CIA Exam Part 1 Study Guide - Fraud Risks
Questions and Answers
What are some examples of macro-level red flags? Correct Answ_- Stiff competition, unfair
trade practices, or economic downturns that create pressure to perform or lead to layoffs that
place economic pressures on individuals. These conditions may generate the motive to commit
fraud.
- Recently deregulated or poorly regulated industries in which absence or laxity of controls
creates opportunity for fraud, for example, the ease of accessing cash in the business or the
complexity and opacity of transactions.
- An industry or cultural trend toward dishonesty and disregard of law and regulation (e.g., a
history of corrupt practices by certain types of government contractors, a pattern of bribe taking
by government officials). Perpetrators may point to a history or climate of acceptance as
rationalization for fraud.
What are some examples of red flags on the micro or organizational level? Correct Answ_-
Financial motive from the loss of a lucrative contract, the pressure to improve financial
performance to obtain a loan or before issuing stock, or a research and development failure that
threatens the organization's product pipeline.
,- Reorganizations that disrupt control policies and create fraud opportunity. Failure to screen may
lead to hiring with the motive to commit fraud (e.g., hiring supervisors who fail to implement,
enforce, and monitor control policies).
- Failure to train all personnel in the organization's ethical code. This can contribute to a culture
that easily rationalizes small and large acts of fraud, including theft, bid rigging, kickbacks, and
conflicts of interest.
What two types of micro environments in particular offer special opportunities for fraud and
challenges for internal auditing? Correct Answ_International organizations and organizations
that rely heavily on technology.
* What four industries alone account for more than 70% of white-collar fraud? Correct
Answ_Financial Services, insurance, manufacturing, and energy.
People committing fraud often display certain behaviors or characteristics that may serve as
warning signs or red flags. Personal red flags include: Correct Answ_- Living beyond one's
means
- Conveying dissatisfaction with the job to fellow employees
- Unusually close association with suppliers
- Severe personal financial losses
,- Addiction to drugs, alcohol, or gambling
- Change in personal circumstances
- Developing outside business interests
COSO's Internal Control—Integrated Framework has 5 components. For the control
environment, principle 1... Correct Answ_relates to establishing and communicating a fraud
risk management program demonstrating the expectations of the board and senior management
regarding their integrity and ethics related to managing fraud risk.
COSO's Internal Control—Integrated Framework has 5 components. For risk assesment,
principle 2... Correct Answ_is about performing comprehensive fraud risk assessments to
identify fraud schemes and risks, assess likelihood and impact, and assess existing fraud controls,
addressing gaps and residual risk.
COSO's Internal Control—Integrated Framework has 5 components. For control activities,
principle 3... Correct Answ_is about selecting, developing, and implementing preventive and
detective fraud controls as timely mitigating tools.
COSO's Internal Control—Integrated Framework has 5 components. For information and
communication, principle 4... Correct Answ_principle 4 is about ensuring that there is a
, communication process for reporting potential fraud and making sure investigation and
corrective action follow a coordinated, timely approach.
COSO's Internal Control—Integrated Framework has 5 components. For monitoring activities,
principle 5... Correct Answ_is about ongoing evaluation of the fraud risk management
program and communication of deficiencies to senior management and the board.
The Standards require the internal audit activity to assess the fraud risks at the ____ levels.
A) business and departmental
B) enterprise and operational
C) organizational and engagement
D) system and entity Correct Answ_C) organizational and engagement
Besides the definitions of fraud from the Standards and from "Managing the Business Risk of
Fraud, A Practical Guide" by The IIA, AICPA, and ACFE, what else do internal auditors need to
understand fraud?
A) Formal training in fraud investigations to develop the necessary expertise
Questions and Answers
What are some examples of macro-level red flags? Correct Answ_- Stiff competition, unfair
trade practices, or economic downturns that create pressure to perform or lead to layoffs that
place economic pressures on individuals. These conditions may generate the motive to commit
fraud.
- Recently deregulated or poorly regulated industries in which absence or laxity of controls
creates opportunity for fraud, for example, the ease of accessing cash in the business or the
complexity and opacity of transactions.
- An industry or cultural trend toward dishonesty and disregard of law and regulation (e.g., a
history of corrupt practices by certain types of government contractors, a pattern of bribe taking
by government officials). Perpetrators may point to a history or climate of acceptance as
rationalization for fraud.
What are some examples of red flags on the micro or organizational level? Correct Answ_-
Financial motive from the loss of a lucrative contract, the pressure to improve financial
performance to obtain a loan or before issuing stock, or a research and development failure that
threatens the organization's product pipeline.
,- Reorganizations that disrupt control policies and create fraud opportunity. Failure to screen may
lead to hiring with the motive to commit fraud (e.g., hiring supervisors who fail to implement,
enforce, and monitor control policies).
- Failure to train all personnel in the organization's ethical code. This can contribute to a culture
that easily rationalizes small and large acts of fraud, including theft, bid rigging, kickbacks, and
conflicts of interest.
What two types of micro environments in particular offer special opportunities for fraud and
challenges for internal auditing? Correct Answ_International organizations and organizations
that rely heavily on technology.
* What four industries alone account for more than 70% of white-collar fraud? Correct
Answ_Financial Services, insurance, manufacturing, and energy.
People committing fraud often display certain behaviors or characteristics that may serve as
warning signs or red flags. Personal red flags include: Correct Answ_- Living beyond one's
means
- Conveying dissatisfaction with the job to fellow employees
- Unusually close association with suppliers
- Severe personal financial losses
,- Addiction to drugs, alcohol, or gambling
- Change in personal circumstances
- Developing outside business interests
COSO's Internal Control—Integrated Framework has 5 components. For the control
environment, principle 1... Correct Answ_relates to establishing and communicating a fraud
risk management program demonstrating the expectations of the board and senior management
regarding their integrity and ethics related to managing fraud risk.
COSO's Internal Control—Integrated Framework has 5 components. For risk assesment,
principle 2... Correct Answ_is about performing comprehensive fraud risk assessments to
identify fraud schemes and risks, assess likelihood and impact, and assess existing fraud controls,
addressing gaps and residual risk.
COSO's Internal Control—Integrated Framework has 5 components. For control activities,
principle 3... Correct Answ_is about selecting, developing, and implementing preventive and
detective fraud controls as timely mitigating tools.
COSO's Internal Control—Integrated Framework has 5 components. For information and
communication, principle 4... Correct Answ_principle 4 is about ensuring that there is a
, communication process for reporting potential fraud and making sure investigation and
corrective action follow a coordinated, timely approach.
COSO's Internal Control—Integrated Framework has 5 components. For monitoring activities,
principle 5... Correct Answ_is about ongoing evaluation of the fraud risk management
program and communication of deficiencies to senior management and the board.
The Standards require the internal audit activity to assess the fraud risks at the ____ levels.
A) business and departmental
B) enterprise and operational
C) organizational and engagement
D) system and entity Correct Answ_C) organizational and engagement
Besides the definitions of fraud from the Standards and from "Managing the Business Risk of
Fraud, A Practical Guide" by The IIA, AICPA, and ACFE, what else do internal auditors need to
understand fraud?
A) Formal training in fraud investigations to develop the necessary expertise
