GEB 3017 UF EXAM 2 EXAM STUDY GUIDE
2026 PRACTICE QUESTIONS WITH FULL
SOLUTION GRADED A+
◉ ethical principles. Answer: standards of what is right/wrong with
regard to important social values and norms
◉ what is the importance of the code of ethics?. Answer: - it can be
used as a form of internal control (ethical behavior by employees)
- employees with different culture backgrounds will have different
values , therefore a code of ethics is very important to establish for a
company
◉ Sarbanes Oxley Act of 2002. Answer: - requires public companies
registered with the SEC and their auditors to annually assess and
report on the design and effectiveness of internal control over
financial reporting
- established Public Company Accounting Oversight Board (PCAOB)
to provide independent oversight of public accounting firms
◉ Auditing Standard 5. Answer: Encourages auditors to use a risk-
based, top-down approach to ID key concepts/controls. Analyzing
control at financial statement level and focus on entity-level control.
Part of SOX (2002)
,◉ SOX Part 1. Answer: Public Company Accting
◉ SOX Part 2. Answer: Auditor Independence
◉ SOX Part 3. Answer: Corp Responsibility
◉ SOX Part 4. Answer: Enhanced Financial Disclosures
◉ SOX Part 8. Answer: Corp and Criminal Fraud Accountability
◉ SOX Part 9. Answer: White Collar Crime
◉ Corporate Governance. Answer: Set of processes that manage an
org with sound ethics, int and ext control mechanisms to safeguard
the interests of the stakeholders
◉ 3 main functions of internal control. Answer: 1. Prevention
2. Detection
3. Correction
,◉ preventive controls. Answer: deter problems before they arise
(Authorization)
◉ detective controls. Answer: find problems when they arise. (Bank
reconciliations and monthly trial balances)
◉ corrective controls. Answer: fix problems that have been
identified (backup files to recover corrupted data)
◉ IT General Controls. Answer: Pertain to enterprise-wide issues
(access network, develop apps)
◉ two major frameworks for internal control. Answer: 1. COSO
Internal Control Framework
2. COBIT (Control Objectives for Information and Related
Technology)
◉ what are the 5 nonprofit orgs COSO is comprised of?. Answer: 1.
AAA - American Accounting Association
2. AICPA - American Institute of CPAs
3. FEI - Federal Executives International
4. IIA - Institute of Internal Auditors
5. IMA - Institute of Management Accountants
, ◉ what is COSO?. Answer: Framework of internal controls for
evaluating, reporting, and improving internal control: Widely
accepted
◉ COBIT. Answer: Control Objectives for Information and Related
Technology
◉ what are the 2 COSO frameworks?. Answer: 1. COSO Internal
Control Framework
2. COSO Enterprise Risk Management Framework
◉ COSO ERM Framework. Answer: - expanded the original COSO
internal control framework
- focuses on the strategic alignment of the firm's mission with its risk
appetite
- for developing risk-based internal control systems
◉ Effective internal controls should consist of three objectives.
Answer: effectiveness and efficiency of operations
reliability of reporting
adherence to applicable laws
◉ COSO 2013 Framework. Answer: - defines internal control as a
process
2026 PRACTICE QUESTIONS WITH FULL
SOLUTION GRADED A+
◉ ethical principles. Answer: standards of what is right/wrong with
regard to important social values and norms
◉ what is the importance of the code of ethics?. Answer: - it can be
used as a form of internal control (ethical behavior by employees)
- employees with different culture backgrounds will have different
values , therefore a code of ethics is very important to establish for a
company
◉ Sarbanes Oxley Act of 2002. Answer: - requires public companies
registered with the SEC and their auditors to annually assess and
report on the design and effectiveness of internal control over
financial reporting
- established Public Company Accounting Oversight Board (PCAOB)
to provide independent oversight of public accounting firms
◉ Auditing Standard 5. Answer: Encourages auditors to use a risk-
based, top-down approach to ID key concepts/controls. Analyzing
control at financial statement level and focus on entity-level control.
Part of SOX (2002)
,◉ SOX Part 1. Answer: Public Company Accting
◉ SOX Part 2. Answer: Auditor Independence
◉ SOX Part 3. Answer: Corp Responsibility
◉ SOX Part 4. Answer: Enhanced Financial Disclosures
◉ SOX Part 8. Answer: Corp and Criminal Fraud Accountability
◉ SOX Part 9. Answer: White Collar Crime
◉ Corporate Governance. Answer: Set of processes that manage an
org with sound ethics, int and ext control mechanisms to safeguard
the interests of the stakeholders
◉ 3 main functions of internal control. Answer: 1. Prevention
2. Detection
3. Correction
,◉ preventive controls. Answer: deter problems before they arise
(Authorization)
◉ detective controls. Answer: find problems when they arise. (Bank
reconciliations and monthly trial balances)
◉ corrective controls. Answer: fix problems that have been
identified (backup files to recover corrupted data)
◉ IT General Controls. Answer: Pertain to enterprise-wide issues
(access network, develop apps)
◉ two major frameworks for internal control. Answer: 1. COSO
Internal Control Framework
2. COBIT (Control Objectives for Information and Related
Technology)
◉ what are the 5 nonprofit orgs COSO is comprised of?. Answer: 1.
AAA - American Accounting Association
2. AICPA - American Institute of CPAs
3. FEI - Federal Executives International
4. IIA - Institute of Internal Auditors
5. IMA - Institute of Management Accountants
, ◉ what is COSO?. Answer: Framework of internal controls for
evaluating, reporting, and improving internal control: Widely
accepted
◉ COBIT. Answer: Control Objectives for Information and Related
Technology
◉ what are the 2 COSO frameworks?. Answer: 1. COSO Internal
Control Framework
2. COSO Enterprise Risk Management Framework
◉ COSO ERM Framework. Answer: - expanded the original COSO
internal control framework
- focuses on the strategic alignment of the firm's mission with its risk
appetite
- for developing risk-based internal control systems
◉ Effective internal controls should consist of three objectives.
Answer: effectiveness and efficiency of operations
reliability of reporting
adherence to applicable laws
◉ COSO 2013 Framework. Answer: - defines internal control as a
process
