Final Examination in Governance, Business

Ethics, Risk Management, and Internal

Control
Part 1. This part aims to determine your appreciation of the basic, fundamental, and
elementary principles of Governance, Business Ethics, Risk Management, and Internal
Control.
1. The relationship between required sample size and the risk of incorrect
acceptance is

Inverse
Variable
Indeterminate
Direct

2. The sample deviation rate equals

the number of exceptions in the sample divided by the sample size.

the number of items in the population multiplied by the number of exceptions in the sample.
the number of exceptions in the population divided by the population size.
the number of exceptions in the population divided by the sample size.

3. Risk assessment is a process that involves identifying the risks and

vulnerabilities that an organization is exposed to in order to identify events that
may occur and affect the entity negatively. How is a particular risk assessed or
measured?

By the amount of a loss, if a loss does occur

By the amount of the expected loss
By the loss frequency and the loss severity
By the probability of a loss occurring

4. Which of the following statements best explains the “comply or explain” principle?

A corporation that complies with the recommendations of the SEC Code of Corporate Governance
will explain how it is able to comply for the benefit of other corporations
A corporation that fails to comply with the Code of Corporate Governance will disclose in the notes
to financial statements such non-compliance
A corporation that refuses to implement a particular recommendation by the SEC Code of
Corporate Governance will explain the reason for such refusal
A corporation that fails to comply with the Code of Corporate Governance will explain the reason
for non-compliance
 5. In the summarized set of viewpoints of internationally accepted principles of
corporate governance espoused by The Institute of Internal Auditors, the board
of directors should act in the best interest of

customers and employees

board of directors and management
company and shareholders
external and internal stakeholders

6. Which of the following is not a risk specific to IT environments?

Increased human involvement.

Reduced segregation of duties.
Reliance on the functioning capabilities of hardware and software.
Loss of data due to insufficient backup.

7. An adequate system of internal controls is most likely to detect a fraud

perpetrated by

One employee
Two managers
One manager
Two employees

8. Risk is a by-product of

Expectation
Control
Governance
Profit

9. The internal auditing department’s responsibility for deterring fraud is to

Establish an effective internal control system.

Exercise operating authority over fraud prevention activities.
Examine and evaluate the system of internal control.
Maintain internal control.

10. An auditor selected items for test counts while observing a client’s physical
inventory. The auditor then traced the test counts to the client’s inventory listing.
This procedure most likely obtained evidence concerning

Valuation and allocation

Completeness
Existence
Rights and obligations

11. Which statement is incorrect regarding Inspection as an audit procedure?

Inspection of individual inventory items ordinarily accompanies the observation of inventory
counting.
Inspection of tangible assets may provide reliable audit evidence with respect to their existence
and about the entity’s rights and obligations on the assets.
Inspection consists of examining records or documents or physical examination of assets.
Some documents represent direct audit evidence of the existence of an asset.

12. Internal Control is better effected by

Manual of internal control

Policies and procedures
Corporate governance manual
Individual employee

13. An advantage of statistical over non-statistical sampling methods in tests of

controls is that statistical methods

Provide a mathematical measurement of materiality

Eliminate the need to use judgement in determining appropriate sample sizes
Afford greater assurance than a non-statistical sample of equal size
Provide an objective basis for quantitatively evaluating sampling risks

14. Which of the following is not a principle on corporate governance adopted by

SEC under board’s governance responsibilities?

Establishing a competent board

Reinforcing board dependence
Strengthening board ethics
Fostering commitment

15. This refers to any individual, organization or society at large who can either affect
and/or be affected by the company’s strategies, policies, business decisions and
operations, in general.

Customers
Stakeholders
Owners
Stockholders

16. Which of the following carries the least environmental, health, and safety risk?

A malfunction at a nuclear plant that causes a blackout and results in a loss of public confidence.
A skyscraper construction site that has had several mishaps, including injuries and death.
A hydroelectric power plant that is located several miles from a small town.
A chemical plant that disposes of waste in a nearby river.

17. In order for ERM to be successful, it must begin from

the top
the inside
bottom to top
east to west

18. Which of the following statements is true regarding effective internal control?

Is unaffected by changing circumstances and conditions encountered by the organization

Reduces the need for management to review exception reports on a day-to-day basis
Cannot be circumvented by management
Eliminates risk and potential loss to the organization.

19. Which of the following best describes the mission of internal auditing?

To increase net income

To eliminate fraud
To enhance value of the financial information
To achieve objectives of the organization

20. Which of the following is not true concerning corporations?

Directors owe a fiduciary duty to the corporation.

Officers owe a fiduciary duty to the corporation.
Directors who act in good faith may use the business judgment rule as a defense.
All shareholders owe a fiduciary duty to the corporation.

21. Which department should be authorized to add and delete employees from the
payroll or change pay rates and deductions?

The internal audit department

The accounting department
The human resource department
The office of the President

22. “Error” includes

An incorrect accounting estimate arising from oversight or misinterpretation of facts.

Concealing, or not disclosing, facts that could affect the amounts recorded in the financial
statements.
Engaging in complex transactions that are structured to misrepresent the financial position or
financial performance of the entity.
Intentional misapplication of accounting policies relating to amounts, classification, manner of
presentation, or disclosure.

23. Internal control cannot provide absolute assurance because of certain limitations.
Which of the following is not a limitation to internal control?
Unwillingness of employee to follow internal control procedures
Business context that affects the organizations risk profile
Suitability of objectives established as a precondition to internal control
Ability of management to override internal control

24. In this time of pandemic, which of the following is not a prospective benefit to the
organization of implementing a telecommuting program?

greater connectivity and collaboration among employees

higher productivity of telecommuting workers
lower operating costs
more satisfied workers

25. Ethical reasoning is required in business for the following reasons except

Ethical reasoning is required by law and regulations

Some laws do not cover gray areas
Regulations do not address complex issues
Moral problems should consider the interests of all stakeholders

26. Which of the following is the best way for internal audit activity to achieve
independence?

Adopt policies for the functioning of the internal audit activity

Develop written policies and procedures to serve as standards of performance for the internal audit
activity
Establish an audit committee within the board
Have the internal audit charter approved by the board

27. Which of the following best illustrates risk?

COVID-19 Virus
Slippery floor at 5th floor, PUP Main Building
Buying a Lotto Ticket
Taking CPA licensure examinations

28. Two organizations have recently merged. The audit committee has asked the
internal auditors from both organizations to assess risks that should be
addressed after the merger. One manager has suggested that the engagement
teams jointly examine the organizational culture and the “tone at the top” to
identify control risks associated with the proposed merger. Which of the following
statements is true?

The organizational culture is not a part of the control environment and therefore should not be
considered for a proposed engagement
Although the organizational culture could be considered part of the control environment, the
assessment of such an environment would be highly subjective and therefore not useful
Differences in the organizational culture should be systematically identified because the
differences may present major risks to the success of the merger. However, identifying differences
is not an appropriate activity because it is political and subjective
None of the answers are correct

29. What is the responsibility of the internal auditor with respect to fraud?

An internal auditor should have sufficient knowledge and training so that (s)he is able to detect
fraud.
The internal auditor should have sufficient knowledge to identify the indicators of fraud but is not
expected to be an expert.
An internal auditor’s primary role is to detect and investigate fraud.
The internal auditor should have the same ability to detect fraud as a person whose primary
responsibility is detecting and investigating fraud.

30. Opportunities to misappropriate assets increase when there are

Inventory items that are small in size, of high value, or in high demand.
Known or anticipated future employee layoffs.
Promotions, compensation, or other rewards inconsistent with expectations.
Recent or anticipated changes to employee compensation or benefit plans.

31. An internal auditor should be concerned about the possibility of fraud if

Cash receipts, net of the amounts used to pay petty cash-type expenditures, are deposited in the
bank daily
One person, acting alone, has sole access to the petty cash fund (except for a provision for
occasional surprise counts by a supervisor or auditor)
The monthly bank statement reconciliation is performed by the same employee who maintains the
perpetual inventory records
The accounts receivable subsidiary ledger and accounts payable subsidiary ledger are maintained
by the same person

32. An adequate and effective system of internal control provides reasonable

assurance that objectives and goals will be achieved. Controls may be
preventive, detective, or directive. Which of the following is a detective control for
the procurement function?

Review and approval of each procurement action is required prior to the final issuance of a
purchase order
Prenumbered standard purchase order forms include all relevant terms required to be used in all
applicable instances
Goods received are counted and compared with quantities on purchase order and receiving
reports
The procurement function is organizationally separate from receiving, disbursing, and accounting

33. Which of the following is true regarding internal auditors and the adequacy of an
organization’s risk management process?
Internal auditors must have an understanding of the risk assessment process but not of the tools
used to make the assessment.
Internal auditors should determine the level of risks acceptable to the organization.
Internal auditors need to be satisfied that the key objectives of risk management processes are
being met
Internal auditors should evaluate management’s risk processes the same way they analysis risk
when planning an engagement.

34. Which of the following best describes the tragedy of the commons?

Tragedies occur when there is too much government regulation.

People are always willing to sacrifice for the good of society.
The common good of the people is a popular corporate goal.
People are likely to use all the natural resources they want without regard to others.

35. The online petition for ABS-CBN franchise renewal was sabotage by trolls.
According to the Union Groups, the sabotage came from bots and fake accounts
and used obscenities, cuss words, and repetitive names as usernames. This is
an example of what risk

Data Disallowance Squad (DDS) Risk

Sabotage Charges Risk (Sa CR)
Data and Systems Integrity Risks (D' SIR)
Denial of Service (DOS) Attack

36. Which of the following is true concerning business codes of conduct and
compliance standards?

In order to prevent future legal liability, the code should consist of legal terms and definitions.
Compliance standards should be straightforward and reasonably capable of reducing the prospect
of criminal conduct.
The compliance standards should be codified in the charters of the audit committee.
Companies with international operations should institute various compliance programs, based on
selective geographic locations, that reflect appropriate local regulations.

37. Good corporate governance processes cannot

Focus management’s attention on introducing appropriate systems of internal control

eliminate corporate fraud
improve risk management system
help attract new investment into the company

38. Controls which are designed to assure that the information processed by the
computer is authorized, complete, and accurate are called

Input controls
Processing controls
Output controls
General controls
 39. Which of the following is not one of the six building blocks for sound corporate
governance under G20/OECD Principles of Corporate Governance?

The rights and equitable treatment of shareholders and key ownership functions
The responsibilities of the board
Unification of ownership and control
Institutional investors, stock markets, and other intermediaries

40. In a small company that doesn't employ an adequate number of employees to

permit proper division of responsibilities, effective internal control can be
strengthened by

Employment of temporary personnel to aid in the separation of duties.

Engaging a CPA to perform monthly "write up" work.
Delegation of full, clear-cut responsibility to each employee for the functions assigned to each.
Direct participation by the owner of the business in the record keeping activities of the business.

41. Which of the following best describes SEC Code of Corporate Governance?

Its provisions are mandatory

Its provisions are discretionary
Its provisions are penal in nature
Its provisions are binding to all corporations concerned

42. The manager of a production line has the authority to order and receive replacement
parts for all machinery that requires periodic maintenance. The internal auditor received
an anonymous tip that the manager ordered substantially more parts than were
necessary from a family member in the parts supply business. The unneeded parts
were never delivered. Instead, the manager processed receiving documents and
charged the parts to machinery maintenance accounts. The payments for the
undelivered parts were sent to the supplier, and the money was divided between the
manager and the family member. Which of the following internal controls would have
most likely prevented this fraud from occurring?

Establishing predefined spending levels for all vendors during the bidding process.
Comparing the bill of lading for replacement parts to the approved purchase order.
Segregating the receiving function from the authorization of parts purchases.
Using the company’s inventory system to match quantities requested with quantities received.

43. (A) Corporations that embrace CSR policies consistently produce a lower rate of
return on investment for shareholders; (B) Milton Friedman’s economic philosophy
advocates increased government regulation to ensure that corporations are socially
responsible.

True, True
False, True
True, False
False, False
44. In ERM, the primary responsibility of the Board is to

Manage risk at source

Identify risks faced by the organization
Provide independent assessment of the ERM
Set the risk culture

45. Internal audit activities may involve both assurance and consulting services. Which
of the following best describes an assurance engagement?

Assurance engagement enables an auditor to state whether, on the basis of procedures which do
not provide all the evidence that would be required in an audit, anything has come to the auditor's
attention that causes the auditor to believe that the financial statements are not prepared, in all
material respects, in accordance with an identified financial reporting framework.
Assurance engagement carries out those procedures of an audit nature to which the auditor and
the entity and any appropriate third parties have agreed and to report on factual findings.
Assurance engagement means an engagement in which a practitioner expresses a conclusion
designed to enhance the degree of confidence of the intended users other than the responsible
party about the outcome of the evaluation or measurement of a subject matter against criteria.
Assurance engagement enables the auditor to express an opinion whether the financial statements
are prepared, in all material respects, in accordance with an identified financial reporting
framework.

46. Corporate Governance is designed to compensate for the __________________.

issues arising separation of ownership and control

lack of mechanisms to identify, assess, and appropriately respond to risk
improper procedures designed and implemented by employees
limited scope of external auditor

47. If the following hold at least one share in ABC Corp., who among them can be
elected as a corporate director?

Baby Puti, the designated trustee of Mang Tomas

XYZ Corporation engaged in business for 180 years
M, a fourth year BSA student studying at PUP
Mang Tomas, a well known businessman who designated Baby Puti, Mang Tomas' minor son, as
a trustee in a voting trust agreement

48. Which of the following statements best explains why the CPA profession has found
it essential to establish ethical standards and means for ensuring their observance?

A requirement for a profession is to establish ethical standards that stress primarily a responsibility
to clients and colleagues.
Vigorous enforcement of an established code of ethics is the best way to prevent unscrupulous
acts.
Ethical standards that emphasize excellence in performance over material rewards establish a
reputation for competence and character.
A distinguishing mark of a profession is its acceptance of responsibility to the public.
49Which of the following goals sets risk management strategies at the optimum level?

Minimize losses
Minimize costs
Maximize market share
Maximize shareholder value

50Audit sampling involves the

Application of audit procedures to all items over a certain amount and those that are unusual or
have a history of error.
Selection of all items over a certain amount.
Application of audit procedures to less than 100% of items within a class of transactions or an
account balance such that all items have a chance of selection.
Application of audit procedures to all items that comprise a class of transactions or an account
balance.

Back

Next

Never submit passwords through Google Forms.

This content is neither created nor endorsed by Google. Report Abuse - Terms of Service - Privacy Policy
Forms