All questions are mandatory.

Compliance
Q1: What are the objectives of forming a compliance department in a company?*
 A: To comply with the internal policies of the company
 B: To Ensure that internal controls are present to adequately measure and manage the
risks.
 C: To identify compliance requirements setup by the government
Q2: What is the primary goal of compliance management?*
 A: Maximizing profits for the organization
 B: Minimizing risks associated with non-compliance
 C: Increasing customer satisfaction
 D: Enhancing employee engagement and morale
Q3: What is the primary role of a compliance officer within an organization?*
 A: Maximizing profits and revenue
 B: Enforcing disciplinary actions against employees
 C: Ensuring adherence to laws, regulations, and internal policies
Q4: What are the responsibilities of the business departments in context of compliance
management?*
 A: Risk identification and Assessment
 B: Formulate and improve the policy and process
 C: Both of the above
Q5: Which department is responsible for executing accountability decisions for violators as
per regulations?*
 A: Regulatory
 B: Human Resource
 C: Legal
Q6: Who is the first line of defence in managing operational and compliance risks?*
 A: EMT / Board of Directors
 B: Each Department & its employee are responsible for managing its risks
 C: Fraud Management / Internal Audit / Specialized Risk departments

Code of Conduct
Q7: What is in accordance to CMPak policy regarding receipt of gifts from suppliers.*
 A: Only Non-monetary gifts are acceptable
 B: Only low value gifts are acceptable
 C: No gifts should be accepted from vendor
Q8: What is meant by the term conflict of interest?*
 A: Whereby an individual’s personal interest could compromise his professional
judgments or decisions
 B: When areas of personal interests of two employees working in the same department
differ sharply
  C: When there is a conflict between management over a business decision
Q9: Which of the following are not permissible under the CMPak code of conduct?*
1. Knowingly concealing a personal or business relations that are doing business with CMPak
2. Employed part or full-time during working hours for entities other than CMPak
3. Restricting access to company’s information only to the relevant stakeholders
4. Sharing Salary details within and outside the organization
 A: 1, 2 & 3 only
 B: 1,2 & 4 only
 C: All of the above
Q10: You have been offered a hefty bribe in return for a business favor by a vendor, which
you have rejected. Do you still need to report the incident to the Internal audit according to
the code of conduct?*
 A: No, because the offer has been rejected. Moreover, maintaining a friendly relation
with our business partners is equally important according to the code of conduct
 B: Yes, no matter the offer has been rejected, the incident shall still be reported to the
internal audit whatsoever.
Q11: According to the code of conduct which information can be exchanged internally
between departments?*
 A: All sorts of information can be shared internally between the departments
 B: Sensitive Information must only be shared with relevant business departments and
individuals
 C: All sensitive information must remain within the department and must not be shared
Q12: When does a CMPak employee has to sign a code of conduct declaration, disclosing
his/her relations that are working or doing business with CMPak?*
 A: At the time of joining
 B: Whenever an update is necessary due to change in status
 C: Both at the time of joining and whenever an update is necessary due to change in
status
Q13: You are working at CMPak for the past few years; your brother has just joined the
company as an employee in another department. What does the code of conduct direct in this
scenario?*
 A: Congratulate him on assuming this position, and resign from the company
 B: Ask him to resign, as you are already working here
 C: Inform the management and HR about the change in the status of Code of Conduct
Declaration.

Embedded Integrity
Q14. If mitigation of a highly probable risk costs more than the damage it will induce, what
should be the best risk management strategy?*
 A: Manage risk
 B: Accept Risk
 C: Avoid Risk
Q15. You are a manager of payables department and are on annual leaves, can you share
password of the approval module with your immediate subordinate, to approve the payments
in your absence?*
 A: Yes, to avoid delays in payments password can be shared
  B: No, password cannot be shared , the approval hierarchy in the system will temporarily
be adjusted to delegate the authority

Three Important & One Big Fund- 3I1BF

Q16: Which of the following are key principles of 3I1BF decision making?*
1. Collective decision making
2. Scientific decision making
3. Democratic decision making
4. Autocratic decision making
 A: 1 & 3
 B: 1, 2 & 3
 C: All of the above
Q17: In accordance to the 3I1BF policy what does principle of scientific decision making
implicate?*
 A: Need to deploy team of technical experts for the specialized tasks
 B: Need for feasibility study, investigation and survey before the decision making
 C: Use of latest scientific gadgets to solve business problems

Whistle Blowing
Q18: Which of the following laws defines what constitutes corruption & corrupt practices in
greater detail, with application to general public at large?*
 A: Prevention of Corruption Act 1947, Clause 5
 B: National Accountability Ordinance 1999, Section 9, Clause (a)
 C: Prevention of Corruption Act 1945, Clause 5
Q19. Whistle blower can choose to be anonymous?*
 A: True
 B: False
Q20. What are appropriate channels for Whistle blowing?*
 A: Email at Compliance@zong.com.pk
 B: Email at internal.audit@zong.com.pk
 C: Verbally inform member of the investigation team
 D: All of the above