Why are computer fraud cases difficult for a fraud examiner to investigate?
They require the use of one or more specialists to assist the fraud examiner.
They require an understanding of the technology used to commit the crime.
They lack a traditional paper audit trail.
All of the above are reasons why computer fraud cases are difficult to investigate.
If an organization offers wireless or remote access, its server software should terminate any connection:
after a certain number of unsuccessful attempts to enter an invalid password.
from a foreign country.
Which of the following is not one of the four phases of the procurement process?
The presolicitation phase
The solicitation phase
The project review phase
The performance phase
A caterer has been contracted by Austin Corp. to provide the food for a large banquet. The catering contract explicitly states that the caterer will serve a fish entrée and a chicken entrée, and the fish entrée will consist of red snapper. The caterer decides to use tilapia instead, which costs about a third as much as red snapper, but is also a white fish and looks quite similar. He figures that no one at the banquet will be able to tell the difference. Austin Corp. is charged the price of the red snapper. What type of scheme has the caterer perpetrated?
Max Reynolds is trying to obtain customer payment data from Stella Corporation. He wanders around Stella’s offices pretending to be a confused intern, looking for someone who can help him get on his computer. An unsuspecting employee gives him her login information, not realizing the amount of data she has just given him access to. He downloads several spreadsheets of customer payment data and takes off. What type of scheme has Max committed against Stella Corporation?
Which of the following statements is true with regard to external fraud threats?
A member of an organization’s board of directors committing fraud against that organization is an example of external fraud.
Only companies that contract with vendors are at a risk of external fraud.
Companies that house large amounts of customer payment data are especially vulnerable to external fraud threats.
Unrelated third parties pose the greatest threat to an organization.
________________ is the use of technology to gain unauthorized access to sensitive information on a computer system.
What is a paperhanger?
A person who counterfeits money
A person who is an expert in credit card fraud
A person who is an expert in check fraud
A person who specializes in e-commerce check scams
Which of the following statements is true with regard to credit cards?
The hologram is the easiest part of a credit card to duplicate.
Counterfeit credit cards are known as “black plastic” cards.
The chances of being caught using an unauthorized card are small.
Which of the following is commonly used to perpetrate data manipulation and destruction schemes?
All of the following are examples of malware except:
Which of the following is a key finding from the 2010/2011 Computer Crime and Security Survey?
Respondents believed that the activities of outsiders accounted for much of their losses from cybercrime.
All companies surveyed had a technical expert on staff.
Data manipulation is one of the most commonly seen attacks.
Almost 80% of the survey respondents experienced at least one security incident.
Password cracking, social engineering, and phishing are all:
none of the above.
data manipulation tactics.
corporate espionage tactics.
methods used to gain unauthorized access.
Which of the following is not one of the three sources of external fraud discussed?
Unrelated third parties
The objective of a fraud risk assessment is to help management recognize factors that make an organization most vulnerable to fraud so that management can address those factors to reduce the exposure.
What is a recommended preventative measure a company should take to protect its physical property?
Keep sensitive documents out of sight and in employees’ drawers.
Ensure the cleaning staff only works after business hours.
Send and receive all mail from company premises.
Ensure outdoor waste receptacles are locked and guarded.
Effective internal controls can eliminate the need for a fraud risk assessment.
26.Fraudulent financial reporting risks include which of the following?
Payment of bribes or gratuities
Misappropriation of intangible assets
Aiding and abetting of fraud by outside parties
Inappropriately reflected balance sheet amounts
Which of the following factors should be considered in assessing the likelihood of occurrence of each fraud risk?
Criminal, civil, and regulatory liabilities
Financial statement and monetary significance
Internal control environment of the organization
Financial condition of the organization
According to the textbook, which of the following is not one of a corporate spy’s favorite departments to target?
Research and development
Which of the following factors should be considered when selecting a sponsor for the fraud risk assessment?
Ability to elicit cooperation
All of the above
In general, management should avoid sharing the fraud risk assessment process and results with employees.
Management is not likely to have sufficient knowledge of controls to override them.
Factors that influence the level of fraud risk faced by an organization include which of the following?
The ethics and values of the organization and the people in it
The effectiveness of the organization’s internal control
The nature of the business
All of the above
Assessing an area as having a high fraud risk means that fraud is occurring there.
_________ controls are designed to stop an undesirable event from occurring, whereas _________ controls are designed to identify an undesirable event that has already occurred.
Which of the following does corporate espionage include?
Acquisition of information through clandestine means
Legitimate intelligence collection
Intelligence analysis using legal means
All of the above
Which of the following is not a potential corruption risk?
Aiding and abetting of fraud by customers or vendors
Receipt of kickbacks, bribes, or gratuities
Inadequate disclosures pertaining to related-party transactions
Payment of bribes to public officials, companies, or private individuals
Which of the following factors enhances a fraud risk assessment?
Independence and objectivity of those leading and conducting the work
Collaboration between management and auditors
Inclusion of people’s perceptions at all levels of the organization
All of the above
Which of the following techniques can be used to evaluate the effectiveness and efficiency of internal controls?
Interviews with management and employees
Consideration of the risk of management’s override of controls
Review of the accounting policies and procedures in place
All of the above
When assessing the potential incentives, pressures, and opportunities to commit fraud, the fraud risk assessment team should evaluate which of the following?
Incentive programs and how they may affect employees’ behavior when conducting business or applying professional judgment
Highly complex business transactions and how they might be used to conceal fraudulent acts
Opportunities for collusion
All of the above
To maximize the effectiveness of the fraud risk assessment process, the fraud risk assessment team should include both facts and opinions in its report.
Which of the following information-gathering techniques enables the fraud risk assessor to observe the interactions of employees as they discuss a question or issue?
Anonymous feedback mechanisms
Which of the following actions might management take in order to transfer a residual fraud risk?
Eliminate the related asset.
Exit the related activity.
Purchase fidelity insurance.
Which of the following is not a true statement regarding the fraud risk assessment process?
It should be influenced by the culture of an organization.
To be most effective, it should be an ongoing, continuous process.
It is aimed at proactively identifying an organization’s vulnerabilities to fraud.
It is more of a science than an art.
Both management and auditors have a responsibility for fraud risk management.
The vulnerability of an organization to those capable of overcoming the three elements of the fraud triangle is known as which of the following?
Fraud risk assessment
Which of the following is not true regarding fraud risk?
It encompasses reputation risk.
It can be analyzed qualitatively.
It results exclusively from sources internal to the organization.
It can be analyzed quantitatively.
Internal control is a process aimed at proactively identifying and addressing an organization’s vulnerabilities to internal and external fraud.
In assessing the significance to the organization of identified fraud risks, the fraud risk assessment team should first consider them on an inherent basis.
- This solution has not purchased yet.
- Submitted On 20 Jun, 2017 10:04:48