IOS2601 MUTIPLE-CHOICE QUESTIONS EXAM PACK ||
VERIFIED
\.11 principles of ISO 31000 - Answer-• Creates and protects value.
• Is an integral part of all organizational processes.
• Is a part of decision making
• Explicitly addresses uncertainty.
• Is systematic, structured, and timely
• Is based on the best available information.
• Is tailored.
• Takes human and cultural factors into account.0
○ Health related issues, different country's cultures
• Is transparent and inclusive.
• Is dynamic, iterative, and responsive to change.
• Facilitates continual improvement of the organization.
\.2 principles of Monitoring - Answer-1. selects, develops and performs ongoing and
separate evaluations of the controls
2. communicates deficiencies in a timely manner
\.2000 Managing internal auditing activity - Answer-* the CAE must effectively manage
the internal audit activity to ensure that it adds value to the organizaion
\.3 components of value proposition - Answer-assurance, insight, objectivity
\.3 layers of monitoring activities - Answer-1. everyday activities performed by mgmt of a
given area
2. non independent evaluation of internal controls performed by mgmt on a regular
basis to identify and resolve any deficiency
3. independent assessment by an outside area or function
\.3 lines of defense for the governing body - Answer-1st line: mgmt controls, internal
control measures
2nd line: financial controller, risk mgmt, compliance, health and safety, environmental,
quality assurance
3rd: internal auditor
\.3 pillars of effective internal audit services - Answer-independence and objectivity,
proficiency, due professional care
, \.3 principles of control activities - Answer-1. the organization selects and develops
control activities
2. selects and develops IT control activities
3. Deploys control activities through policies
\.3 Principles of Information and Communication - Answer-1. obtain relevant and quality
info
2. internally communicates info
3. external communicates info
\.3 types of standards - Answer-attribute, performance standards, implementation
standards
\.4 categories of risk - Answer-strategic, operational, financial reporting, compliance
\.4 Principles of Risk Assessment - Answer-1. clear objectives identified
2. Risk identification
3. Potential for fraud is considered
4. Identify and assess changes that can impact the system
\.4 principles of the code of ethics - Answer-integrity, objectivity, confidentiality,
competency
\.4 types of objectives - Answer-strategic, operational, reporting, compliance objectives
\.5 main sections of the COSO framework - Answer-control environment, risk
assessment, control activities, info and communication, monitoring activities
\.5 principles of control environment - Answer-1. commitment to integrity and ethical
values
2. independence of the BOD
3. Structures, authorities, responsibilities are established by management for objectives
4.Attract, develop retain competent employees
5. people/individuals are accountable for their internal control
\.8 components of ERM - Answer-internal environment, setting objectives, event
identification, assessment of risk, risk response, activities, information and
communications, monitoring
\.assurance - Answer-an objective examination of evidence for the purpose of providing
an independent assessment on risk management, control, or governance processes for
the organization
VERIFIED
\.11 principles of ISO 31000 - Answer-• Creates and protects value.
• Is an integral part of all organizational processes.
• Is a part of decision making
• Explicitly addresses uncertainty.
• Is systematic, structured, and timely
• Is based on the best available information.
• Is tailored.
• Takes human and cultural factors into account.0
○ Health related issues, different country's cultures
• Is transparent and inclusive.
• Is dynamic, iterative, and responsive to change.
• Facilitates continual improvement of the organization.
\.2 principles of Monitoring - Answer-1. selects, develops and performs ongoing and
separate evaluations of the controls
2. communicates deficiencies in a timely manner
\.2000 Managing internal auditing activity - Answer-* the CAE must effectively manage
the internal audit activity to ensure that it adds value to the organizaion
\.3 components of value proposition - Answer-assurance, insight, objectivity
\.3 layers of monitoring activities - Answer-1. everyday activities performed by mgmt of a
given area
2. non independent evaluation of internal controls performed by mgmt on a regular
basis to identify and resolve any deficiency
3. independent assessment by an outside area or function
\.3 lines of defense for the governing body - Answer-1st line: mgmt controls, internal
control measures
2nd line: financial controller, risk mgmt, compliance, health and safety, environmental,
quality assurance
3rd: internal auditor
\.3 pillars of effective internal audit services - Answer-independence and objectivity,
proficiency, due professional care
, \.3 principles of control activities - Answer-1. the organization selects and develops
control activities
2. selects and develops IT control activities
3. Deploys control activities through policies
\.3 Principles of Information and Communication - Answer-1. obtain relevant and quality
info
2. internally communicates info
3. external communicates info
\.3 types of standards - Answer-attribute, performance standards, implementation
standards
\.4 categories of risk - Answer-strategic, operational, financial reporting, compliance
\.4 Principles of Risk Assessment - Answer-1. clear objectives identified
2. Risk identification
3. Potential for fraud is considered
4. Identify and assess changes that can impact the system
\.4 principles of the code of ethics - Answer-integrity, objectivity, confidentiality,
competency
\.4 types of objectives - Answer-strategic, operational, reporting, compliance objectives
\.5 main sections of the COSO framework - Answer-control environment, risk
assessment, control activities, info and communication, monitoring activities
\.5 principles of control environment - Answer-1. commitment to integrity and ethical
values
2. independence of the BOD
3. Structures, authorities, responsibilities are established by management for objectives
4.Attract, develop retain competent employees
5. people/individuals are accountable for their internal control
\.8 components of ERM - Answer-internal environment, setting objectives, event
identification, assessment of risk, risk response, activities, information and
communications, monitoring
\.assurance - Answer-an objective examination of evidence for the purpose of providing
an independent assessment on risk management, control, or governance processes for
the organization
