Free CGAP Risk-Control Frameworks Questions and Answers

Question 1

Auditors learn about internal control of an entity primarily for the following reasons:

Accepted Answer

Determining the nature, extent and timing of subsequent audit procedures to be performed.

Answer

Providing documentary evidence to present to those charged with governance.

Answer

Gathering sufficient appropriate evidence to provide a reasonable basis for an opinion on the financial statements.

Answer

Determining whether interim audit testing is appropriate.

Question 2

The main factor an auditor looks at when evaluating an entity's internal controls is whether they

Accepted Answer

Affect the financial statement assertions.

Answer

Relate to the control environment.

Answer

Prevent management override.

Answer

Reflect management’s philosophy and operating style.

Question 3

Which of the following assertions regarding internal control is true?

Accepted Answer

The cost-benefit relationship is a primary criterion that should be considered in designing an internal control system.

Answer

A properly maintained internal control system reasonably ensures that collusion among employees cannot occur.

Answer

The establishment and maintenance of internal control is an important responsibility of the internal auditor.

Answer

An exceptionally strong internal control system is enough for the auditor to eliminate substantive procedures on a significant account balance.

Question 4

All of the following, with the exception of, are aimed to help the organization meet its goals through internal controls:

Accepted Answer

Reduction of debt financing costs.

Answer

Reliability of financial reporting.

Answer

Safeguarding of assets.

Answer

Compliance with laws and regulations.

Question 5

Which of the following is not one of internal control's five main pillars?

Accepted Answer

Human resource background checks.

Answer

Control activities.

Answer

Risk assessment.

Answer

Information and communication.

Question 6

The COSO Internal Control—Integrated Framework's monitoring section is important. Which of the following statements regarding how the business can implement the monitoring component is false?

Accepted Answer

The independent auditor can serve as part of the entity’s control environment and continuous monitoring.

Answer

Monitoring can be conducted as a separate evaluation.

Answer

Monitoring can be an ongoing process.

Answer

Monitoring and other audit work conducted by internal audit staff can reduce external audit costs.

Question 7

Which of the following is an acceptable excuse for skipping control test procedures?

Accepted Answer

The procedures require more audit effort than the projected benefits to be obtained from lowering the control risk.

Answer

The auditor prefers the control risk to be the minimum.

Answer

The company does not have any flowcharts of its system available for review.

Answer

The internal control structure appears very strong.

Question 8

An auditor may determine that particular statements have a high control risk after learning about an entity's internal control system because

Accepted Answer

Believes the internal controls are unlikely to be effective.

Answer

Identifies internal controls that are likely to prevent material misstatements.

Answer

Performs tests of controls to restrict detection risk to an acceptable level.

Answer

Determines that the pertinent internal control components are not well documented.

Question 9

Regardless of the estimated level of control risk, an auditor would complete some of the following

Accepted Answer

Substantive procedures to restrict detection risk for material transaction classes.

Answer

Analytical procedures to verify the design of internal controls.

Answer

Tests of controls to determine the effectiveness of internal controls.

Answer

Dual-purpose tests to evaluate both the risk of monetary misstatement and preliminary control risk.

Question 10

Auditors are likely to when preliminary control risk evaluations are set to high:

Accepted Answer

Complete little or no tests of controls.

Answer

Test controls extensively.

Answer

Use a reliance strategy.

Answer

Complete interim testing of account balances.