COSO Framework

CPA Auditing and Attestation (AUD) · Learn by Concept

Help Questions

CPA Auditing and Attestation (AUD) › COSO Framework

1 - 6
1

Per the COSO ICIF, the main purpose of monitoring internal controls is to confirm that the internal control system can adequately address changes in:

Risk Assessment

0

Control Environment

0

Monitoring

CORRECT

Information and communication

0

Explanation

Risks constantly change in terms of likelihood and severity. Internal controls should be created and upheld to address changes in risks.

2

A company's management is experiencing a lack of segregation of duties within its application environment as its programmers have access to both development and production. The programmers have the ability to implement changes in code in production without monitoring or quality assurance. This is a deficiency in which area?

Change control

CORRECT

Data integrity

0

Computer operations

0

Management override

0

Explanation

Programmers who have access to both instructions and live data can undermine management's control of data and their ability to verify that all changes have been performed in a manner consistent with their instructions.

3

Of the following positions, which best describes the nature of a company's Board of Directors in relation to the company?

Agent

0

Fiduciary

CORRECT

Representative

0

Executive

0

Explanation

A company's board of directors has a fiduciary duty to act on behalf of and in the best interest of a corporation.

4

According to COSO, which of the following is included in the assess and report phase of an effective approach to monitoring internal controls?

Prioritize findings

CORRECT

Tone at the top

0

Identify controls

0

Prioritize risks

0

Explanation

Findings result from monitoring internal controls.

5

The Treadway Commission was established by:

SOX 2002

0

The SEC

0

The Treadway Foundation

0

Private sponsoring organizations

CORRECT

Explanation

The COSO was an independent private sector initiative.

6

Of the following components, which would not be included in Risk Assessment activities?

Consider the potential for fraud

0

Identify and assess changes

0

Specify objectives

0

These are all included

CORRECT

Explanation

All of these components are required when conducting Risk Assessment under the COSO framework.

Return to subject
AI Study Coach
Instant Tutoring
Request a Tutor
Live Classes
Question of the Day
Flashcards
Worksheets
AI Solver
Learn by Concept
Diagnostic Tests
Practice Tests
Games