chapter 3

Question 1

internal controls

Answer 1

process affected by entities directors, managers and others

Question 2

goals of internal controls

Answer 2

safeguard assets
ensure accuracy of fin states
promote efficiency
comply with law and regulations

Question 3

managers are

Answer 3

responsible for financial statements and controls

Question 4

reasonable assurance

Answer 4

controls systems cant 100% be perfect
- human error
- colussion : 2 or more people working together
- management override
- cost-benefit

Question 5

exposure

Answer 5

area where system is vulnuerable
–> if theres exposure it doesnt always mean theres a mistatement

Question 6

preventative controls

Answer 6

techniques designed to detect errors and not allow them to enter the system

*most effective than detective and corrective

Question 7

detective controls

Answer 7

finds misstatements which were inputted into the system

Question 8

corrective controls

Answer 8

fixes misstatements
–> not always obvious about what went wrong

Question 9

COSO makes rules for…

Answer 9

1. internal controls

audit standards and SOX backup COSO

Question 10

internal control framework (5 components)

Answer 10

• control environment
• risk assessment
• quality of information
• monitoring
• control activities

Question 11

risk assessment

Answer 11

proactively identify risks and threats before they become a problem

Question 12

control environment

Answer 12

tone and attitude of management will ripple down the org
aka culture

Question 13

quality of information

Answer 13

the design of an accounting system

Question 14

monitoring

Answer 14

periodically check what people are doing

Question 15

control activities

Answer 15

specific actions taken like:
- seperation of duties
- 2 people signing off checks

Question 16

IT controls

Answer 16

related to computer environment
general and application controls

Question 17

general control

Answer 17

entity wide IT concerns, relate to operating system as a whole

Question 18

application controls

Answer 18

ensure integrity of system. audit concerned with application controls

Question 19

physical controls

Answer 19

• transaction authorization
• segregation of duties
• supervision
• accounting records (source docs, journals, ledgers)
• access controls (only auth persons have access to assets

Question 20

input control

Answer 20

prevent mistatement to even occur
- check digit
- missing data check
- numeric alphabetic check
- limit checks
- range checks
- reasonableness checks
- validity checks

Question 21

processing controls

Answer 21

procedures to ensure applications logic is functioning properly
ex: batch totals

Question 22

audit trail controls

Answer 22

follow transaction from beginning to end or end to beginning
- every transaction system process should be recorded in transaction log

Question 23

transaction log

Answer 23

list of successfully processed transactions

Question 24

error log

Answer 24

all transactions that werent successful

Question 25

output controls

Answer 25

transaction successfully processed, but things can still go wrong - ensures output is not lost ex: so processed checks are not taken by outside persons

Question 26

what % of corporate profits lost to fraud

Answer 26

5-7% hard to identity bc 1. not always reported 2. not always caught

Question 27

fraud

Answer 27

intentional misstatement

Question 28

5 components of fraud

Answer 28

false representation material fact intent to decieve justifiable reliance injury or loss

Question 29

common types of fraud

Answer 29

1. fraudulent fin states 2. theft of assets 3. corruption/ occupational fraud

Question 30

corruption/ occupational fraud

Answer 30

using job to gain unjust benefit

Question 31

fraud triangle

Answer 31

1. situational pressures 2. opportunity 3. ethics

Question 32

situational pressures (fraud triangle)

Answer 32

motive/ incentive/ pressure ex: company underperforming or employee needing $

Question 33

opportunity (fraud triangle)

Answer 33

weak controls, weak management, weak day to day controls

Question 34

ethics (fraud triangle)

Answer 34

rationalization of action

Question 35

most fraud is committed by... most losses by

Answer 35

employees > managers managers > employees

Question 36

skimming

Answer 36

taking money before it is even reported - off the books scheme, cant trace losses ex: charging extra ex: not recording cash transactions for IRS purposes

Question 37

cash larceny

Answer 37

stealing cash after it is recorded - results in accounts not being balanced

Question 38

billing schemes (vendor fraud)

Answer 38

fraudulent disbursements, tricking company paying to think that the transaction is legit. *most common type of theft

Question 39

shell company

Answer 39

false vendor set up and false purchase order ex:make fake invoices and wait for bad control companies to pau

Question 40

pass through fraud

Answer 40

both a legit and false vendor purchase (at a much higher price) ex: UF employee buys laptops from dell, makes shell company, and charges $200 extra

Question 41

check tampering

Answer 41

messing with checks *highest average loss because can take a lot of $ at one time

Question 42

payroll fraud

Answer 42

distribution of fraudulent paychecks ex: overstating hours

Question 43

expense reimbursement fraud

Answer 43

false or inflated expense reimburesments

Question 44

theft of cash

Answer 44

direct theft of cash on hand

Question 45

non cash misaapropriations

Answer 45

theft of noncash assets (inventory or info)

Question 46

corruption

Answer 46

member of org in collusion with outsider

Question 47

ethics

Answer 47

moral principles or values based on personal beliefs and societal norms

Question 48

business ethics

Answer 48

how managers make ethical decisions when running the business

Question 49

equity (ethical)

Answer 49

- fairness - equal work = equal pay

Question 50

rights (ethical)

Answer 50

HR, diversity, harassment

Question 51

honesty

Answer 51

accurate reporting on financial statements

Question 52

exercise of corporate power

Answer 52

decisions of companies make affect lives of people

Question 53

misuse

Answer 53

taking company belonging and using it for what it isnt intended for

Question 54

computer ethics include topics of

Answer 54

privacy and security

Question 55

SOX code for ethics

Answer 55

406 -- requires management to had a code of ethics

Question 56

lack of auditor independence results in

Answer 56

wanting to be nice to the client and going easy on the audits to ensure future business in other services sectors of the company

Question 57

lack of director independence results in

Answer 57

side gigs and other involvement can make board director forget about responsibility to keep the stockholders benefit in mind