying to obtain customer payment data from Stella Corporation. He wanders around Stella’s offices pretending to be a confused intern, looking for someone who can help him get on his computer. An unsuspecting employee gives him her login information, not realizing the amount of data she has just given him access to. He downloads several spreadsheets of customer payment data and takes off. What type of scheme has Max committed against Stella Corporation?
a. Phishing
b. Password cracking
c. Social engineering
d. Employee hijacking

c. Social engineering

How well did you know this?

Not at all

Perfectly

Which of the following is commonly used to perpetrate data manipulation and destruction schemes?
a. Wire tapping
b. Data dumps
c. Network infiltration
d. Malware

d. Malware

How well did you know this?

Not at all

Perfectly

If an organization offers wireless or remote access, its server software should terminate any connection:
a. From a foreign country
b. Cash larceny
c. After a certain number of unsuccessful attempts to enter an invalid password
d. Skimming

c. After a certain number of unsuccessful attempts to enter an invalid password

How well did you know this?

Not at all

Perfectly

All of the following are examples of malware EXCEPT:
a. Blackware
b. Virus
c. Trojan horse
d. Botnet

a. Blackware

How well did you know this?

Not at all

Perfectly

What is encryption?
a. Impersonating one of the organization’s computers to get access to the network
b. A type of intrusion detection system
c. A company’s criteria for password selection
d. Procedures used to convert information using an algorithm that makes it unreadable

d. Procedures used to convert information using an algorithm that makes it unreadable

How well did you know this?

Not at all

Perfectly

Which of the following does corporate espionage include?
a. Legitimate intelligence collection
b. Acquisition of information through clandestine means
c. Intelligence analysis using legal means
d. All of the above

b. Acquisition of information through clandestine means

How well did you know this?

Not at all

Perfectly

According to the textbook, which of the following is NOT one of a corporate spy’s favorite departments to target?
a. Research and development
b. Legal
c. Marketing
d. Human resources

b. Legal

How well did you know this?

Not at all

Perfectly

What is a recommended preventative measure a company should take to protect its physical property?
a. Send and receive all mail from company premises
b. Ensure outdoor waste receptacles are locked and guarded
c. Keep sensitive documents out of sight and in employees’ drawers
d. Ensure the cleaning staff only works after business hours

b. Ensure outdoor waste receptacles are locked and guarded

How well did you know this?

Not at all

Perfectly

Factors that influence the level of fraud risk faced by an organization include which of the following?
a. The nature of the business
b. The effectiveness of the organization’s internal control
c. The ethics and values of the organization and the people in it
d. All of the above

d. All of the above

How well did you know this?

Not at all

Perfectly

_________ controls are designed to stop an undesirable event from occurring, whereas _________ controls are designed to identify an undesirable event that has already occurred.
a. Preventive; detective
b. Internal; external
c. Risk; discovery
d. Operating; review

a. Preventive; detective

How well did you know this?

Not at all

Perfectly

Fraudulent financial reporting risks include which of the following?
a. Payment of bribes or gratuities
b. Aiding and abetting of fraud by outside parties
c. Inappropriately reflected balance sheet amounts
d. Misappropriation of intangible assets

c. Inappropriately reflected balance sheet amounts

How well did you know this?

Not at all

Perfectly

Which of the following factors should be considered when selecting a sponsor for the fraud risk assessment?
a. Seniority
b. Independence
c. Ability to elicit cooperation
d. All of the above

Study These Flashcards

d. All of the above

8. Which of the following factors should be considered in assessing the likelihood of occurrence of each fraud risk? a. Financial statement and monetary significance b. Internal control environment of the organization c. Criminal, civil, and regulatory liabilities d. Financial condition of the organization

b. Internal control environment of the organization

10. Risks resulting from ineffective or nonexistent controls are known as which of the following? a. Residual risks b. Inherent risks c. Control risks d. Audit risks

a. Residual risks

hich of the following is not one of the three interrelated elements that enable someone to commit fraud? a. Opportunity b. Non-sharable financial need c. Ability to rationalize d. Fraud risk

d. Fraud risk

15. The vulnerability of an organization to those capable of overcoming the three elements of the fraud triangle is known as which of the following? a. Inherent risk b. Fraud risk assessment c. Fraud risk d. Control risk

c. Fraud risk

16. Which of the following is a type of detective control? a. Segregating duties b. Performing background checks c. Performing surprise audits d. Ensuring proper alignment between an individual’s authority and level of responsibility

c. Performing surprise audits

18. Which of the following information-gathering techniques enables the fraud risk assessor to observe the interactions of employees as they discuss a question or issue? a. Interviews b. Surveys c. Focus groups d. Anonymous feedback mechanisms

c. Focus groups

19. When assessing the potential incentives, pressures, and opportunities to commit fraud, the fraud risk assessment team should evaluate which of the following? a. Incentive programs and how they may affect employees’ behavior when conducting business or applying professional judgment b. Highly complex business transactions and how they might be used to conceal fraudulent acts c. Opportunities for collusion d. All of the above

d. All of the above

20. Which of the following is not a true statement regarding the fraud risk assessment process? a. It is more of a science than an art b. To be most effective, it should be an ongoing, continuous process c. It should be influenced by the culture of an organization d. It is aimed at proactively identifying an organization’s vulnerabilities to fraud

a. It is more of a science than an art

21. Which of the following is not true regarding fraud risk? a. It can be analyzed quantitatively b. It results exclusively from sources internal to the organization c. It can be analyzed qualitatively d. It encompasses reputation risk

b. It results exclusively from sources internal to the organization

22. Which of the following is not a potential corruption risk? a. Payment of bribes to public officials, companies, or private individuals b. Inadequate disclosures pertaining to related-party transactions c. Receipt of kickbacks, bribes, or gratuities d. Aiding and abetting of fraud by customers or vendors

b. Inadequate disclosures pertaining to related-party transactions

23. Which of the following techniques can be used to evaluate the effectiveness and efficiency of internal controls? a. Review of the accounting policies and procedures in place b. Interviews with management and employees c. Consideration of the risk of management’s override of controls d. All of the above

d. All of the above

25. Management should consider which of the following in establishing an acceptable level of fraud risk for the organization? a. The organization’s business objectives b. The organization’s risk tolerance level c. Both A and B d. Neither A nor B

c. Both A and B

26. Which of the following factors enhances a fraud risk assessment? a. Collaboration between management and auditors b. Independence and objectivity of those leading and conducting the work c. Inclusion of people’s perceptions at all levels of the organization d. All of the above

d. All of the above

29. Which of the following actions might management take in order to transfer a residual fraud risk? a. Eliminate the related asset b. Exit the related activity c. Purchase fidelity insurance d. Implement countermeasures

c. Purchase fidelity insurance

1. Which of the following question types will generally not be asked during an information-gathering interview of a neutral witness? a. Introductory b. Informational c. Assessment d. Closing

c. Assessment

2. While conducting an interview, you have reason to believe that the respondent is not being truthful. What type of questions will help you establish the respondent’s credibility? a. Open b. Non-leading c. Admission-seeking d. Assessment

d. Assessment

3. ______________ questions are asked if you have a reasonable cause to believe that the respondent is responsible for the fraud under investigation. a. Admission-seeking b. Assessment c. Leading d. Closing

a. Admission-seeking

4. Which of the following is not one of the primary purposes of asking introductory questions during an interview? a. Establishing rapport between the interviewer and the subject b. Asking sensitive questions before the subject has the ability to go on the defensive c. Observing reactions to questions d. Establishing the theme of the interview

b. Asking sensitive questions before the subject has the ability to go on the defensive

6. Which of the following is a rule that the interviewer should follow when asking questions during the introductory phase of the interview? a. Promise confidentiality to the respondent. b. Give the interviewee the opportunity to respond to the source of the allegations. c. Question only one person at a time. d. All of the above

c. Question only one person at a time.

7. The purpose of informational questions is to gather unbiased, factual information. Which of the following is a type of informational question? a. Assessment b. Norming c. Closing d. Leading

d. Leading

10. During an interview, you ask the respondent a question that contains the answer as part of the question. This is called a(n): a. Open question b. Closed question c. Assessment question d. None of the above

d. None of the above

11. A(n) _____________ interview is one that has the potential to bring about strong emotional reactions in the respondent. a. Explosive b. Aggressive c. Volatile d. Emotive

c. Volatile

13. At the conclusion of an interview, closing questions should be asked for which of the following purposes? a. Reviewing key facts to ensure that they have not been misunderstood b. Gathering previously unknown facts c. Asking the respondent if he or she has been treated fairly d. All of the above

d. All of the above

15. The question “Do you think someone around here might be justified in making a secret arrangement with one of the company’s vendors?” is an example of what type of interview question? a. Allusive b. Admission-seeking c. Assessment d. Alternative

c. Assessment

16. In an interview situation, the process of observing behavior before critical questions are asked is called: a. Calibrating b. Leading c. Attribution d. None of the above

a. Calibrating

17. Respondents in an interview give both verbal and nonverbal clues that can be used to determine whether they are being deceptive. Which of the following is generally not considered a verbal clue to deception? a. Changes in speech patterns b. Tolerant attitude c. Feigned unconcern d. Overuse of emotive words

d. Overuse of emotive words

18. During an interview, when an interviewee repeatedly fiddles with a pen or picks lint from her clothing, she is giving non-verbal clues called: a. Illustrators b. Manipulators c. Exemplifiers d. None of the above

b. Manipulators

19. During an interview, the respondent frequently uses the phrases “honestly” and “I swear to God.” The respondent is giving a type of verbal clue known as: a. Character testimony b. Illustrators c. Oaths d. Manipulators

c. Oaths

24. Generally, there is nothing illegal about accusing an innocent person of misdeeds as long as: a. The accuser has predication to believe the accused has committed an offense. b. The accusation is made under reasonable conditions and in private. c. The accuser does not take any action that is likely to make an innocent person confess. d. All of the above

d. All of the above

25. During an admission-seeking interview in which an accusation has been made, the respondent will normally object to the accusation and attempt to deny it. When you are convinced of the respondent’s guilt, it is important to: a. Interrupt the denial. b. Ask the respondent to put the denial in writing. c. Repeat the denial for confirmation of understanding. d. None of the above

a. Interrupt the denial.

26. When the subject of an investigation has been accused of misconduct, establishing a morally acceptable rationalization might allow the accused to reconcile his actions with his conscience. Which of the following is not an example of an acceptable rationalization? a. The accused has been unfairly treated by his management. b. The accused felt that he needed to get back at someone in the organization. c. The accused is a bad person by nature. d. The accused engaged in the misconduct for the benefit of others.

c. The accused is a bad person by nature.

27. During an admission-seeking interview, the accused individual will likely present reasons why he or she could not have committed the offense. When this occurs, the fraud examiner should step in and diffuse these alibis by: a. Discussing the accused’s deceptions b. Displaying the physical evidence c. Discussing the testimony of other witnesses d. Any of the above

d. Any of the above

28. In an admission-seeking interview, once the accused has provided a verbal confession, the interviewer should focus on obtaining: a. An estimate of the total amount of money involved b. A motive for the offense c. The names of other people who are involved d. All of the above

d. All of the above

29. When obtaining a written confession during an admission-seeking interview, which of the following is not an item that should be included in the written statement? a. Willingness to cooperate b. Promise of leniency c. Excuse clause d. Intent to perpetrate the crime

b. Promise of leniency

32. James Turner, CFE, was called in to investigate a sales skimming case at Durant Hardware. During an admission-seeking interview of Nadia Brown, the primary suspect, James asked, “Did you just want some extra money, or did you do this because you had financial problems?” Nadia began crying and nodded yes. This small admission as a response to James’ question is called a: a. Provisional admission b. Point-of-reference confession c. Benchmark admission d. Tentative confession

c. Benchmark admission

13-16 Flashcards

(59 cards)