Assignment

Question 1
Why are computer fraud cases difficult for a fraud examiner to investigate?
They require the use of one or more specialists to assist the fraud examiner.
They require an understanding of the technology used to commit the crime.
They lack a traditional paper audit trail.
All of the above are reasons why computer fraud cases are difficult to investigate.

Question 2
If an organization offers wireless or remote access, its server software should terminate any connection:
after a certain number of unsuccessful attempts to enter an invalid password.
from a foreign country.
cash larceny.
skimming.

Question 3
Which of the following is not one of the four phases of the procurement process?
The presolicitation phase
The solicitation phase
The project review phase
The performance phase

Question 4
A caterer has been contracted by Austin Corp. to provide the food for a large banquet. The catering contract explicitly states that the caterer will serve a fish entrée and a chicken entrée, and the fish entrée will consist of red snapper. The caterer decides to use tilapia instead, which costs about a third as much as red snapper, but is also a white fish and looks quite similar. He figures that no one at the banquet will be able to tell the difference. Austin Corp. is charged the price of the red snapper. What type of scheme has the caterer perpetrated?
Material deception
Contract falsification
Product substitution
Cost mischarging

Question 5
Max Reynolds is trying to obtain customer payment data from Stella Corporation. He wanders around Stella's offices pretending to be a confused intern, looking for someone who can help him get on his computer. An unsuspecting employee gives him her login information, not realizing the amount of data she has just given him access to. He downloads several spreadsheets of customer payment data and takes off. What type of scheme has Max committed against Stella Corporation?
Social engineering
Password cracking
Employee hijacking
Phishing

Question 6
Which of the following statements is true with regard to external fraud threats?
A member of an organization's board of directors committing fraud against that organization is an example of external fraud.
Only companies that contract with vendors are at a risk of external fraud.
Companies that house large amounts of customer payment data are especially vulnerable to external fraud threats.
Unrelated third parties pose the greatest threat to an organization.

Question 7
________________ is the use of technology to gain unauthorized access to sensitive information on a computer system.
Computer hacking
Computer crime
Social engineering
Data manipulation

Question 8
What is a paperhanger?
A person who counterfeits money
A person who is an expert in credit card fraud
A person who is an expert in check fraud
A person who specializes in e-commerce check scams

Question 9
Which of the following statements is true with regard to credit cards?
The hologram is the easiest part of a credit card to duplicate.
Less than half of the U.S. population has a credit card.
Counterfeit credit cards are known as "black plastic" cards.
The chances of being caught using an unauthorized card are small.

Question 10
Which of the following is commonly used to perpetrate data manipulation and destruction schemes?
Malware
Data dumps
Network infiltration
Wire tapping

Question 11
All of the following are examples of malware except:
virus.
Trojan horse.
botnet.
blackware.

Question 12
Which of the following is a key finding from the 2010/2011 Computer Crime and Security Survey?
Respondents believed that the activities of outsiders accounted for much of their losses from cybercrime.
All companies surveyed had a technical expert on staff.
Data manipulation is one of the most commonly seen attacks.
Almost 80% of the survey respondents experienced at least one security incident.

Question 13
Password cracking, social engineering, and phishing are all:
none of the above.
data manipulation tactics.
corporate espionage tactics.
methods used to gain unauthorized access.

Question 14
Which of the following is not one of the three sources of external fraud discussed?
Vendors
Customers
Unrelated third parties
Auditors
Subsection

Question 15
The objective of a fraud risk assessment is to help management recognize factors that make an organization most vulnerable to fraud so that management can address those factors to reduce the exposure.
True
False

Question 16
What is a recommended preventative measure a company should take to protect its physical property?
Keep sensitive documents out of sight and in employees' drawers.
Ensure the cleaning staff only works after business hours.
Send and receive all mail from company premises.
Ensure outdoor waste receptacles are locked and guarded.

Question 17
Effective internal controls can eliminate the need for a fraud risk assessment.
True
False

Question 18
Fraudulent financial reporting risks include which of the following?
Payment of bribes or gratuities
Misappropriation of intangible assets
Aiding and abetting of fraud by outside parties
Inappropriately reflected balance sheet amounts

Question 19
Which of the following factors should be considered in assessing the likelihood of occurrence of each fraud risk?
Criminal, civil, and regulatory liabilities
Financial statement and monetary significance
Internal control environment of the organization
Financial condition of the organization

Question 20
According to the textbook, which of the following is not one of a corporate spy's favorite departments to target?
Research and development
Human resources
Legal
Marketing

Question 21
Which of the following factors should be considered when selecting a sponsor for the fraud risk assessment?
Independence
Seniority
Ability to elicit cooperation
All of the above

Question 22
In general, management should avoid sharing the fraud risk assessment process and results with employees.
True
False

Question 23
Management is not likely to have sufficient knowledge of controls to override them.
True
False

Question 24
Factors that influence the level of fraud risk faced by an organization include which of the following?
The ethics and values of the organization and the people in it
The effectiveness of the organization's internal control
The nature of the business
All of the above

Question 25
Assessing an area as having a high fraud risk means that fraud is occurring there.
True
False

Question 26
_________ controls are designed to stop an undesirable event from occurring, whereas _________ controls are designed to identify an undesirable event that has already occurred.
Internal; external
Operating; review
Preventive; detective
Risk; discovery

Question 27
Which of the following does corporate espionage include?
Acquisition of information through clandestine means
Legitimate intelligence collection
Intelligence analysis using legal means
All of the above

Question 28
Which of the following is not a potential corruption risk?
Aiding and abetting of fraud by customers or vendors
Receipt of kickbacks, bribes, or gratuities
Inadequate disclosures pertaining to related-party transactions
Payment of bribes to public officials, companies, or private individuals

Question 29
Which of the following factors enhances a fraud risk assessment?
Independence and objectivity of those leading and conducting the work
Collaboration between management and auditors
Inclusion of people's perceptions at all levels of the organization
All of the above

Question 30
Which of the following techniques can be used to evaluate the effectiveness and efficiency of internal controls?
Interviews with management and employees
Consideration of the risk of management's override of controls
Review of the accounting policies and procedures in place
All of the above

Question 31
When assessing the potential incentives, pressures, and opportunities to commit fraud, the fraud risk assessment team should evaluate which of the following?
Incentive programs and how they may affect employees' behavior when conducting business or applying professional judgment
Highly complex business transactions and how they might be used to conceal fraudulent acts
Opportunities for collusion
All of the above

Question 32
To maximize the effectiveness of the fraud risk assessment process, the fraud risk assessment team should include both facts and opinions in its report.
True
False

Question 33
Which of the following information-gathering techniques enables the fraud risk assessor to observe the interactions of employees as they discuss a question or issue?
Anonymous feedback mechanisms
Focus groups
Interviews
Surveys

Question 34
Which of the following actions might management take in order to transfer a residual fraud risk?
Eliminate the related asset.
Implement countermeasures.
Exit the related activity.
Purchase fidelity insurance.

Question 35
Which of the following is not a true statement regarding the fraud risk assessment process?
It should be influenced by the culture of an organization.
To be most effective, it should be an ongoing, continuous process.
It is aimed at proactively identifying an organization's vulnerabilities to fraud.
It is more of a science than an art.

Question 36
Both management and auditors have a responsibility for fraud risk management.
True
False

Question 37
The vulnerability of an organization to those capable of overcoming the three elements of the fraud triangle is known as which of the following?
Inherent risk
Fraud risk
Control risk
Fraud risk assessment

Question 38
Which of the following is not true regarding fraud risk?
It encompasses reputation risk.
It can be analyzed qualitatively.
It results exclusively from sources internal to the organization.
It can be analyzed quantitatively.

Question 39
Internal control is a process aimed at proactively identifying and addressing an organization's vulnerabilities to internal and external fraud.
True
False

Question 40
In assessing the significance to the organization of identified fraud risks, the fraud risk assessment team should first consider them on an inherent basis.
True
False.