Risk and Procedures for Control Paper 4

Answer (A) is correct. Strong internal control policies are essential for establishing the “tone at the top.” Segregation of duties is one of the most fundamental forms of internal control. Requiring vacations makes it difficult for employees to carry on undiscovered fraud in the absence of collusion

Answer (A) is correct. Risk Assessment in the COSO model is the identification and analysis of relevant risks to achievement of the objectives. It forms a basis for determining how the risks should be managed.

Answer (A) is correct. In the COSO framework, the personnel policies and procedures influence the control consciousness of personnel, so they are an integral part of an efficient control environment.

Answer (C) is correct. COSO broadly defines internal control as a process, effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations

Answer (D) is correct. The risk that there will be a material misstatement, assuming no related internal control strategy, is the best example of inherent risk. Inherent risk is the susceptibility of one of the company’s objectives to obstacles arising from the nature of the objective. Inherent risk does not take internal controls into consideration.

Answer (C) is correct. This would indicate management’s commitment to strong internal controls. By allocating funds annually to update and improve the entity’s information systems, management emphasizes the importance of sound and up-to-date controls over the company’s information and business operating system.

Answer (D) is correct. Proper segregation of duties and responsibilities reduces the opportunity for an individual to both perpetrate and conceal an error or fraud in the normal course of his or her duties. Hence, different people should be assigned the responsibilities for authorizing transactions, record keeping and asset custody.

Answer (D) is correct. One person should not be responsible for all phases of a transaction, i.e., for authorization, recording, and custodianship of the related assets. These duties should be performed by separate individuals to reduce the opportunities for any person to be in a position of both perpetrating and concealing errors or fraud in the normal course of his or her duties. For instance, an employee who receives and lists cash receipts should not be responsible for comparing the recorded accountability for cash with existing amounts.

Answer (B) is correct. Assets should be compared with the recorded accountability as frequently as the nature and amount of the assets require, within the limits of acceptable costs of comparison. The costs of safeguarding assets should not exceed the expected benefits.

Answer (D) is correct. The question concerning the daily deposit of intact cash receipts is related to the cash receipts cycle, not the purchases-payables-cash disbursements cycle.