Corporate Governance & Internal Control

Question 1

According to COSO, what are the stages in the monitoring-for-change continuum?

Answer 1

Maybe:
Control Baseline
Change Identification
Change Management
Control Revalidation/Update

Question 2

According to COSO, what are the components of internal control?

Answer 2

Control Environment
Control Activities
Risk Assessment
Monitoring
Information/Communication

Question 3

What did the Dodd-Frank Act of 2010 do for Whistleblower’s rights?

Answer 3

Extended OSHA complaint filing time for 90 to 180 days
Extended the right to sue to whistleblowing employees of private subsidiaries controlled by public companies
Extended whistleblowers the right to a jury trial in retaliation cases properly filed in federal court

Question 4

Why do internal controls need to be monitored?

Answer 4

Machines fail
People forget
People get lazy
People quit their jobs
Technology advances

Question 5

What is COSO and it’s guidance?

Answer 5

The Committee of Sponsoring Organizations of the Treadway Commission developed the Internal Control Intergrated Framework

Question 6

What is the IIA and it’s guidance?

Answer 6

The Institute of Internal Auditors developed the International Professionals Practice Framework?

Question 7

How often are external assessments required for internal auditors?

Answer 7

At least once every 5 years

Question 8

What is the best method for prioritizing risk?

Answer 8

Expected value:

Probability * amount

Question 9

According to the IIA, what are some of the organizational objectives that should be improved by internal auditing?

Answer 9

Control
Governance
Risk Management

Question 10

According to the IIA, explain the key parts of the definition of internal auditing.

Answer 10

Internal auditing helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

Question 11

What are the internal auditing standards?

Answer 11

Maybe:
Attribute
Implementation
Performance

Question 12

What must a company’s CFO and CEO certify?

Answer 12

They reviewed the company’s 10-K
The 10-K does not contain any material misstatements
They are responsible for the company’s internal controls

Question 13

What did the Dodd-Frank Act of 2010 require of compensation committees of the board of directors?

Answer 13

All members must be independent

Question 14

According to SOX of 2002, what is required to be an audit committee financial expect?

Answer 14

Section 407 explains that the person should have through education and experience 1) an understanding of GAAP and financial statements 2) experience in preparation of financial statements and application of principles relating to accounting for estimates, accruals, and reserves 3) experience with internal accounting controls, and 4) an understanding of audit committee functions.

Question 15

According to COSO, why do control systems fail?

Answer 15

Improper design or implementation
Environmental changes that make controls ineffective
Operations have changed which make them ineffective

Question 16

According to COSO, what are the risk responses?

Answer 16

Risk Acceptance
Risk Avoidance
Risk Reduction
Risk Sharing

Question 17

What are the components of COSO ERM?

Answer 17

Control Environment
Control Activities
Risk Assessment
Monitoring
Information/Communication 

Operations Objectives
Reporting Objectives
Compliance Objectives

Question 18

What standard distinguishes between requirements for assurance and consulting services?

Answer 18

Implementation Standards

Question 19

What are the advantages of using an ERM system?

Answer 19

Helps organizations seize opportunities
Improves the use of capital
Reduces operational surprises

Question 20

What are the limitations of an ERM system?

Answer 20

Collusion
Management override
Risk relates to the future which is uncertain

Question 21

According to the IIA’s Framework, what elements of their guidance is considered mandatory?

Answer 21

Code of Ethics
Core Principles
International Standards
Definition of Internal Auditing
(PIED)

Question 22

According to the IIA’s Framework, what elements of their guidance is considered recommended?

Answer 22

Implementation Guidance

Supplemental Guidance

Question 23

What must a company’s CFO and CEO certify?

Answer 23

They reviewed the company’s 10-K
The 10-K does not contain any material misstatements
They are responsible for the company’s internal controls

Question 24

What did the Dodd-Frank Act of 2010 require of compensation committees of the board of directors?

Answer 24

All members must be independent

Question 25

According to SOX of 2002, what is required to be an audit committee financial expect?

Answer 25

Section 407 explains that the person should have through education and experience 1) an understanding of GAAP and financial statements 2) experience in preparation of financial statements and application of principles relating to accounting for estimates, accruals, and reserves 3) experience with internal accounting controls, and 4) an understanding of audit committee functions.

Question 26

According to COSO, why do control systems fail?

Answer 26

Improper design or implementation
Environmental changes that make controls ineffective
Operations have changed which make them ineffective

Question 27

According to COSO, what are the risk responses?

Answer 27

Risk Acceptance
Risk Avoidance
Risk Reduction
Risk Response
Risk Sharing

Question 28

What are COSO’s components of ERM?

Answer 28

Control Environment
Control Activities
Risk Assessment
Monitoring
Information/Communication
\+3

Question 29

What standard distinguishes between requirements for assurance and consulting services?

Answer 29

Implementation Standards

Question 30

What are the advantages of using an ERM system?

Answer 30

Helps organizations seize opportunities
Improves the use of capital
Reduces operational surprises

Question 31

What are the limitations of an ERM system?

Answer 31

Collusion
Management override
Risk relates to the future which is uncertain

Question 32

According to the IIA’s Framework, what elements of their guidance is considered mandatory?

Answer 32

Code of Ethics
Core Principles
International Standards
Definition of Internal Auditing

Question 33

According to the IIA’s Framework, what elements of their guidance is considered recommended?

Answer 33

Implementation Guidance

Supplemental Guidance

Question 34

What are the primary themes of the Attribute Standards?

Answer 34

1) Purpose, Authority, & Responsibility
2) Independence & Objectivity
3) Proficiency & Due Professional Care
4) Quality Assurance & Improvement Program

Question 35

What is Standard 2000 of the Performance Standards?

Answer 35

Managing the Internal Audit Activity

Question 36

Describe the general theme of the Performance Standards related to Standard 2000?

Answer 36

The Standards explain the chief audit executive’s responsibilities for overseeing the internal audit activity and for adding value to the organization

Question 37

According to the IIA, what competencies should the internal audit function have?

Answer 37

Evaluating Fraud Risk
IT Audit Techniques
Key IT Risks

Question 38

According to SOX, who must be a part of a Public Company’s audit committee?

Answer 38

A Financial Expert

Question 39

According to COSO’s definition, what are the categories of objectives in Auditing Standards?

Answer 39

Reliability of Financial Reporting
Effectiveness & Efficiency of Operations
Compliance with Applicable Laws & Regulations
(Reorting/Operations/ Compliance)

Question 40

According to the Dodd-Frank Act, what disclosure is required?

Answer 40

Disclosure of why or why not the chairman of the board is also the CEO

Question 41

According to COSO, what relates to risk management?

Answer 41

Change Management
Fraud
Organization Objectives
Risk Assessment

Question 42

What are the IT controls classifications?

Answer 42

Preventive
Detective
Corrective

Question 43

According to COSO, what does monitoring relate to?

Answer 43

Addressing control deficiencies

Establishing ongoing and periodic evaluations

Question 44

According to COSO, what are the control environment factors?

Answer 44

Integrity/Ethical Values
Commitment to competence
HR policies & practices
Assignment of authority & responsibility
Management philosophy & operating style
Board of directors or audit committee participation
Organizational structure

Question 45

In a large public corporation, who should have the responsibility of evaluating internal control procedures?

Answer 45

An independent internal audit staff who reports to the board of directors or an audit committee

Question 46

What are the keywords related to the IIA’s Code of Ethics principles?

Answer 46

Integrity
Objectivity
Confidentiality
Competency

Question 47

What are the goals of risk management?

Answer 47

Aligning risk appetite with strategy
Reducing operational surprises and losses
Seizing opportunities through better identification and management

Question 48

According to Dodd-Frank, what is the range of mandatory awards issued for original information regarding securities fraud

Answer 48

10%-15% of imposed sanctions

Question 49

According to the COSO cube model, what are the control objectives?

Answer 49

Operations
Reporting
Compliance

Question 50

According to SOX, when does the firm have to provide an explanation regarding the financial expert?

Answer 50

If the audit committee does not have one.

Question 51

According to COSO, what is the definition of Internal control?

Answer 51

A process affected by an entity’s board of directors, management, and other personnel designed to provide reasonable assurance regarding the achievement of objectives in 1)reporting 2)operations 3) compliance

Question 52

According to COSO, what is the definition of Internal control?

Answer 52

A process affected by an entity’s board of directors, management, and other personnel designed to provide reasonable assurance regarding the achievement of objectives in 1)reporting 2)operations 3) compliance

Question 53

According to COSO, what is the definition of Internal control?

Answer 53

A process affected by an entity’s board of directors, management, and other personnel designed to provide reasonable assurance regarding the achievement of objectives in 1)reporting 2)operations 3) compliance

Question 54

What is GAAS?

Answer 54

Generally Accepted Auditing Standards

Question 55

What is a trading specialist vs a market maker?

Answer 55

A specialist is a NYSE member acting as a dealer for a small number of securities and a market maker does the same for the OTC market

Question 56

Who requires the independent auditor to study the internal controls of a public company?

Answer 56

GAAS and SOX

Question 57

What does NASDAQ require of all listed companies?

Answer 57

Requires that listed companies have audit committees with only independent directors

Question 58

What is SOX and who does it apply to?

Answer 58

Sarbanes-Oxley Act of 2002 and it applies to all SEC registrants

Question 59

What does the NYSE require of all listed companies?

Answer 59

A code of conduct must be adopted by the governing board and made public

Question 60

What are open-end fund vs closed-end funds?

Answer 60

Open-ended fund are mutual funds and their size changes, closed-