ACG 4401 Final Exam with all Correct & 100% Verified
Answers |Actual Complete Exam |Already Graded A+
preventive controls ✔Correct Answer-Controls that deter problems before they arise. Ex:
qualified personnel, segregation of duties, control access
detective controls ✔Correct Answer-Controls designed to discover control problems that were
not prevented. Ex: duplicate checking of calculations, monthly balances
corrective controls ✔Correct Answer-Controls designed to make sure an organization's
information system and control environment is stable and well managed. Ex: security,
maintenance
belief system ✔Correct Answer-System that describes how a company creates value, helps
employees understand management's vision communicates company core values, and inspires
employees to live by those values
boundary system ✔Correct Answer-System that helps employees act ethically by setting
boundaries on complete behavior
diagnostic control system ✔Correct Answer-System that measures, monitors, and compares
actual company progress to budgets and performance goals
interactive control system ✔Correct Answer-System that helps managers to focus
subordinates' attention on key strategic issues and to be more involved in their decisions
Foreign Corrupt Practices Act (FCPA) ✔Correct Answer-Legislation passed to prevent
companies from bribing foreign officials to obtain business; also requires all publicly owned
corporations maintain a system of internal accounting controls
Sarbanes-Oxley Act (SOX) ✔Correct Answer-Legislation intended to prevent financial
statement fraud, make financial reports more transparent, provide protection to investors,
strengthen internal controls at public companies, and punish executives who perpetrate fraud
COBIT5 Principles (5) ✔Correct Answer-1. Meeting stakeholder needs
2. Covering the enterprise end-to-end
3. Applying a single, integrated framework
4. Enabling a holistic approach
5. Separating governance from management
Internal Control-Integrated Framework (IC) ✔Correct Answer-A COSO framework that defines
internal controls and provides guidance for evaluating and enhancing internal control systems
, Enterprise Risk Management - Integrated Framework (ERM) ✔Correct Answer-A COSO
framework that improves the risk management process by expanding (adds three additional
elements) COSO's Internal Control - Integrated
internal environment ✔Correct Answer-1.Management's philosophy, operating style, and risk
appetite
2.Commitment to integrity, ethical values, and competence
3.Internal control oversight by Board of Directors
4.Organizing structure
5.Methods of assigning authority and responsibility
6.Human resource standards
Risk Assessment ✔Correct Answer-Inherent- risk that exists before plans are made to control
it
Residual- risk that is left over after you control it
Cost Benefit Analysis ✔Correct Answer-Expected Loss = Impact x Likelihood
Impact- estimate potential loss if event occurs
Likelihood- probability that the event will occur
Risk Response ✔Correct Answer-Reduce- Implement effective internal control
Accept- Do nothing, accept likelihood, and impact of risk
Share- Buy insurance, outsource, or hedge
Avoid- Do not engage in the activity
Control Activities ✔Correct Answer-1.Proper authorization of transactions and activities
2.Segregation of duties
3.Project development and acquisition controls
4.Change management controls
5.Design and use of documents and records
6.Safeguarding assets, records, and data
7.Independent checks on performance
Trust Services Framework ✔Correct Answer--Security: access to the system and data is
controlled and restricted to legitimate users
-Confidentiality: sensitive organizational data is protected
-Privacy: personal information about trading partners, investors, and employees are protected
-Processing Integrity: data are processed accurately, completely, in a timely manner, and only
with proper authorization
-Availability: system and information are available
Security Life Cycle ✔Correct Answer-1. assess threats and select risk response
2. develop and communicate policy
Answers |Actual Complete Exam |Already Graded A+
preventive controls ✔Correct Answer-Controls that deter problems before they arise. Ex:
qualified personnel, segregation of duties, control access
detective controls ✔Correct Answer-Controls designed to discover control problems that were
not prevented. Ex: duplicate checking of calculations, monthly balances
corrective controls ✔Correct Answer-Controls designed to make sure an organization's
information system and control environment is stable and well managed. Ex: security,
maintenance
belief system ✔Correct Answer-System that describes how a company creates value, helps
employees understand management's vision communicates company core values, and inspires
employees to live by those values
boundary system ✔Correct Answer-System that helps employees act ethically by setting
boundaries on complete behavior
diagnostic control system ✔Correct Answer-System that measures, monitors, and compares
actual company progress to budgets and performance goals
interactive control system ✔Correct Answer-System that helps managers to focus
subordinates' attention on key strategic issues and to be more involved in their decisions
Foreign Corrupt Practices Act (FCPA) ✔Correct Answer-Legislation passed to prevent
companies from bribing foreign officials to obtain business; also requires all publicly owned
corporations maintain a system of internal accounting controls
Sarbanes-Oxley Act (SOX) ✔Correct Answer-Legislation intended to prevent financial
statement fraud, make financial reports more transparent, provide protection to investors,
strengthen internal controls at public companies, and punish executives who perpetrate fraud
COBIT5 Principles (5) ✔Correct Answer-1. Meeting stakeholder needs
2. Covering the enterprise end-to-end
3. Applying a single, integrated framework
4. Enabling a holistic approach
5. Separating governance from management
Internal Control-Integrated Framework (IC) ✔Correct Answer-A COSO framework that defines
internal controls and provides guidance for evaluating and enhancing internal control systems
, Enterprise Risk Management - Integrated Framework (ERM) ✔Correct Answer-A COSO
framework that improves the risk management process by expanding (adds three additional
elements) COSO's Internal Control - Integrated
internal environment ✔Correct Answer-1.Management's philosophy, operating style, and risk
appetite
2.Commitment to integrity, ethical values, and competence
3.Internal control oversight by Board of Directors
4.Organizing structure
5.Methods of assigning authority and responsibility
6.Human resource standards
Risk Assessment ✔Correct Answer-Inherent- risk that exists before plans are made to control
it
Residual- risk that is left over after you control it
Cost Benefit Analysis ✔Correct Answer-Expected Loss = Impact x Likelihood
Impact- estimate potential loss if event occurs
Likelihood- probability that the event will occur
Risk Response ✔Correct Answer-Reduce- Implement effective internal control
Accept- Do nothing, accept likelihood, and impact of risk
Share- Buy insurance, outsource, or hedge
Avoid- Do not engage in the activity
Control Activities ✔Correct Answer-1.Proper authorization of transactions and activities
2.Segregation of duties
3.Project development and acquisition controls
4.Change management controls
5.Design and use of documents and records
6.Safeguarding assets, records, and data
7.Independent checks on performance
Trust Services Framework ✔Correct Answer--Security: access to the system and data is
controlled and restricted to legitimate users
-Confidentiality: sensitive organizational data is protected
-Privacy: personal information about trading partners, investors, and employees are protected
-Processing Integrity: data are processed accurately, completely, in a timely manner, and only
with proper authorization
-Availability: system and information are available
Security Life Cycle ✔Correct Answer-1. assess threats and select risk response
2. develop and communicate policy
