dumpspedia logo
Compliance tests are procedures designed to verify whether controls are being applied in the manner described in the flowcharts, questionnaires etc.
A document that outlines in visual and narrative format the processes and control points within the process is called:
To ensure that data is being used as performance indicators accurately and objectively measure desired outputs and outcomes is called:
Which activities are designed and implemented to reduce, or otherwise manage, risk at levels that were determined to be acceptable to the management and board?
A coding operation where any form of communication is coded or classified in line with some conceptual framework is known as:
What involves comparing the program’s performance with other similar programs that are effective?
What is designed to permit everyone in an organization to understand and respond to vital, economic, competitive, productivity and customer quality and value issues?
Weak internal controls, lack of fraud policy, fiscal problems are all fraud warning signs of:
Which of the following is NOT the potential benefit of the CSA to the organization?
Proficiency in initiating new ideas and leading people in a new direction is called:
Which auditors provide varying degrees of assurance about the state of effectiveness of the risk management and control processes of the organization?
A process to identify events potentially affecting the entity and manage risk within its risk appetite is known as:
Who are the people who benefit from the organization, use its products or services or who are otherwise associated?
In any organization of people, ___________ is the blending of purpose, commitment, capability, monitoring and learning.
___________ are clearly communicated to all employees and management obtains feedback signifying that the communication has been effective.
Which evidence is obtained from individuals through oral or written statements such as interviews, surveys and questionnaires?
When internal auditors establishes trust and thus provides the basis for reliance on their judgment, this refers to:
Which of the following is NOT the potential benefit of the CSA to the internal auditing?
What is used to develop and manage the current period of organizational activity?
Apply principles of risk management at every management level for identifying, evaluating, avoiding, minimizing and controlling risks, is called:
Work group participants may be suspicious and even hostile, seeing CSA as a management ploy to find out more about them, when:
Who identified internal control components including Control environment, Information & communication, risk assessment, control activities and Monitoring?
A weak control is equal to high vulnerability and a strong control is equal to the low vulnerability.
To relate high-level goals, aligned with and supporting the entity’s mission/vision is called:
_________ structures tend to evolve in highly formal, centralized organizations where employees are subject to strict controls and little flexibility in decision making.
To provide management with information to mitigate the negative consequences associated with accomplishing the organization’s objectives is the:
Based on the results of risk assessment, which should evaluate the adequacy effectiveness of controls encompassing the organization’s operations and information system?
Which of the following is NOT the reason why organizations use strategic planning?
Fill in the Blanks
________ are the targets or goals that an organization to needs to achieve in order to fulfill its purpose as articulated in its mission, mission and value statements.
Post implementation reviews of projects allow management to assess the degree to which the objectives were achieved for the resources expended in which phase of project management?
To improve the quality of financial reporting through a focus on corporate governance, internal controls and ethical standards, is the mission of:
To make sure the performance data is accurate, sufficient and reliable is called:
Risk assessment and developing plans and processes for risk mitigation is the purpose of:
A process affected by an organization’s management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives is known as:
New employees, consultants and contractors must receive security awareness training and supporting documentation at the time of employment refers to:
Which of the following is NOT the COSO internal controls interrelated component?
Which program evaluations focus on the results of the program in order to determine the program’s effect?
No policy regarding identification, sale and disposal of obsolete and surplus materials is a fraud warning sign of Inventory
Description, action steps, time frames, delineated responsibilities are all factors of Objective statements.
___________ is charged with overseeing the establishment, administration and evaluation of the processes of risk management and control.
Alleged perpetrators have the right to expect an objective investigation and that allegations against them will be kept as confidential as possible until they are substantiated, this refers to;
The combination of processes and structures implemented by the board in order to inform, direct, manage and monitor the activities of the organization toward its achievements is called:
____________ is an independent, objective assurance and consulting activity designed to add value and improve an organization’s operations.
A methodology that can be used by managers and internal auditors to assess the adequacy of an organization’s risk management and control processes is called:
After the risks to the organization have been identified, management undertakes a thorough and complete analysis of their possible effects, this is called:
Recommendations should correspond to the overall goals of the organization and relate directly to the problem at hand is called:
In traditional approach, objectives used were of management’s and in control selfassessment approach it is of work teams’.
The process an organization uses to determine where it is headed in the coming years, the objectives it hopes to achieve, the methods it will use and its performance measures, is called:
Proficiency at cultivating and maintaining a web of relationships means to establish a:
___________ is the uncertainty or exposures that exist assuming no controls are in place.
_____________ define specific organizational goals and should be reasonably obtainable and contain execution strategies.
What says that control policies and procedures must be established and executed to help ensure that the actions identified by management as necessary to address risks to achievement of entity’s objectives are effectively carried out?
A process for gathering information, without detailed verification, on the activity being examined is called:
An ethical tone has been established at the top of the organization and has been communicated throughout the organization.
Risk assessment characteristic of the internal auditor’s paradigm has scenario planning as its new paradigm and its old paradigm is:
TESTED 04 Apr 2025