- Risk Management & Internal Controls Questions And Answers 2024

3- Risk Management & Internal Controls Questions And Answers 2024 the process that specifically mitigates risks to the company's financial information - correct answer-Internal Controls the mechanisms, like rules, policies, or procedures, that make up the process of internal controls - correct answer-Controls prevent problems from happening - correct answer-Preventive Controls type of preventive control that lessens the risk of error and fraud by ensuring that different employees are responsible for the separate parts of a business activity of authorizing, recording, and having custody - correct answer-Segregation/ Separation of Duties alert management to an issue once it has occurred - correct answer-Detective Controls change undesirable outcomes and occur after a risk has occurred - correct answer-Corrective Controls is when internal control activities don't work because management is not following policy or procedure, like telling a direct report to ignore a specific control - correct answer-Management Override when two employees work together to circumvent controls - correct answer-Collusion measures the residual risk for technology attacks by comparing the relationship of the three control functions - correct answer-Time-Based Model of Controls apply to the entire operation of the full system and its environment such as; all corporate applications, email, web browsers, time keeping software, benefits management systems, etc. - correct answer-IT General Controls a software that captures and records accounting business events - correct answer-Application when a control only applies to a specific application - including all the business processes and accounts that are linked to it - correct answer-Application Controls might sound antiquated, but they play a significant role because they are used when human judgement or physical interaction is required - correct answer-Manual Controls use technology to implement a control activity - correct answer-Automated Controls technology to create detective controls that use rules-based programming to monitor the business' data for red flags of risks - correct answer-Continuous Monitoring Ownership and the responsibility of enforcing mitigating measures to prevent identified risk from occurring - correct answer-Management - business operations Identifying and assessing organizational risks - correct answer-Management - risk management and compliance Aids the first line of defense by ensuring controls are designed to adequately address risk, then monitors to ensure fist line is complying with internal control requirements - correct answer-Management - risk management and compliance An independent function of the company that has a unique reporting relationship in an organization - correct answer-Internal audit shows how far along a company is on its journey to reach the ideal state by comparing the current state to a predetermined set of best practices - correct answer-Maturity Model a. Informal process b. Ad hoc controls c. Localized efforts d. Reactive management e. Reliance on key f. Reliance on key individuals - correct answer-Limited a. Some defined processes b. Some defined controls c. Lack of documentation d. Primarily manual controls e. Inconsistencies f. Reliance on key individuals - correct answer-Informal a. Clearly defined processes b. Clearly defined controls c. Formal documentation d. Mix of manual and automated controls e. No reliance on key individuals - correct answer-Defined optimized a. Enterprise-wide risk management b. Enterprise-wide control environment c. Top-down proactive approach d. Clearly defined processes