When there is a risk of loss resulting from inadequate or failed internal processes, people and systems or from external event, it is called * 1 point Liquidity risk Operational risk Moral hazard Systemic risk As part of an organizations’ risk management process, when considering risk and uncertainty, the risk team must be aware that * 1 point Uncertainty should only be considered when reviewing long-term objectives. Uncertainty should always be considered completely separately from risk. Risk assessment is the sole method of reducing uncertainty. Risk can apply to both opportunities and threats to the organization. Which portion of a risk management plan explains the extent to which the plan will be organized and carried out? * 1 point Scope Assignment Schedule Introduction Statement 1: Although the risk management process is presented as sequential, in practice it is iterative. Statement 2: Monitoring and review in the risk management process is the action taken in response to risk identification, analysis and evaluation * 2 points Only statement 1 is true Only statement 2 is true Both statements are true Both statements are false A process implemented by management to assess the effectiveness of internal control performance over time. * 1 point Quality control system Test of controls Risk assessment procedures Monitoring of controls A large organization is assessing a risk using a typical risk management process and has just established and identified the risks to which it is exposed. What is likely to be the next stage in the process? * 1 point Analyzing risks Eliminating risks. Evaluating risks. Treating risks. Statement 1: ISO 31000 states that risk management is an open ended process designed to be highly customized and tailored to the individual needs and contexts of the organization implementing it. Statement 2: It is stated in ISO 31000 that oversight bodies are responsible for making sure that risks are prioritized in accordance with how they impact the organization’s ability to create and deliver value. * 2 points Only statement 1 is true Only statement 2 is true Both statements are true Both statements are false S1: Internal control is designed and implemented to address all business risks that threaten the achievement of the objectives of internal control. S2: One of the inherent limitations of internal control is the lack of segregation of duties. * 2 points Both statements are true. Both statements are false. Only statement 1 is true. Only statement 2 is true. Lack of internal control could lead to * 1 point loss of assets poor internal control reports loss of customers excessive compensation poor management decisions This study source was downloaded by 100000845738682 from CourseHero.com on 06-20-2022 17:27:45 GMT -05:00 https://www.coursehero.com/file/68164391/QUIZ-2docx/ This component of the risk management framework includes setting objectives and deadlines, defining decision making process and evaluating and making changes to the decision making process when appropriate. * 1 point Design Improvement Integration Implementation Which of the following elements of the internal control structure includes the development of personnel manuals documenting employee promotion and training policies? * 1 point control procedures control risk control environment control policies Within an organization, business risk can typically be categorized as the * 1 point Risk of an organization not being able to meet its financial obligations. Alleged or actual breach of contract between an organization and counterparty. Probability of a loss being inherent in an organization’s operations and environment. Uncertainty relating to the occurrence of an insured event. Who is ultimately responsible for providing guidance and oversight on the risk management and internal control process? * 1 point operating management the board control functions senior management The risk management process involves identifying, assessing and responding to risks. What comes next in the process? * 1 point Setting limits Performing oversight Monitoring Revisiting the charter Which of the following is an example of an inherent limitation in a client’s internal control system? * 1 point The effectiveness of procedures depends on the segregation of employee duties. In the performance of most control procedures, there are possibilities of errors arising from mistakes in judgment. Procedures for handling large numbers of transactions are processed by information technology (IT) equipment. Procedures are designed to assure the execution and recording of transactions in accordance with management’s authorization. This is a set of components that support and sustain risk management throughout an organization * 1 point Risk management process Risk management principles Leadership and commitment Risk management framework An effective internal control structure * 1 point Is unaffected by changing circumstances and conditions encountered by the organization. Reduces the need for management to review exception reports on a day-to-day basis. Cannot be circumvented by management. Eliminates risk and potential loss to the organization. Which of the following best defines risk management? * 1 point The potential for an unwanted outcome resulting from an incident, event, or occurrence, as determined by its likelihood and the associated consequences. A process of identifying the potential for an unwanted outcome, determining what to This study source was downloaded by 100000845738682 from CourseHero.com on 06-20-2022 17:27:45 GMT -05:00 https://www.coursehero.com/file/68164391/QUIZ-2docx/ do about it from among the available alternatives, and then doing it. A physical feature or operational attribute that renders an entity, asset, system, network, or geographic area open to exploitation or susceptible to a given hazard. The management of the consequence of something happening, described in either quantitative terms of probability or frequency. S1: The control environment is the foundation for effective internal control, providing discipline and structure. S2: Risks relevant to reliable financial reporting is unrelated to specific events or transactions. * 2 points Both statements are true. Both statements are false. Only statement 1 is true. Only statement 1 is false. Which is not among the principles contained in the development of the science of internal control? * 1 point preventive controls are the best forms of control supervisory review fraud prevention ensure objectives are met The following are components of internal control: * 1 point Control environment, risk assessment process, control activities, information system and communication, and monitoring of controls. Organizational structure, management philosophy, and planning. Risk assessment process, backup facilities, responsibility accounting and natural laws. Legal environment of the firm, management philosophy, and organizational structure. 1 point There is no universally accepted definition of individual risks. Risk categories are always applied differently across an organization. Audit and compliance functions must always categorize risks differently. Universal risk categorizations must always be used. An emerging issue in the practice of risk management is that, based on a study, there is no alignment with current sustainability reports * 1 point True False This means making sure that risk management is part of all aspects of the organization * 1 point Implementation Integration Leadership and commitment Evaluation One way for a company to manage its risk in relation to its employees' workplace behavior is by * 1 point Allowing employees to view all company records. Providing employees with the flexibility to change company policies. Permitting employees to use company resources for personal use. Encouraging employees to report workplace misconduct. Statement 1: The approach in risk management is one size fits all. Statement 2: In risk management, executive alignment is crucial. * 2 points Only statement 1 is true Only statement 2 is true Both statements are true Both statements are false Why can it be difficult for an organization to categorize risks? * This study source was downloaded by 100000845738682 from CourseHero.com on 06-20-2022 17:27:45 GMT -05:00 https://www.coursehero.com/file/68164391/QUIZ-2docx/ Management’s attitude towards aggressive financial reporting and its emphasis on meeting projected profit goals most likely would significantly influence an entity’s control environment when: * 1 point Management is dominated by one individual who is also a shareholder. Internal auditors have direct access to the board of directors and entity management. The audit committee is active in overseeing the entity’s financial reporting policies. External policies established by parties outside the entity affect its accounting practices. Consider whether lessons could be learned for future management of risks. Ensure that all significant risks are eliminated immediately. Evidence that all risks are measured in financial terms only. An example of risk mitigation is: * 1 point Using proven technology in the development of a product to lessen the probability that the product will not work Purchasing insurance Both choices are correct Neither of the choices is correct Why is it important to understand the risk perceptions of others when planning for communication in the risk management process? * 1 point Unless everyone has the same risk perceptions, effective risk management is impossible. To communicate effectively, you must accurately and appropriately address the risk perceptions of others. Revealing the risk perceptions of others could create a conflict of interest and derail the process. Effective communication must avoid influencing the risk perception of others. Which of the following best describes the role of risk communications in risk management? * 1 point External communications are far more important to the entire risk management process than internal communications. Communications is not a major factor in the DHS Risk Management Cycle in comparison with the other steps. The risk management process relies on effective communication mostly at the beginning of the DHS Risk Management Cycle. Communications underpin the entire risk management process and should be ongoing throughout the life of a risk management action or strategy. One of the primary reasons that an organization should monitor and regularly review its risk management process is to * 1 point Evidence that an internationally-recognized framework is followed at all times. When a bank chooses the wrong strategy or follow a long-term business strategy which might lead to its failure, it is called * 1 point Business risk Market risk Operational risk Credit risk The objective of the recording function of transactions (in the context of internal accounting control) is to * 1 point Assure compliance with the rules of all regulatory bodies having jurisdiction over the reporting entity. Permit preparation of financial statements in accordance with GAAP and to maintain accountability of assets. Encourage operational efficiency and adherence to prescribed managerial policies. Limit access to assets and to permit preparation of financial statements in accordance with GAAP. This study source was downloaded by 100000845738682 from CourseHero.com on 06-20-2022 17:27:45 GMT -05:00 https://www.coursehero.com/file/68164391/QUIZ-2docx/ Understanding the potential causes of risk events will primarily help an organization to * 1 point Improve internal audit procedures. Comply with corporate governance standards. Reduce the frequency of loss Eliminate all risks Risks can arise or change due to circumstances such as the following, except: * 1 point No new employees have been hired by the company. The accounting and financial reporting framework has experienced significant revisions. There is a change in the regulatory or operating environment. The company switched from manual information systems to a computerized system. This study source was downloaded by 100000845738682 from CourseHero.com on 06-20-2022 17:27:45 GMT -05:00 https://www.coursehero.com/file/68164391/QUIZ-2docx/ Powered by TCPDF (www.tcpdf.org)