Internal Control

Internal Control
1. If, during the course of an annual audit of a publicly held manufacturing

company, an independent auditor becomes aware of a reportable condition in the
company's internal control, the auditor is required to communicate the
reportable condition to
The senior management and the board of directors of the company
The senior management of the company
The board of directors of the company
The audit committee of the board of directors
Explanation : The most appropriate answer is D.
2. Effective Internal Control in a small company that has insufficient employees to
permit proper division of responsibilities can be best enhanced by
Employment of temporary personnel to aid in the separation of duties
Direct participation by the owner of the business in the recordkeeping
activities of the business
Engaging a Chartered Accountant to perform monthly "write-up" work
Delegation of full, clear-cut responsibility to each employee for the functions
assigned to each
Explanation : The most appropriate answer is B
3. Which of the following best describes the primary reason for the auditor's use
of flowcharts during an audit engagement?
To comply with the requirements of Accounting Standards
To interpret the operational effectiveness of the client's existing organizational
structure
To classify the client's documents and transactions by major operating functions
e.g., cash receipts, cash disbursements, etc
To record the auditor's understanding of the client's Internal Control
Explanation : The most appropriate answer is D
4. Which statement is correct concerning the relevance of various types of
controls to a financial audit?
An auditor may ordinarily ignore a consideration of controls when a substantive
audit approach is taken
Controls over the reliability of financial reporting are ordinarily most directly
relevant to an audit but other controls may also be relevant
Controls over safeguarding of assets and liabilities are of primary importance,
while controls over the reliability of financial reporting may also be relevant
All controls are ordinarily relevant to an audit
Internal Control

5. The ultimate risk against which the auditor requires reasonable protection is a
combination of two separate risks. The first of these is that material errors will
occur in the accounting process by which the Financial Statement are developed,
and the second is that
A company's internal control system is not adequate to detect errors and
irregularities
Those errors that occur will not be detected by the auditor's examination\
Management may possess an attitude that lacks integrity
Evidential matter is not competent enough for the auditor to form an opinion
based on reasonable assurance
6. According to the principles underlying the internal controls, which of the
following is NOT correct?
Internal Controls should reasonably assure that public resources are protected
Internal controls should reasonably assure that public goals are achieved efficiently
and effectively
Internal Controls should reasonably assure that public servants serve the public
with fairness and impartially
Internal controls should be reasonably assure that even an inherently poor
public manager will be made a good one
Explanation :
7. An auditor may compensate for a weak condition in the Internal Control
System by increasing the
Level of detection risk
Extent of tests of controls
Preliminary judgment about audit risk
Extent of analytical procedures
8. Which of the following is TRUE regarding the internal control in an
organization?
No matter how well designed and operated, internal control cannot provide
management absolute assurance regarding the achievement of the general
objectives.
No matter what the cost of an internal control is Audit should see that the control
is implemented in an organization
No matter what are the ethical standards of the management, once well defined
Internal Control
internal controls are in place, Audit can satisfy itself that the organizational goals will
be achieved
No matter how deficient the communication and monitoring methods of
management is in an organization, if other internal controls are working Audit can
assure itself that the organization will meet its objectives
Explanation :
9. If the independent auditors decide that the work performed by the internal
auditor may have bearing on their own procedures, they should consider the
internal auditor's
Competence and objectivity
Efficiency and experience
Independence and review skills
Training and supervisory skills
Explanation : The most appropriate answer is A
10. The foundation for ISSAI was laid in which of the following document?
Audit Declaration 1987
Supreme Audit Declaration 1977
Lima Declaration 1977
French Declaration 1987
Explanation :
11. An entity's ongoing monitoring activities often include
Periodic audits by the audit committee
Reviewing the purchasing function
The audit of the annual financial statements
Control risk assessment in conjunction with quarterly reviews
Explanation : The most appropriate answer is C.
12. When tests of controls reveal that controls are operating as anticipated, it is
most likely that the assessed level of control risk will
Be less than the planned assessed level of control risk
Equal the planned assessed level of control risk
Equal the actual control risk
Be less than the actual control risk
13. The auditor's understanding of the client's Internal Control is documented in
order to substantiate
Internal Control
Conformity of the accounting records with generally accepted accounting

principles
Compliance with generally accepted auditing standards
Adherence to requirements of management
The fairness of the financial statement presentation
14. �Tone at the top� forms part of which of the component of the internal
control?
Risk Assessment
Control Activities
Monitoring
Control Environment
15. Qualify of information refers to which of the following aspects of
information
It requires that information should be appropriate, timely, current, accurate
and accessible
It requires that the information is prepared using computer systems
It requires that the information provided to outside agencies such as Government
are accurate
All of the above
Explanation :
16. Evaluation of Internal Control refers to which of the following activities?
Determine the significance and sensitivity of the risk
Assessing the susceptibility to misuse of resources, failure to attain objectives
regarding ethics, equity, economy, efficiency, effectiveness
Identifying and understanding the relevant controls
All of the above
17. When considering the entity�s Internal Control System to determine
whether the necessary procedures are prescribed and are followed satisfactorily,
an auditor must
Develop questionnaires and checklists
Review the Internal Control System and perform tests of controls
Internal Control
Perform tests of controls and analytical procedures

Evaluate administrative policies
18. Which of the following international document re-emphasises the
independence of supreme audit institutions?
Mexico Declaration 2007
Explanation :
19. To provide the greatest degree of independence in performing internal
auditing functions, an internal auditor should probably report to the
Financial vice-president
Corporate controller.
Board of directors
Corporate stockholders
Explanation : The most appropriate answer is C
20. During the audit, the independent auditor identified the existence of a
reportable condition in the client's system of internal controls and orally
communicated this finding to the client's senior management and audit
committee. The auditor should:
Consider the reportable condition a scope limitation and therefore disclaim an
opinion
Document the matter in the working papers and consider the effects of the
condition on the audit
Suspend all audit activities pending directions from the client's audit committee
Withdraw from the engagement
21. Which of the following procedures most likely would be included as part of an
auditor's tests of controls?
Inspection
Reconciliation
Confirmation
Analytical procedures
Internal Control
22. Which of the following component of internal control is treated as the

foundation for all other components?
Control Activities
Risk Assessment
Control Environment
Information and Communication
Explanation :
23. The Internal Control System normally would include procedures that are
designed to provide reasonable assurance that
Employees act with integrity when performing their assigned task
Transactions are executed in accordance with management's general or
specific authorization
Decision processes leading to management's authorization of transactions are
sound
Collusion activities would be detected by segregation of employee duties
24. The auditor's communication of reportable conditions in internal control is
Required to enable the auditor to state that the examination has been made in
accordance with Accounting Standards
The principal reason for considering the Internal Control System
Incident to the auditor's objective of forming an opinion as to the fair
presentation of the financial statements
Required to be documented in a written report to the board of directors or the
board's audit committee
25. Which of the following statement is NOT Correct?
Internal control is not one event, action or circumstance but a series of actions
Internal control is should be separate from the basic management functions
of planning organizing leading and controlling
Internal control is effected by management and other personnel
Internal control is affected by human nature
Explanation :
26. Which of the following is not a factor included in the control environment?
Integrity and ethical values
Risk assessment
Internal Control
Commitment to competence
Organizational structure
27. The definition of internal control developed by the Committee of Sponsoring
Organizations (COSO) and included in the professional standards includes the
reliability of financial reporting, the effectiveness and efficiency of operations
and
Compliance with applicable laws and regulations
Effectiveness of prevention of fraudulent occurrences
Safeguarding of entity assets
Incorporation of ethical business practice standards
28. Which of the following is NOT a part of an internal control mechanism?
Control Environment
Risk Assessment
Cash flow management
29. The use of fidelity bonds may indemnify a company from embezzlement
losses. The use also
Reduces the company's need to obtain expensive business interruption insurance
Protects employees who make unintentional errors from possible monetary
damages resulting from such errors
Allows the company to substitute the fidelity bonds for various parts of internal
control
Reduces the possibility of employing persons with dubious records in
positions of trust
30. Which of the following will NOT reduce the effectiveness of internal control in
an organization
Human factors such as design flaws, errors of judgment and interpretation,
misunderstanding, carelessness, fatigue, distraction, collusion, abuse etc.
The resource constraints
Management lack of understanding about the need of internal controls
Total computerization of the organizational processes
Internal Control

31. Which of the following would be least likely to suggest to an auditor that the
client's management may have overridden the Internal Control System?
A. There are numerous delays in preparing timely internal financial reports
Management does not correct I/C weaknesses that it knows about

Differences are always disclosed on a computer exception report
There have been two new controllers this year
32. Which of the following is the aim of an internal control mechanism?
Fulfilling accountability obligations
Safeguarding resources against loss, misuse and damage
Complying with applicable laws and regulations
All of the Above
Explanation :
33. Which of the following is intended to detect deviation from prescribed
Accounting procedures?
Substantive test specified by a standardized audit program
Tests of controls designed specifically for the entity
Analytical procedures as designed in the industry audit guide
Computerized analytical tests tailored for the configuration of EDP equipment in
use
34. Which of the following DOES NOT form part of the control environment of an
internal control system?
The personal and professional integrity and ethical values of management and
staff
Human resource policies and practices
The Gross Domestic Product of the Country
Explanation :
35. INTOSAI stand for which of the following?
International Society of Supreme Audit Institutions
International Organisation of Supreme Audit Institutions
Internal Control
Intercontinental Society of Supreme Audit Institutions

Intercontinental Organisation of Supreme Audit Infrastructure
Explanation :
36. Which of the following is TRUE with reference to Information in an
organization?
Organisation should have system for prompt recording and classifying of all
transactions and significant events
Managments decisions are affected by the quality of information
Information systems produce reports that allow management to control the
organizational activities
All of the Above
Explanation :
37. COSO stands for which of the following ?
Control Objectives for Secure Organisation
Committee on Organisational Security and Operations
Committee on Sponsoring Organisation of the Treadway Commission
Control Objectives for Sponsoring Organisations
Explanation :
38. When an auditor considers an entity's internal control, which of the following
is ordinarily a type of control activity that is considered?
Risk assessment over cash disbursements
Segregation of duties
Inclusion of the president as a member of the audit committee
Management's monitoring policies over cash receipts
39. After the auditor has prepared a flowchart of the Internal Control surrounding
sales and evaluated the design of the Internal Control System, the auditor would
perform tests of controls on all internal control procedures
Documented in the flowchart
Considered to be weaknesses that might allow errors to enter the accounting
system
Considered to be strengths that the auditor plans to rely on
That would aid in preventing irregularities
40. A consideration of the Internal Control System made in connection with an
Internal Control
annual audit is usually not sufficient to express an opinion on an entity's internal

control because
Weaknesses in the Internal Control System may go unnoticed during the audit
period
A consideration of the Internal Control System is not necessarily made during an
audit engagement
Only those controls on which an auditor intends to rely are reviewed, tested
and evaluated
Internal controls can change each year
41. Which of the following is not a control that is designed to protect investment
securities?
Custody over securities should be limited to individuals who have record
keeping responsibility over the securities
Securities should be properly controlled physically in order to prevent
unauthorized usage
Access to securities should be vested in more than one individual
Securities should be registered in the name of the owner
42. Which of the following is least likely to be evidence the auditor examines to
determine whether operations are in compliance with the internal control
system?
Records documenting usage of EDP programs
Canceled supporting documents
Confirmations of accounts receivable
Signatures on authorization forms
43. Which of the following activities indicate ͚commitment to competence͛
Personnel gaining the level of knowledge and skill needed to help orderly ethical
economical efficient and effective performance
Personnel gaining the required understanding of individual responsibilities with
respect to internal control
Providing training to personnel on ethical aspects of the organizational objectives
All of the above
Explanation :
44. An auditor is considering the internal control system for purchasing and
Internal Control
disbursement procedures. The auditor will be LEAST influenced by

The availability of a company manual describing purchasing and disbursement
procedures
The scope and results of audit work by the company's internal auditor
The existence within the purchasing and disbursement area of internal control
strengths that offset weaknesses
The strength or weakness of internal control in other areas, e.g., sales and
accounts receivable
45. In the consideration of the Internal control system, the auditor is basically
concerned that the system provides reasonable assurance that:
Management cannot override the system
Operational efficiency has been achieved in accordance with management plans
Errors have been prevented or detected
Controls have not been circumvented by collusion
46. The independent auditor should acquire an understanding of the internal
audit function as it relates to the independent auditor's consideration of the
Internal Control because
The audit program, working papers and reports of internal auditors can often be
used as a substitute for the work of the independent auditor's staff
The procedures performed by the internal audit staff may eliminate the
independent auditor's need for an extensive consideration of the Internal Control
The work performed by internal auditors may be a factor in determining the
nature, timing and extent of the independent auditor's procedures
The understanding of the internal audit function is an important substantive test
to be performed by the independent auditor
47. Which of the following is of primary importance for Internal Audit to be
effective in an organization?
The Internal Audit Wing should be adequately staffed
The Internal Audit Wing should be given the required infrastructure
Internal Audit should be carried out regularly
The independence and objectivity of the Internal Audit wing should be
ensured
Explanation :
Internal Control
48. Which of the following is NOT CORRECT with reference to the term control
activities ?
Control Activities are the policies and procedures established to address risks and
to achieve organizational objectives
Control activities occur throughout the organization at all levels and in all
functions. They include a range of detective and preventive activities
Control activities must be appropriate, function consistently according to plan
throughout the period and be cost effective, comprehensive reasonable and directly
relate to the control objective
Control Activities if implemented effectively would ensure absolute
protection against the perceived risks in the organization
Explanation :
49. Which of the following is NOT a general objective of Internal Control
System?
Accountability and Reporting
Compliance with laws and regulations
Orderly ethical economical efficient and effective operations
Absolute assurance on the achievement of the objectives of an organization
Explanation :
50. Which of the following is NOT a method of responding to a perceived risk
Transfer the Risk
Tolerate the Risk
Treat the Risk
Supplement the risk
Explanation :
Internal Control
Intermediate Level

Transfer the Risk
Tolerate the Risk
Treat the Risk
Supplement the risk
Explanation :
system?
Cancelled supporting documents
Control Environment
Risk Assessment
Explanation :
5. After the auditor has prepared a flowchart of the Internal Control surrounding
sales and evaluated the design of the Internal Control System, the auditor would
perform tests of controls on all internal control procedures
Documented in the flowchart
Considered to be weaknesses that might allow errors to enter the accounting
system
Internal Control
Considered to be strengths that the auditor plans to rely on

That would aid in preventing irregularities
6. ISSAI stands for which of the following with reference to Auditing?
Institute of Secure Standards for Audit Implementation
International Supreme Standards for Audit Implementation
International Standards of Supreme Audit Institutions
Institute of Standards of Supreme Audit Institutions
Explanation :
7. Which of the following is a type of risk?
Inherent Risk
Control Risk
Detection Risk
All of the above
Explanation :
8. Which of the following statement is TRUE regarding the process of risk
assessment
Risk Assessment and Internal Control are two independent processes
Risk Assessment is a one-time process which shall be taken up at the time of
setting organizational objectives
Risk Assessment is the process of determining the amount of insurance premium
to be paid for safeguarding organizational assets
Risk assessment is the process of identifying and analysing relevant risks to
the achievement of the entity’s objectives and determining the appropriate
response
Explanation :
9. The controls in an information technology environment are generally classified
as
General Controls and Application controls
System Controls and software Controls
Hardware controls and Software Controls
Software Controls and Human Resource Controls
Explanation :
10. If the independent auditors decide that the work performed by the internal
auditor may have bearing on their own procedures, they should consider the
Internal Control
internal auditor's
Competence and objectivity
Efficiency and experience
Independence and review skills
Training and supervisory skills
11. To provide the greatest degree of independence in performing internal
auditing functions, an internal auditor should probably report to the
Financial vice-president
Corporate controller.
Board of directors
Corporate stockholders
securities?
unauthorized usage
organization?
objectives.
be achieved
Explanation :
Internal Control

Control Activities
Risk Assessment
Control Environment
Explanation :
Risk assessment
organization?
All of the Above
Explanation :
Explanation :
Internal Control
19. An auditor is considering the internal control system for purchasing and
disbursement procedures. The auditor will be LEAST influenced by
The availability of a company manual describing purchasing and disbursement
procedures
The scope and results of audit work by the company's internal auditor
The existence within the purchasing and disbursement area of internal control
strengths that offset weaknesses
The strength or weakness of internal control in other areas, e.g., sales and
accounts receivable
20. Which statement is correct concerning the definition of internal control
developed by the Committee of Sponsoring Organizations (COSO)?
Its applicability is largely limited to internal auditing applications
It is recognized in the Statement on Auditing Standards
It emphasizes the effectiveness and efficiency of operations rather than the
reliability of financial reporting
It suggests that it is important to view internal control as an end product as
contrasted to a process or means to obtain an end
Explanation : The most appropriate answer is B.
staff
Explanation :
23. Qualify of information refers to which of the following aspects of
information
Internal Control
It requires that information should be appropriate, timely, current, accurate

and accessible
It requires that the information is prepared using computer systems
It requires that the information provided to outside agencies such as Government
are accurate
All of the above
Explanation :
24. Which of the following best describes the primary reason for the auditor's use
of flowcharts during an audit engagement?
To comply with the requirements of Accounting Standards
To interpret the operational effectiveness of the client's existing organizational
structure
To classify the client's documents and transactions by major operating functions
e.g., cash receipts, cash disbursements, etc
To record the auditor's understanding of the client's Internal Control
25. ͚Tone at the top͛ forms part of which of the component of the internal
control?
Risk Assessment
Control Activities
Monitoring
Control Environment
Explanation :
and effectively
Explanation :
27. Which of the following is the LEAST important class of control activity
normally adopted in an organization from the internal control point of view?
Authorizations and approval procedures
Internal Control
Segregation of Duties
Access control over resources and records
Incentives for staff operations
Explanation :
28. The ultimate risk against which the auditor requires reasonable protection is a
combination of two separate risks. The first of these is that material errors will
occur in the accounting process by which the Financial Statement are developed,
and the second is that
A company's internal control system is not adequate to detect errors and
irregularities
Those errors that occur will not be detected by the auditor's examination\
Management may possess an attitude that lacks integrity
Evidential matter is not competent enough for the auditor to form an opinion
based on reasonable assurance
29. While obtaining an understanding of a client's risk assessment policies, an
auditor does not ordinarily include how management
Identifies risk
Eliminates significant risks
Assesses the likelihood of occurrence of events due to significant risks
Relates risk assessment to financial reporting
30. After considering the client's internal controls, an auditor has concluded that
Internal Control is well designed and is functioning as intended. Under these
circumstances, the auditor would most likely:
Perform tests of controls to the extent outlined in the audit program
Determine the control procedures that should prevent or detect errors and
irregularities
Not increase the extent of predetermined substantive tests
Determine whether transactions are recorded to permit preparation of Financial
Statement in conformity with GAAP
Internal Control

All of the above
Explanation :
33. Which of the following is NOT CORRECT with reference to the term control
activities ?
Control Activities are the policies and procedures established to address risks and
to achieve organizational objectives
Control activities occur throughout the organization at all levels and in all
functions. They include a range of detective and preventive activities
Control activities must be appropriate, function consistently according to plan
throughout the period and be cost effective, comprehensive reasonable and directly
relate to the control objective
Control Activities if implemented effectively would ensure absolute
protection against the perceived risks in the organization
Explanation :
34. When an independent auditor decides that the work performed by internal
auditors may have a bearing on the nature, extent and timing of the independent
auditor's procedures, the independent auditor should evaluate the competence
and objectivity of the internal auditors. Relative to objectivity, the independent
auditor should
Consider the organizational level to which internal auditors report the
results of their work
Review the training program in effect for the internal auditors.
Examine the quality of the internal audit reports
Consider the qualifications of the internal audit staff
Explanation : The most appropriate answer is A.
Internal Control

Inspection
Reconciliation
Confirmation

Internal Control

Control Environment
Risk Assessment
control?
Risk Assessment
Control Activities
Monitoring
Control Environment
43. Proper segregation of functional responsibilities calls for separation of the
Authorization, approval and execution functions
Authorization, execution and payment functions
Receiving, shipping and custodial functions
Authorization, recording and custodial functions
44. Which of the following international document re-emphasises the
independence of supreme audit institutions?
Internal Control

Mexico Declaration 2007
Explanation :
45. Which of the following is NOT a general objective of Internal Control
System?
Accountability and Reporting
Compliance with laws and regulations
Orderly ethical economical efficient and effective operations
Absolute assurance on the achievement of the objectives of an organization
Explanation :
46. Which of the following categories of people hold highest responsibility for
design and implementing the internal controls of an organization?
Top management
Staff Members
External Parties
All of the Above
Explanation :
47. Which of the following is NOT a control activity?
Reconciliations
Verifications
reviews of operations
Accountability
Explanation :
control because
period
audit engagement
and evaluated
Internal Control

49. Which of the following is an example of control objective? i. To ensure that
invoices are paid only for goods or services which have been received ii. To make
sure that make sure that only accredited staff and visitors are permitted to enter
the building iii. To ensure that payments are made only to the valid employees of
the organization iv. To ensure that cash in hand is protected from theft or other
loss
None of the Above
All of the Above
Only i and ii
Only iii and iv
Explanation :
50. Which of the following is not ordinarily considered a factor indicative of
increased financial reporting risk when an auditor is considering a client's risk
assessment policies?
Commissioned sales personnel
Implementation of a new information system
Rapid growth organization
Corporate restructuring
Internal Control
Expert Level
1. Which of the following is intended to detect deviation from prescribed

Accounting procedures?
Substantive test specified by a standardized audit program
Tests of controls designed specifically for the entity
Analytical procedures as designed in the industry audit guide
Computerized analytical tests tailored for the configuration of EDP equipment in
use
Personnel gaining the level of knowledge and skill needed to help orderly
ethical economical efficient and effective performance
All of the above
Explanation :
organization?
objectives.
be achieved
Internal Control

Explanation :
5. The independent auditor should acquire an understanding of a client's internal
audit function to determine whether the work of internal auditors will be a factor
in determining the nature, timing and extent of the independent auditor's
procedures. The work performed by internal auditors might be such a factor when
the work includes:
Verification of the mathematical accuracy of invoices
Review of administrative practices to improve efficiency and achieve management
objectives
Consideration of the internal control structure
Preparation of internal financial reports for management purposes
system?
Cancelled supporting documents
7. Which of the following statement is TRUE regarding the process of risk
assessment
Risk Assessment and Internal Control are two independent processes
Risk Assessment is a one-time process which shall be taken up at the time of
setting organizational objectives
Risk Assessment is the process of determining the amount of insurance premium
to be paid for safeguarding organizational assets
Risk assessment is the process of identifying and analysing relevant risks to
the achievement of the entity’s objectives and determining the appropriate
response
Explanation :
Internal Control
staff
Explanation :
9. After considering the client's internal controls, an auditor has concluded that
Internal Control is well designed and is functioning as intended. Under these
circumstances, the auditor would most likely:
Perform tests of controls to the extent outlined in the audit program
Determine the control procedures that should prevent or detect errors and
irregularities
Not increase the extent of predetermined substantive tests
Determine whether transactions are recorded to permit preparation of Financial
Statement in conformity with GAAP
10. ͚Tone at the top͛ forms part of which of the component of the internal
control?
Risk Assessment
Control Activities
Monitoring
Control Environment
Explanation :
11. Which of the following is the LEAST important class of control activity
normally adopted in an organization from the internal control point of view?
Authorizations and approval procedures
Segregation of Duties
Access control over resources and records
Incentives for staff operations
Explanation :
12. Which statement is correct concerning the definition of internal control
developed by the Committee of Sponsoring Organizations (COSO)?
Its applicability is largely limited to internal auditing applications
It is recognized in the Statement on Auditing Standards
It emphasizes the effectiveness and efficiency of operations rather than the
reliability of financial reporting
Internal Control
It suggests that it is important to view internal control as an end product as

contrasted to a process or means to obtain an end
Explanation : The most appropriate answer is B.
13. Which of the following is a type of risk?
Inherent Risk
Control Risk
Detection Risk
All of the above
Explanation :

16. The auditor's understanding of the client's Internal Control is documented in
order to substantiate
Conformity of the accounting records with generally accepted accounting
principles
Compliance with generally accepted auditing standards
Adherence to requirements of management
The fairness of the financial statement presentation
17. ASOSAI stands for which of the following?
Asian Society of Supreme Audit Institutions
Internal Control
Asian Organisation of Supreme Audit Institutions

Association of Supreme Audit Institutions
Association of Organisations of Supreme Audit Institutions
Explanation :
19. Which of the following is an example of control objective? i. To ensure that
invoices are paid only for goods or services which have been received ii. To make
sure that make sure that only accredited staff and visitors are permitted to enter
the building iii. To ensure that payments are made only to the valid employees of
the organization iv. To ensure that cash in hand is protected from theft or other
loss
None of the Above
All of the Above
Only i and ii
Only iii and iv
Explanation :
20. The Internal Control System normally would include procedures that are
designed to provide reasonable assurance that
Employees act with integrity when performing their assigned task
Transactions are executed in accordance with management's general or
specific authorization
Decision processes leading to management's authorization of transactions are
sound
Collusion activities would be detected by segregation of employee duties
Inspection
Reconciliation
Internal Control
Confirmation
Explanation :
24. Evaluation of Internal Control refers to which of the following activities?
Determine the significance and sensitivity of the risk
Assessing the susceptibility to misuse of resources, failure to attain objectives
regarding ethics, equity, economy, efficiency, effectiveness
Identifying and understanding the relevant controls
All of the above
Transfer the Risk
Tolerate the Risk
Treat the Risk
Supplement the risk
Explanation :
control?
Risk Assessment
Control Activities
Internal Control
Monitoring
Control Environment
27. Monitoring is considered
A component of internal control
An element of the control environment
The primary asset safeguarding technique
A portion of information and communication
securities?
unauthorized usage
Control Environment
Risk Assessment
31. During the audit, the independent auditor identified the existence of a
Internal Control
reportable condition in the client's system of internal controls and orally

communicated this finding to the client's senior management and audit
committee. The auditor should:
Consider the reportable condition a scope limitation and therefore disclaim an
opinion
Document the matter in the working papers and consider the effects of the
condition on the audit
Suspend all audit activities pending directions from the client's audit committee
Withdraw from the engagement
Control Activities
Risk Assessment
Control Environment
Explanation :
34. In general, material irregularities perpetrated by which of the following are
most difficult to detect?
Cashier
Key-punch operator
Internal auditor
Controller
Internal Control

36. The definition of internal control developed by the Committee of Sponsoring
Organizations (COSO) and included in the professional standards includes the
reliability of financial reporting, the effectiveness and efficiency of operations
and
Compliance with applicable laws and regulations
Effectiveness of prevention of fraudulent occurrences
Safeguarding of entity assets
Incorporation of ethical business practice standards
organization?
All of the Above
Explanation :
38. The independent auditor should acquire an understanding of the internal
audit function as it relates to the independent auditor's consideration of the
Internal Control because
The audit program, working papers and reports of internal auditors can often be
used as a substitute for the work of the independent auditor's staff
The procedures performed by the internal audit staff may eliminate the
independent auditor's need for an extensive consideration of the Internal Control
The work performed by internal auditors may be a factor in determining the
nature, timing and extent of the independent auditor's procedures
The understanding of the internal audit function is an important substantive test
to be performed by the independent auditor
39. Which of the following is of primary importance for Internal Audit to be
effective in an organization?
Internal Control
The Internal Audit Wing should be adequately staffed

The Internal Audit Wing should be given the required infrastructure
Internal Audit should be carried out regularly
The independence and objectivity of the Internal Audit wing should be
ensured
Explanation :
41. ISSAI stands for which of the following with reference to Auditing?
Institute of Secure Standards for Audit Implementation
International Supreme Standards for Audit Implementation
International Standards of Supreme Audit Institutions
Institute of Standards of Supreme Audit Institutions
Explanation :
Risk assessment
control because
period
audit engagement
and evaluated
Internal Control

44. The Headquarters of the INTOSAI general secretariat is located in which of the
following countries
Vienna, Austria
Lima, Peru
London, United Kingdom
Seol, South Korea
Explanation :
45. Which of the following is not ordinarily considered a factor indicative of
increased financial reporting risk when an auditor is considering a client's risk
assessment policies?
Commissioned sales personnel
Implementation of a new information system
Rapid growth organization
Corporate restructuring
46. While obtaining an understanding of a client's risk assessment policies, an
auditor does not ordinarily include how management
Identifies risk
Eliminates significant risks
Assesses the likelihood of occurrence of events due to significant risks
Relates risk assessment to financial reporting
47. Which of the following activities indicate �commitment to competence�
All of the Above
48. Which of the following is NOT a control activity?
Reconciliations
Internal Control
Verifications
reviews of operations
Accountability
Explanation :
and effectively
Explanation :
50. The controls in an information technology environment are generally
classified as
General Controls and Application controls
System Controls and software Controls
Hardware controls and Software Controls
Software Controls and Human Resource Controls
Explanation :

Internal Control

Uploaded by

Internal Control

Uploaded by

Internal Control

1. If, during the course of an annual audit of a publicly held manufacturing

Explanation : The most appropriate answer is B

Conformity of the accounting records with generally accepted accounting

Perform tests of controls and analytical procedures

22. Which of the following component of internal control is treated as the

Explanation : The most appropriate answer is D

Management does not correct I/C weaknesses that it knows about

Intercontinental Society of Supreme Audit Institutions

annual audit is usually not sufficient to express an opinion on an entity's internal

disbursement procedures. The auditor will be LEAST influenced by

1. In the consideration of the Internal control system, the auditor is basically

Considered to be strengths that the auditor plans to rely on

14. Which of the following component of internal control is treated as the

It requires that information should be appropriate, timely, current, accurate

Extent of tests of controls

An auditor may ordinarily ignore a consideration of controls when a substantive

Management does not correct I/C weaknesses that it knows about

The principal reason for considering the Internal Control System

Supreme Audit Declaration 1977

Internal controls can change each year

1. Which of the following is intended to detect deviation from prescribed

No matter how deficient the communication and monitoring methods of

It suggests that it is important to view internal control as an end product as

Management does not correct I/C weaknesses that it knows about

Asian Organisation of Supreme Audit Institutions

reportable condition in the client's system of internal controls and orally

Incident to the auditor's objective of forming an opinion as to the fair

The Internal Audit Wing should be adequately staffed

Internal controls can change each year

You might also like