Ethics, Fraud, and Internal Control

Questions and Answers

What is a primary responsibility of the board of directors regarding ethical standards?

To establish a code of ethical standards (correct)

To engage suppliers

To ensure stock prices are maximized

To monitor employee attendance

Why should the roles of CEO and chairman be separate?

To simplify financial reporting

To increase stock buyback potential

To allow for better marketing strategies

To facilitate independent discussions during executive sessions (correct)

What role does the audit committee play according to best practices?

To select and engage an independent auditor (correct)

To approve all management decisions

To ensure the company complies with marketing regulations

To oversee daily operational tasks

What is a potential consequence of excessive use of short-term stock options for executive compensation?

Influence on stock prices at the expense of long-term health

What is a crucial requirement for the nominating committee of the board of directors?

To plan for a fully staffed board with independent directors

What should a code of ethics minimally address according to best practices?

Conflicts of interest and acceptance of gifts

What is the main purpose of executive sessions in a board of directors' meetings?

To allow directors to discuss issues without management

How should a compensation committee operate according to established best practices?

By carefully evaluating compensation schemes for desired incentives

What is the primary purpose of detective controls?

To identify and expose errors that escape preventive controls

How do detective controls work?

By recalculating and comparing actual occurrences to pre-established standards

Which statement describes corrective controls?

These controls are actions taken to reverse the effects of detected errors

What would be an example of a detective control in a sales order process?

Recalculating the total value of an order before posting

What differentiates detective controls from corrective controls?

Detective controls highlight anomalies, whereas corrective controls fix problems

Which of the following is NOT a function of detective controls?

Generating reports of transactions for managers

In what scenario would corrective controls be needed?

After an error has already been detected by a detective control

What would be a potential drawback of relying solely on preventive controls?

They may not address errors that have already occurred

What is the purpose of embedded computer modules in an information system?

To allow ongoing monitoring of internal controls

What do management reports primarily provide for managers?

Evidence of internal control functions or malfunctions

Control activities are designed to address which aspect of organizational risk?

Dealing with identified risks

What is the distinction between general controls and application controls in IT?

General controls are entity-wide, while application controls are specific to individual systems.

What are physical controls in accounting systems primarily concerned with?

Human activities involving asset management

Which type of control ensures the integrity of systems like accounts payable and payroll?

Application controls

What is a key characteristic of effective management reports?

They identify trends and exceptions in performance.

Which factor is NOT typically addressed by general IT controls?

Specific application performance

What is one primary purpose of access controls?

To safeguard assets against unauthorized access

What type of access is gained through records that manage asset use?

Indirect access

Which of the following best illustrates an example of indirect access control?

Controlling the access to accounting records

How does independent verification differ from supervision?

Independent verification occurs independently of transactions, while supervision is direct.

What can independent verification procedures help management assess?

The integrity of the transaction processing system

What is the primary goal of transaction authorization?

To ensure all transactions align with management's objectives

When can verification procedures happen in relation to transactions?

After the transactions have occurred

Which of the following is NOT an example of independent verification?

Direct supervision during a task

Which type of authorization allows operations personnel to perform daily tasks without additional approvals?

General authorization

The timing of verification in an accounting system can vary based on what factor?

The technology employed in the accounting system

What characterizes programmed procedures in transaction authorization?

Rules are predetermined and no additional approvals are needed

What is an example of specific authorization?

Deciding to extend a customer's credit limit on a case-by-case basis

Which of the following is NOT a category of physical control activities mentioned?

Physical inventory counts

Why is segregation of duties important in control activities?

It prevents conflict of interest and fraud

What role does independent verification play in physical control activities?

It confirms the accuracy of transactions after they have been processed

How does access control contribute to physical control activities?

It restricts access to sensitive information to authorized personnel

Study Notes

Internal Control Framework

• Control mechanisms are categorized into three types: preventive, detective, and corrective controls.
• Preventive Controls aim to prevent undesirable events before they occur.
• Detective Controls identify errors or irregularities after they have occurred, functioning as the second line of defense.
• Detective controls involve techniques that compare actual occurrences against standards to detect deviations.

Detective Controls

• Designed to identify anomalies that elude preventive measures.
• Activate alarms or alerts when discrepancies arise.
• Example: Recalculating totals on sales orders to reveal data entry errors.

Corrective Controls

• Actions taken to rectify issues identified by detective controls.
• Important distinction: detective controls highlight issues, while corrective controls fix them.

Ethical Standards and Governance

• Boards should separate the roles of CEO and chairman to enhance independence.
• Establish a code of ethics covering conflicts of interest, falsification of data, and confidentiality issues.
• Independent audit committee is crucial for engaging auditors, reviewing reports, and addressing deficiencies.

Compensation Committees

• Must critically evaluate compensation structures to avoid conflicts of interest and ensure long-term health of the organization.

Ongoing Monitoring

• Continuous monitoring can incorporate special computer modules within information systems to facilitate real-time oversight.
• Management reports provide timely data for operational oversight and control.

Control Activities

• Policies and procedures aimed at mitigating identified organizational risks.
• Two main categories: Information Technology (IT) controls and physical controls.

IT Controls

• General Controls relate to entity-wide IT concerns (data security, systems maintenance).
• Application Controls focus on specific systems (e.g., sales order processing, payroll).

Physical Controls

• Involves human activities that trigger transactions or utilize task outcomes.
• Covers security measures surrounding assets, manual processes, and accounting frameworks.

Segregation of Duties

• Ensures that responsibilities are divided to minimize risk of error or fraud.
• Transaction authorization ensures legitimacy of processed transactions.

Authorization Types

• General Authorization allows routine operations without extra approvals (e.g., inventory reorder decisions).
• Specific Authorization requires management approval for nonroutine transactions (e.g., credit limit adjustments).

Access Controls

• Protects against unauthorized asset access, which can lead to theft or data manipulation.
• Physical security and document control help prevent unauthorized access.

Independent Verification

• Involves checks by individuals not directly involved in transactions to ensure accuracy and integrity.
• Helps assess individual performance and reliability of data through reconciliation and review processes.

Description

This quiz explores ethics, fraud, and the significance of internal control within organizations. It covers various aspects such as preventive, detective, and corrective controls aimed at mitigating undesirable events. Test your knowledge on the principles and practices that contribute to effective organizational governance.