CFCI Questions and Answers 100% Correct| Latest

CFCI Questions and Answers 100% Correct| Latest What are the three broad categories of detailed fraud auditing responses? 1. The nature of auditing procedures 2. The timing of substantive tests may need to be modified. 3. The extent of the procedures applied should reflect the assessment of the risks of material misstatement due to fraud. Qualitative Standards of CIGIE 1. Planning 2. Executing investigations 3. Reporting 4. Managing investigative findings. Evidence Evidence is categorized as - "real evidence" (any specific physical object such as an invoice); - "demonstrative evidence" (such as the computerized sketch or drawing of a loading dock); or - "testimonial evidence" (such as in the oral form of a witness, or others testifying in court). Sometimes evidence may consist of all three—real, demonstrative, and testimonial Fraud Risk Assessment includes the following steps 1: Create an FRA Team 2: Identify the Organization’s Universe of Potential Risks 3: Analyze the Likelihood of Each Scheme or Scenario Occurring 4: Assess the Materiality of Risk. 5: Assess Risks Within the Context of Existing Anti-Fraud Controls There are three main categories of materiality in a FRA 1. Inconsequential 2. More than inconsequential 3. Material Ultimate goal of a FRA The ultimate objective of any FRA is to guide the institution's auditors in adjusting their audit plans to incorporate specific techniques for detecting fraud, and to assist management in formulating and/or adjusting its anti-fraud controls to reduce the risk of fraud. Approaches to FRAs will differ from organization to organization, but most FRAs focus on identifying fraud risks in six key categories: 1. Fraudulent financial reporting 2. Misappropriation of assets 3. Expenditures and liabilities for an improper purpose 4. Revenue and assets obtained by fraud 5. Costs and expenses avoided by fraud 6. Financial misconduct by senior management FRA step 3: Analyze the Likelihood of Each Scheme or Scenario Occurring International auditing standards specify four risk levels: 1. Remote 2. More than remote 3. Reasonably possible 4. Probable FACTA Red Flags List of Suggested Alerts, Notifications or Warnings from a Consumer Reporting Agency 1. Suspicious Documents 2. Suspicious Personal Identifying Information 3. Unusual Use of, or Suspicious Activity Related to, the Covered Account 4. Notice from Customers, Victims of Identity Theft, Law Enforcement Authorities, or Other Persons Regarding Possible Identity Theft in Connection with Covered Accounts Held by the Financial Institution or Creditors The Institute of Internal Auditors (IIA) has endorsed audit standards that outline the techniques and procedures for conducting an FRA—specifically, those contained in Statement of Auditing Standards 99 (SAS 99 and AU-C 240) FRA is meant to assist auditors and/or fraud examiners in adjusting their audit and investigation plans, and testing to focus on gathering evidence of red flags for fraud schemes and scenarios that the FRA identifies According to AU-C 240 (and implied by the revised 2013 Framework), regardless of who conducts the FRA, responding to its findings requires the auditor to adjust the timing, nature, and extent of testing, in such ways as