ACFE FRAUD PREVENTION AND DETERRENCE
QUESTIONS AND ANSWERS 2025
The Committee of Sponsoring Organizations of the Tredway Commission's (COSO)
Enterprise Risk Management—Integrating with Strategy and Performance is composed
of a set of principles organized into five interrelated components. Which of the following
is NOT one of the principles pertaining to the review and revision component?
A. The organization identifies risk that impacts its performance and ability to meet
objectives. B. The organization reviews its risk and performance. C. The organization
pursues improvement in enterprise risk management. D. The organization assesses
substantial changes that might affect its strategy and objectives. - CORRECT ANSWER
-D. The organization assesses substantial changes that might affect its strategy and
objectives.
Which of the following should the internal audit function include in its communications
with senior management and the board of directors about fraud?
A. Whether management possesses the necessary skills, resources, and inclination to
provide effective fraud risk management B. Management's level of cooperation with the
assessment of the organization's fraud risk governance and management C. Any
significant residual fraud risks D. All of the above - CORRECT ANSWER -D. All of the
above
In defining the objectives of the fraud risk management program, management should
express risk appetite in a manner that is appropriate for the organization's culture and
operations.
A. True B. False - CORRECT ANSWER -true
Having an auditor ask employees questions such as, "Has anyone ever asked you to do
anything that you felt was illegal or unethical?" can be an effective method of
uncovering fraud within an organization.
A. True B. False - CORRECT ANSWER -true
Government auditors' requirements for reporting fraud may be subject to specific
provisions of the audit mandate and can vary depending on the jurisdiction.
A. True B. False - CORRECT ANSWER -true
Which of the following is NOT one of the eight principles for risk management provided
by International Organization for Standardization (ISO) 31000:2018?
A. The risk management program is dynamic and responsive to change. B. The risk
management program is customized and proportionate to the organization's operations
,and objectives. C. The risk management program takes human and cultural factors into
account. D. The risk management program is based on effective leadership and
commitment - CORRECT ANSWER -A. The risk management program is dynamic and
responsive to change.
According to International Standard on Auditing (ISA) 240, The Auditor's
Responsibilities Relating to Fraud in an Audit of Financial Statements, the auditor's
assessment of the risk of material misstatement due to fraud at the financial statement
level should influence which of the following aspect(s) of an audit?
A. Choice of auditing procedures B. Consideration of accounting policies used C.
Assignment and supervision of personnel D. All of the above - CORRECT ANSWER -D.
All of the above
Detective anti-fraud controls include all the following EXCEPT:
A. Hiring policies and procedures B. Physical inspections C. A hotline D. Proactive data
analysis techniques - CORRECT ANSWER -B. Physical inspections
During an external audit of an organization's financial statements, an auditor identifies a
significant deficiency in the organization's internal controls related to financial reporting.
Which of the following is the auditor required to do regarding this issue?
A. Report the findings to the appropriate government authorities. B. Document the
findings and withdraw from the engagement. C. Communicate the findings in writing to
those charged with governance. D. Implement procedures to correct the internal control
deficiency. - CORRECT ANSWER -C. Communicate the findings in writing to those
charged with governance.
Which of the following elements is required for a corporate compliance program to be
effective?
A. Appropriate incentives for compliance with the program B. Due diligence in the hiring
process C. Consistent punishment for employees who violate the program D. All of the
above - CORRECT ANSWER -D. All of the above
For a corporate compliance program to be effective, the company must proactively
monitor, audit, and evaluate the program's components.
A. True B. False - CORRECT ANSWER -true
A positive reinforcement presents a positive stimulus in exchange for the desired
response.
A. True B. False - CORRECT ANSWER -true
, Professional organizations, such as the ACFE, have codes of ethics because:
A. They provide more direct solutions to professional ethical dilemmas than might exist
under general ethical principles B. They facilitate practical enforcement and internal
discipline throughout a profession C. They serve as a reference and benchmark for
ethical guidance D. All of the above - CORRECT ANSWER -D. All of the above
The board of directors holds the primary responsibility for designing, implementing,
monitoring, and improving the fraud risk management program, as well as punishing
perpetrators of fraud appropriately.
A. True B. False - CORRECT ANSWER -false
As part of its vendor due diligence procedures, an organization should avoid revealing
that it is seeking information about potential vendors prior to starting a relationship with
them.
A. True B. False - CORRECT ANSWER -true
During an external audit of XYZ Corporation, the audit team determines the quantitative
materiality threshold (i.e., the amount by which financial statements must be misstated
to be considered materially misstated) to be $1 million. If the auditors discover evidence
that management has intentionally overstated sales by $900,000, they should deem the
misstatement immaterial for purposes of the audit and disregard it.
A. True B. False - CORRECT ANSWER -false
________ in the context of corporate governance generally refers to the clarity,
accuracy, completeness, and timeliness of the financial statements and other
information provided by management to shareholders.
A. Transparency B. Responsibility C. Accountability D. Fairness - CORRECT ANSWER
-A. Transparency
According to ACFE research, only a small percentage of occupational fraud
perpetrators receive some form of internal punishment from their employer for their
scheme.
A. True B. False - CORRECT ANSWER -true
According to Occupational Fraud 2022: A Report to the Nations, more frauds are
uncovered by external audit than by any other form of detection.
A. True
B. False - CORRECT ANSWER -false
QUESTIONS AND ANSWERS 2025
The Committee of Sponsoring Organizations of the Tredway Commission's (COSO)
Enterprise Risk Management—Integrating with Strategy and Performance is composed
of a set of principles organized into five interrelated components. Which of the following
is NOT one of the principles pertaining to the review and revision component?
A. The organization identifies risk that impacts its performance and ability to meet
objectives. B. The organization reviews its risk and performance. C. The organization
pursues improvement in enterprise risk management. D. The organization assesses
substantial changes that might affect its strategy and objectives. - CORRECT ANSWER
-D. The organization assesses substantial changes that might affect its strategy and
objectives.
Which of the following should the internal audit function include in its communications
with senior management and the board of directors about fraud?
A. Whether management possesses the necessary skills, resources, and inclination to
provide effective fraud risk management B. Management's level of cooperation with the
assessment of the organization's fraud risk governance and management C. Any
significant residual fraud risks D. All of the above - CORRECT ANSWER -D. All of the
above
In defining the objectives of the fraud risk management program, management should
express risk appetite in a manner that is appropriate for the organization's culture and
operations.
A. True B. False - CORRECT ANSWER -true
Having an auditor ask employees questions such as, "Has anyone ever asked you to do
anything that you felt was illegal or unethical?" can be an effective method of
uncovering fraud within an organization.
A. True B. False - CORRECT ANSWER -true
Government auditors' requirements for reporting fraud may be subject to specific
provisions of the audit mandate and can vary depending on the jurisdiction.
A. True B. False - CORRECT ANSWER -true
Which of the following is NOT one of the eight principles for risk management provided
by International Organization for Standardization (ISO) 31000:2018?
A. The risk management program is dynamic and responsive to change. B. The risk
management program is customized and proportionate to the organization's operations
,and objectives. C. The risk management program takes human and cultural factors into
account. D. The risk management program is based on effective leadership and
commitment - CORRECT ANSWER -A. The risk management program is dynamic and
responsive to change.
According to International Standard on Auditing (ISA) 240, The Auditor's
Responsibilities Relating to Fraud in an Audit of Financial Statements, the auditor's
assessment of the risk of material misstatement due to fraud at the financial statement
level should influence which of the following aspect(s) of an audit?
A. Choice of auditing procedures B. Consideration of accounting policies used C.
Assignment and supervision of personnel D. All of the above - CORRECT ANSWER -D.
All of the above
Detective anti-fraud controls include all the following EXCEPT:
A. Hiring policies and procedures B. Physical inspections C. A hotline D. Proactive data
analysis techniques - CORRECT ANSWER -B. Physical inspections
During an external audit of an organization's financial statements, an auditor identifies a
significant deficiency in the organization's internal controls related to financial reporting.
Which of the following is the auditor required to do regarding this issue?
A. Report the findings to the appropriate government authorities. B. Document the
findings and withdraw from the engagement. C. Communicate the findings in writing to
those charged with governance. D. Implement procedures to correct the internal control
deficiency. - CORRECT ANSWER -C. Communicate the findings in writing to those
charged with governance.
Which of the following elements is required for a corporate compliance program to be
effective?
A. Appropriate incentives for compliance with the program B. Due diligence in the hiring
process C. Consistent punishment for employees who violate the program D. All of the
above - CORRECT ANSWER -D. All of the above
For a corporate compliance program to be effective, the company must proactively
monitor, audit, and evaluate the program's components.
A. True B. False - CORRECT ANSWER -true
A positive reinforcement presents a positive stimulus in exchange for the desired
response.
A. True B. False - CORRECT ANSWER -true
, Professional organizations, such as the ACFE, have codes of ethics because:
A. They provide more direct solutions to professional ethical dilemmas than might exist
under general ethical principles B. They facilitate practical enforcement and internal
discipline throughout a profession C. They serve as a reference and benchmark for
ethical guidance D. All of the above - CORRECT ANSWER -D. All of the above
The board of directors holds the primary responsibility for designing, implementing,
monitoring, and improving the fraud risk management program, as well as punishing
perpetrators of fraud appropriately.
A. True B. False - CORRECT ANSWER -false
As part of its vendor due diligence procedures, an organization should avoid revealing
that it is seeking information about potential vendors prior to starting a relationship with
them.
A. True B. False - CORRECT ANSWER -true
During an external audit of XYZ Corporation, the audit team determines the quantitative
materiality threshold (i.e., the amount by which financial statements must be misstated
to be considered materially misstated) to be $1 million. If the auditors discover evidence
that management has intentionally overstated sales by $900,000, they should deem the
misstatement immaterial for purposes of the audit and disregard it.
A. True B. False - CORRECT ANSWER -false
________ in the context of corporate governance generally refers to the clarity,
accuracy, completeness, and timeliness of the financial statements and other
information provided by management to shareholders.
A. Transparency B. Responsibility C. Accountability D. Fairness - CORRECT ANSWER
-A. Transparency
According to ACFE research, only a small percentage of occupational fraud
perpetrators receive some form of internal punishment from their employer for their
scheme.
A. True B. False - CORRECT ANSWER -true
According to Occupational Fraud 2022: A Report to the Nations, more frauds are
uncovered by external audit than by any other form of detection.
A. True
B. False - CORRECT ANSWER -false
