ACCT520 Unit #4
| ♥ 0 |
When the executive management of an organization decided to form a team to investigate the adoption of an activity-based costing (ABC) system, an internal auditor was assigned to the team. The best reason for including an internal auditor is the internal auditor’s knowledge of
Risk Management Processes
Internal auditors should review the means of physically safeguarding assets from losses arising from
Exposure to the elements
Which of the following activities is outside the scope of internal auditing?
Safeguarding of assets.
Standard 2120 states that the internal audit activity must evaluate the effectiveness and contribute to the improvement of risk management processes. Conformance with Standard 2120 is best demonstrated by
The charter of the internal audit activity.
Which of the following is not an activity undertaken as part of risk management?
Risk Exposure
In the risk management process, management’s view of the internal audit activity’s role is likely to be determined by all of the following factors except
Preferences of the independent auditor.
Which of the following is the most accurate term for a process to identify, assess, manage, and control potential events or situations to provide reasonable assurance regarding the achievement of the organization’s objectives?
Risk management.
The internal audit activity must evaluate the effectiveness and contribute to the improvement of risk management processes. With respect to evaluating the adequacy of risk management processes, internal auditors most likely should
Determine that the key objectives of risk management processes are being met.
Which of the following is the correct order of steps in the risk management process?
Identify risks Monitor risk responses Formulate risk responses Assess and prioritize risks Identify context 5, 1, 4, 3, 2.
When assessing the risk associated with an activity, an internal auditor should
Provide assurance on the management of the risk.
The primary reason that a bank would maintain a separate compliance function is to
Better manage perceived high risks.
Which of the following represents the best statement of responsibilities for risk management?
Responsibility for risk
Advisory role Oversight role An internal auditor plans to conduct an audit of the adequacy of controls over investments in new financial instruments. Which of the following would not be required as part of such an engagement?
Determine whether the chief financial officer is getting higher or lower rates of return on investments than are chief financial officers in comparable organizations.
Which of the following goals sets risk management strategies at the optimum level?
Maximize shareholder value.
Which of the following threatens the independence of an internal auditor who had participated in the initial establishment of a risk management process?
Managing the identified risks.
Which of the following may be assessed by the internal auditor as part of the risk management process?
Significant risks Ongoing monitoring activities Previous risk evaluation reports by management, internal auditors, external auditors, and any other sources 1 and 2 only.
If an organization has no formal risk management processes, the chief audit executive should
Formally discuss with the directors their obligations for risk management processes
Risk modeling or risk analysis is often used in conjunction with development of long-range engagement work schedules. The key input in the evaluation of risk is
Judgment of the internal auditors.
Which of the following statements regarding monitoring risk responses is false?
The two least important sources of information for ongoing assessments of the adequacy of risk responses are those closest to the activities themselves and the audit function.
Which of the following are part of the risk analysis process?
Assessing the significance of an event Assessing the event’s likelihood Considering the means to manage the risk 1, 2, and 3.
A chief audit executive is reviewing the following enterprise-wide risk map:
Which of the following is the correct prioritization of risks, considering limited resources in the internal audit activity? Risk C, Risk A, Risk B, Risk D.
Risk modeling in a consulting service is done by ranking the engagement’s potential to
Improve management of risk Add value Improve the organization’s operations 1, 2, and 3.
Determining whether risk management processes are effective is a judgment resulting from the internal auditor’s assessment that
Organizational objectives support and align with the organization’s mission Significant risks are identified and assessed Appropriate risk responses are selected that align risks with the organization’s risk appetite Relevant risk information is captured and communicated in a timely manner across the organization 1, 2, 3, and 4.
Which of the following statements about risk management is false?
The internal audit activity may not have a consulting role in identifying, evaluating, and implementing risk management methods.
Which of the following is a false statement concerning risk management?
Risk management is too important to be delegated to a committee.
Which of the following is a true statement about the use by senior management and the board of the internal audit activity as a source of information about risk management processes?
The internal audit activity should be used as a source of information about the success of ongoing risk management activities.
Which of the following is a false statement concerning risk management? Risk management processes
Must be quantitative, formal, and embedded in business units.
Senior management has identified the following risk areas within the organization:
Derivatives trading: Likelihood high, Impact low Materials acquisition: Likelihood low, Impact low Petty cash: Likelihood high, Impact low Bond issue: Likelihood low, Impact high Transportation fleet: Likelihood high, Impact medium Which of the following is a true statement in terms of overall risk exposure of the areas named? Derivatives trading has less risk exposure than the transportation fleet.
Senior management has identified the following risk areas within the organization:
Derivatives trading: Likelihood high, Impact high Materials acquisition: Likelihood low, Impact low Petty cash: Likelihood high, Impact low Bond issue: Likelihood low, Impact high Transportation fleet: Likelihood high, Impact medium Which of the following is a false statement in terms of overall risk exposure of the areas named? The bond issue is riskier than petty cash.
Internal audit has prepared the following risk map for the upcoming audit year:
Where should the chief audit executive devote the most internal audit resources? Cannot be determined from the information given.
The internal auditors are assessing the risk of fraud involving senior management. An impact factor is
Fines and penalties.
Who is responsible for the organization’s risk management and control processes?
The internal auditor. The external auditor. Senior management. The board of directors. 3 and 4 only.
An internal auditor plans to audit the adequacy of controls over credit approval. Which of the following is not a required procedure in such an engagement?
Determine whether loans and other liabilities are valued in accordance with industry regulations.
The internal auditor should evaluate the adequacy of controls over the safeguarding of assets from all of the following except
Underusage of physical facilities.
When a customer fails to pay his or her invoice within 2 months, a notification is sent to inform the credit manager of the situation. This is an example of which kind of event identification method?
Threshold triggers.
Which of the following are core assurance roles provided by the internal audit activity?
Giving assurance on risk management processes Evaluating risk management processes Reviewing the management of key risks Setting the risk appetite 1, 2, and 3 only.
Which of the following are roles that the internal audit activity should not undertake since they would threaten its independence and objectivity?
All of the answers are correct.
Risk management, at any level, consists of
Identifying potential events that may affect the entity Managing the associated risk to be within the entity’s risk appetite 1 and 2.
The level of assurance that risk management can provide regarding the achievement of entity objectives is
Reasonable.
Senior management performed the following steps during its recent deliberations over risk management:
Identified all the risks that might impede the achievement of the company’s mission. Designed new procedures to mitigate the risks associated with surplus equipment, one of the areas in which the risk of adverse impact was both material and likely. Ensured that the director of surplus management understood and enacted the new procedures. Reviewed regular reports from internal audit about the effectiveness of the new procedures for surplus equipment. The most serious deficiency with the process is that Senior management did not prioritize the identified risks.
Which of the following factors affects the control risk of an organization?
Segregation of duties.
What is the board’s role in the risk management process?
Oversees risk management processes.
Risk is measured in terms of
Impact and likelihood.
The Chief Audit Executive’s responsibilities for risk management include which of the following?
Having formal discussions with the board about their obligations for understanding, managing, and monitoring risks.
A recent inventory shortage at XYZ Corp., an unaffiliated supplier, contributed to production failures at OPS Corp. in the current period. To avoid future production failures because of supplier inventory shortages, the most appropriate method is for OPS to
Inform XYZ about its risk appetite regarding supply failures.
Which of the following is a factor affecting risk?
All of the answers are correct.
Management considers risk appetite for all of the following reasons except
Setting risk capacity.
Each of the following is a limitation of enterprise risk management (ERM), except
ERM can provide absolute assurance with respect to objective categories
According to COSO, which component of enterprise risk management (ERM) addresses an entity’s operating structures and core values?
Governance and culture.
Which of the following is closely related to traditional risk management instead of enterprise risk management (ERM)?
Emphasis on specific functions.
Which of the following members of an organization has ultimate ownership responsibility of the enterprise risk management, provides leadership and direction to senior managers, and monitors the entity’s overall risk activities in relation to its risk appetite?
Chief executive officer.
According to COSO’s ERM framework, which view of risk is fully integrated?
Portfolio view.
The function of the chief risk officer (CRO) is most effective when the CRO
Monitors risk as part of the enterprise risk management team.
Enterprise risk management
Involves the identification of events with negative impacts on organizational objectives.
Inherent risk is
The risk when management has not taken action to reduce the impact or likelihood of an adverse event.
|
The Best Research Paper Writing Service
Would you want to pay someone to write your paper professionally from scratch? 100% Original and 0% AI Content!.
🎓 Write my Essay
📚 Write my Persuasive Essay
📋 Humanize AI Content for Turnitin
💻 Write my Reflective Essay
📑 Write my Research Paper
📜 Write my Thesis Paper
📘 Write my Dissertation
📋 Write my Case Study
📝 Write my Online Exam
✒️ Write my Term Paper