OCTOBER 2013 QUIZ

Correct Q.1) As discussed in Starting Off on the Right Foot, which area should risk assessments conducted for fraud investigations include: A. Monetary risk. B. Regulatory risk. C. Reputational risk. D. All of the above. (Your Answer) Correct Q.2) According to "Assurance that Matters" by Norman Marks, what percentage of CAEs and audit committee members see their primary job as providing assurance in a compliance environment? (This answer will be found in the print or digital edition of the magazine, not the online version.) A. 53 percent. B. 54 percent. C. 39 percent. D. 36 percent. (Your Answer) Correct Q.3) In Unraveling the Regulatory Knot, audit committee member Fred Telling says internal auditors need a 20/80 balance in focus on compliance, with 80 percent focused on the history, background, and culture that spawned the underlying law and its implementing regulations. A. True B. False (Your Answer) Correct Q.4) According to "Unraveling the Regulatory Knot," the European Union's Solvency II Directive requires companies operating in the E.U. to

___________ in order to reduce the risk of insolvency. A. Have sufficient insurance. B. Have adequate capital holdings. (Your Answer) C. Comply with all relevant regulations. D. Follow international risk management standards. Correct Q.5) According to The Wisdom of the Crowd, crowdsourcing is widespread in internal audit. A. True B. False (Your Answer) Incorrect Q.6) According to "Aligning the Business," by Jonathan Ngah, procedures are a guide to achieve organizational objectives, and should align with overall stragety. A. True (Your Answer) B. False Correct Q.7) According to "Aligning the Business," by Jonathan Ngah, red flags related to fraud, financial reporting misstatements, and various compliance errors often appear in organizations lacking clearly defined policies and procedures. A. True (Your Answer) B. False Correct Q.8) According to Unraveling the Regulatory Knot, by Russell Jackson, The IIAs International Standards for the Professional Practice of Internal Auditing (Standards) require internal auditors to evaluate risk exposures related to compliance with laws, regulations, policies,

procedures, and contracts. A. True (Your Answer) B. False Correct Q.9) According to Tools for IT Governance Assurance, by Ian Sanderson, how does ISACAs Information Systems Audit and Assurance Standards treat the topic of materiality? A. As principles-based. As principles-based. B. As risk-based. C. As control-based. (Your Answer) D. As process-based. Correct Q.10) In The Wisdom of the Crowd, what does author Craig Guillot cite as one of the biggest risks associated with crowdsourcing? A. Confidentiality breaches. (Your Answer) B. Reputational harm. C. Fraud. D. Misinformation. Correct Q.11) According to the 2012/2013 Global Fraud Report, as cited in Starting Off on the Right Foot, what percentage of fraud is committed by insiders, when the perpetrator is known? A. 73 percent. B. 67 percent. (Your Answer) C. 32 percent. 32 percent. D. 22 percent. Correct Q.12) In Tools for IT Governance Assurance, what is one of the benefits of using COBIT as a

governance framework? A. It is aligned with best practices in the information systems field, such as the IT Infrastructure Library and ISO/IEC 27000 standards series. (Your Answer) B. It is the basis for the IT controls mandated by the revised COSO Internal ControlIntegrated Framework. C. It is required for compliance with The IIAs standard on IT governance (Standard 2110.A2). D. It supersedes IT governance and assurance standards, including the IT Infrastructure Library and ISO/IEC 27000 standards series. Incorrect Q.13) Which of the following is identified in The Wisdom of the Crowd as one of the most popular types of crowdsourcing activities? A. Assessing enterprise risk. B. Fraud investigations. C. Crowdfunding. D. All of the above. (Your Answer) Correct Q.14) In Tools for IT Governance Assurance, which of the following is not a way that the COBIT 5 for Assurance guidance can be useful for internal auditors: A. It allows auditors to gain insight into current best practices on assurance. B. It demonstrates how to use COBIT 5 components and concepts for planning, performing, and reporting on IT audit engagements. C. It views the role of audit from a value-added perspective that looks at whether the organization is delivering the required benefits defined by stakeholders. D. It provides a checklist of risks that auditors

must provide coverage for in their audit plans. (Your Answer) Correct Q.15) In Starting Off on the Right Foot, what does author Travis Waite advise internal auditors to determine first when assessing whether an allegation of wrongdoing has merit? A. The complainants credibility and motives. (Your Answer) B. The channel through which the complaint was made. C. The organizations policy with regard to the alleged malfeasance. D. The complainants level of authority in the organization.