40 Questions
It is critical that management act unclearly and inconsistently in the promotion of proper conduct.
False
Examples of unethical behavior include undue emphasis on bottom-line performance and high-pressure sales tactics.
True
Ruthless negotiations and disclosure of the true features of products and services to customers are always acceptable practices.
False
Kickbacks or bribes are acceptable business practices.
False
The anti-bribery law only applies within a country's borders.
False
Management's primary goal should be to maximize profits, regardless of the cost.
False
Sales practices should focus on extracting funds from customers at any cost.
False
The anti-bribery law has only one key element.
False
COSO's primary goal is to improve the quality of financial reporting through a focus on fraud deterrence.
False
The Control Environment is a component of the COSO framework that deals with the monitoring of internal control activities.
False
COSO's framework only applies to reporting objectives.
False
The COSO framework emphasizes the importance of ethical practices in the workplace.
True
The Control Environment is a critical component of the COSO framework because it sets the tone for the organization's ethical culture.
True
COSO's framework is only applicable to large corporations.
False
COSO's framework consists of five components, including Control Environment and Monitoring Activities.
True
Acting ethically can result in financial benefits for an organization.
True
According to the control framework, management should communicate clearly and consistently to set expectations for employees.
True
Having a code of conduct is not necessary for a company.
False
Employees should only receive training on the code of ethics and conduct upon initial hire.
False
Management's behavior has no impact on employees' behavior.
False
Record keeping is not necessary to verify that illicit payments were not made.
False
Control frameworks do not include risk assessment.
False
New employees do not need to sign-off on the code of ethics and conduct upon hire.
False
Training on the code of ethics and conduct is only necessary for new employees.
False
The control framework consists of the management practices that ensure accuracy and transparency in all transactions.
False
The principles underlying the control environment include a commitment to integrity and ethical values.
True
The board of directors is only responsible for overseeing the development of internal control.
False
Reconciliations can be considered complete even if the figures are forced to tie through the use of 'plugs'.
False
The audit committee of the board should not be independent from management.
False
Control activities include reviewing and approving transactions.
True
The control environment includes the monitoring of internal control.
True
The organization's commitment to integrity and ethical values is demonstrated through punishing unethical behavior.
False
The company's risk assessment methodology is a key area of interest in the information and communication control category.
True
The control environment includes policies that address significant business control and risk management practices.
True
The extent of controls over centralized processing is not a key area of interest in the monitoring control category.
False
The whistle-blower hotline is not a key area of interest in the risk assessment control category.
False
The internal audit function is not a key area of interest in the control environment category.
False
The tone set by the board of directors is not a key area of interest in the information and communication control category.
False
The company's disclosure committee is not a key area of interest in the control activities category.
False
The IT environment is not a key area of interest in the control environment category.
False
Study Notes
Control Frameworks
- COSO's goal is to improve financial reporting quality by focusing on corporate governance, ethical practices, and internal control
- COSO states that an entity can achieve effective internal control by applying all principles, which apply to operations, reporting, and compliance objectives
Control Environment
- Refers to the workplace environment characterized by the organization's structure, leadership, openness, management's operating style, and code of ethics and values
- Management's behavior and actions should promote proper conduct, ethical practices, and cooperation
- Examples of unethical behavior to watch out for:
- Undue emphasis on bottom-line performance
- High-pressure sales tactics
- Kickbacks or bribes
Communication, Consistency, and Belief in the Message
- Management should communicate clearly, consistently, and often what is allowed and what is not
- Clear expectations will be more likely followed if management "walks the talk" and demonstrates their beliefs through actions
- Importance of having a code of ethics, code of conduct, and conflict of interest statement
- New employees should receive these documents upon hire and sign-off, and training should be required to ensure employees understand the documents
Form over Substance
- Management practices that appear to follow essential activities but do not actually perform them
- Examples include signatures that suggest transaction review and approval without actual review, and reconciliations that are not mathematically correct
Principles Underlying the Control Environment
- The organization should demonstrate a commitment to integrity and ethical values through actions and rewarding ethical behavior
- The board of directors should demonstrate independence from management and exercise oversight of internal control development and performance
- Key responsibilities of the board include setting expectations for management, authorizing investments, and looking out for the company's owners' interests
Entity Level Controls
- Typical areas of interest include:
- Policies addressing significant business control and risk management practices
- Extent and quality of policies and procedures related to governance, operations, risk management, control, and compliance
- Hiring and retention practices
- Fraud prevention and detection controls
- Competence and scope of internal audit function
- Effectiveness of whistle-blower hotline and adherence to code of conduct
Learn about the COSO Frameworks, including Internal Control Framework (ICF) and Enterprise Risk Management (ERM), and their role in improving financial reporting quality.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
