Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CITP > Risk Assessment 3 > Flashcards

Risk Assessment 3 Flashcards

1
Q

What are examples of controls to lower “Control Risk” for assertion level risk?

A
  • Controls over admin access to server(s) for app
  • Controls to limit user access to app
  • Controls over how changes are authorized, developed and deployed to app
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the 2 levels where RMM exists/resides?

A

(1) FS level or
(2) Assertion level

  • Bc RMM exists at 2 levels, auditor should assess RMM at both of levels separately and in aggregate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

How does an auditor assess “Control Risk” at the assertion level?

A
  • Auditor determine if entity has controls (policies) to limit access to all aspects of app (db, program code and user apps)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does “Financial Statement Level Risks” require?

A
  • “FS level risks” requires an overall response, like more supervision to engagement team or modifying selection of audit procedures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How are “Assertion Level Risks” addressed?

A
  • Assertion level risks are addressed by the nature, timing, and extent of FAP, which may include substantive procedures or combo of ToCs and substantive procedures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the “Risk Score” formula?

A
  • Risk Score formula = Probability x Significance

- Higher score = higher risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Describe the 4 response types or test to an Assess Level of Risk?
(List from least to most assurance/reliance on test results)

A

IOIR

(1) Inquiry - Low
(2) Observation - Moderate
(3) Inspection - High
(4) Re-perform/Confirm - High

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a primary factor in prevention and deterrence?

A
  • Increase the Perception of detection (PoD)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is Perception of Detection (PoD)?

A
  • PoD is the environment that leads potential fraudsters to perceive/believe that if commit fraud, will get caught, and go to jail
  • Potential results cause some potential fraudsters to forego frauds out of fear
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are examples of anti-fraud activities that can increase Perception of Detection (PoD)?

A
  • Surveillance, anonymous tips and complaints system, surprise audits, mandatory vacation/rotation of duties, prosecution of a fraudster who was caught and background checks
  • Some of these considered “detective measures”, if entity does them effectively, can increase PoD bc potential fraudster fears s/he will get caught by detective activity (surprise audit)
  • Early “detection controls” might serve as “Preventive Control” bc might increase PoD
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CITP (29 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions