Archive for February 2019

Which of the following is not a way to improve fraud detection?

Naim 10:48

Which of the following is not a way to improve fraud detection?



A) Install fraud detection software.
B) Implement a fraud hotline.
C) Employ a computer security officer.
D) Implement computer-based controls over input, processing, storage, and output activities.


Answer: D

Which of the following is not a way to reduce fraud losses?

Naim 10:48

Which of the following is not a way to reduce fraud losses?



A) Conduct periodic external and internal audits.
B) Maintain adequate insurance.
C) Use software to monitor system activity.
D) Store backup copies of program and data files.


Answer: A

Which of the following is not a way to make fraud less likely to occur?

Naim 10:48

Which of the following is not a way to make fraud less likely to occur?



A) Adopt an organizational structure that minimizes the likelihood of fraud.
B) Create an organizational culture that stresses integrity and commitment to ethical values.
C) Create an audit trail so individual transactions can be traced.
D) Effectively supervise employees.


Answer: C

The fraud appears to be misappropriation of assets that is being concealed with a lapping scheme. Controls would include:

Naim 10:48
A teller at a savings and loan drive-through accepted a cash payment from customer #1 for an auto loan. The teller appeared to process the payment, but told the customer the printer was jammed and she can't print a receipt. The customer accepted the excuse and drove away. The teller pocketed the cash and wrote down customer #1's loan number and payment amount for future reconciling. A couple of days before customer #1's monthly statement was printed, the teller recorded a cash payment from customer #2 as if it were made by customer #1. The teller pocketed the difference between the two payments. The teller continued to steal and misapply customer payments for the next two years without detection.

Identify the type of fraud scheme described. Describe five controls you would implement to address the fraud risk, and label each control as preventive or detective.

The fraud appears to be misappropriation of assets that is being concealed with a lapping scheme. Controls would include:



1. rotation of duties (primarily detective)
2. mandatory vacations (primarily detective)
3. surveillance with cameras (primarily detective)
4. staggered statement printing schedules, unknown to tellers (detective)
5. sequentially prenumbered, duplicate receipts (detective)
6. segregation of duties between cash handling and recording (preventive)
7. encourage customers to utilize on-line banking for loan payments and to frequently check balances (detective)

Describe four ways companies can reduce losses from fraud.

Naim 10:47

Describe four ways companies can reduce losses from fraud.



Answer: Maintain adequate insurance. Keep a current backup copy of all program and data files in a secure off-site location. Develop a contingency plan for fraud occurrences and other disasters that might occur. Use special software designed to monitor system activity and help companies recover from frauds and malicious actions.

Describe at least four ways a company can make fraud less likely to occur.

Naim 10:47

Describe at least four ways a company can make fraud less likely to occur.



Answer: A company can decrease fraud by: good hiring and firing practices; good management of unhappy employees; training in fraud awareness; manage and track computer licenses; implement signed confidentiality agreements; maintain visible security; educate the workforce in ethics and the penalties for illegal acts.

What are the actions recommended by the Treadway Commission to reduce the possibility of fraudulent financial reporting?

Naim 10:47

What are the actions recommended by the Treadway Commission to reduce the possibility of fraudulent financial reporting?



Answer: organizational environment that contributes to the integrity of the financial reporting process. Identify and understand the factors that lead to fraudulent financial reporting. Assess the risk of fraudulent financial reporting within the company. Design and implement internal controls to provide reasonable assurance that the fraudulent financial reporting is prevented.

On Tuesday morning, Chen Lee, Chief Information Officer at American Trading Corporation (ATC), got some bad news. The hard drive use to store system data backups was lost while it was being transported to an offsite storage location. Chen called a meeting of her technical staff to discuss the implications of the loss. Which of the following is most likely to relieve her concerns over the potential cost of the loss?

Naim 10:47

On Tuesday morning, Chen Lee, Chief Information Officer at American Trading Corporation (ATC), got some bad news. The hard drive use to store system data backups was lost while it was being transported to an offsite storage location. Chen called a meeting of her technical staff to discuss the implications of the loss. Which of the following is most likely to relieve her concerns over the potential cost of the loss?



A) ATC has a comprehensive disaster recovery plan.
B) The hard drive was encrypted and password protected.
C) The shipper has insurance that will reimburse ATC for the cost of the hard drive.
D) ATC has a copy of the hard drive onsite, so a new copy for storage offsite can easily be prepared.


Answer: B

Most frauds are detected by

Naim 10:46

Most frauds are detected by



A) external auditors.
B) hotline tip.
C) internal auditors.
D) the police.


Answer: B

Why do fraudulent acts often go unreported and are therefore not prosecuted?

Naim 10:46

Why do fraudulent acts often go unreported and are therefore not prosecuted?



Answer: Most fraud cases go unreported and are not prosecuted for several reasons. Many cases of computer fraud are as yet still undetected. As new technology and methods become available to organizations, prior undetected fraud may be revealed in the future. A second reason is that companies are reluctant to report computer fraud and illegal acts simply because of bad publicity—a highly visible case can undermine consumer confidence in an organization such as a financial institution. Also, the fact that a fraud has occurred may indeed encourage others to attempt to commit further acts against the organization. It would seem that unreported fraud creates a false sense of security, as people think systems are more secure than they are in reality. Another reason for not reporting fraudulent acts is the fact that the court system and law enforcement is busy with violent crimes and criminals in its system. There is little time left to go after a crime where no physical harm is present. Also, the court system tends to treat teen hacking and cracking as "acts of childhood" rather than as serious crimes—this leads to many plea bargains when a computer fraud is brought to trial. Another reason is that a computer fraud case is difficult, costly, and time-consuming to investigate and prosecute. Before 1986 no federal law existed governing computer fraud. Law enforcement officials, lawyers, and judges generally lack the computer skills necessary to properly evaluate, investigate, and prosecute computer crimes. Sadly, when all is said and done a successful prosecution and conviction of computer fraud results in a very light sentence. All of these factors contribute to the under reporting and lack of prosecution of computer fraud crimes. Not everyone agrees on what constitutes computer fraud:
• Many networks have a low level of security
• Many Internet pages give instruction on how to carry out computer crimes
• Law enforcement has difficulty keep up with the growing number of computer frauds
• The total dollar value of losses from computer fraud is difficult to estimate.

Why is computer fraud on the rise?

Naim 10:46

Why is computer fraud on the rise?



Answer: Not everyone agrees on what constitutes computer fraud and some people may commit computer fraud unwittingly and not be aware of it. Many computer frauds go undetected. The belief that "it just can't happen to us." Most networks have a low level of security. Many Internet sites provide guidance on how to commit computer crimes. Law enforcement is unable to keep up with the number of computer frauds. Most frauds are not reported. The total dollar value of losses is difficult to calculate.

Why do many fraud cases go unreported and unprosecuted?

Naim 10:45

Why do many fraud cases go unreported and unprosecuted? 



A) Major fraud is a public relations nightmare.
B) Fraud is difficult, costly, and time-consuming to investigate and prosecute.
C) Law enforcement and the courts are often so busy with violent crimes that little time is left for fraud cases.
D) all of the above


Answer: D

Why is computer fraud often more difficult to detect than other types of fraud?

Naim 10:45

Why is computer fraud often more difficult to detect than other types of fraud? 



A) Rarely is cash stolen in computer fraud.
B) The fraud may leave little or no evidence it ever happened.
C) Computers provide more opportunities for fraud.
D) Computer fraud perpetrators are just more clever than other types of criminals.


Answer: B

Why is computer fraud often much more difficult to detect than other types of fraud?

Naim 10:44

Why is computer fraud often much more difficult to detect than other types of fraud?



A) because massive fraud can be committed in only seconds, leaving little-to-no evidence
B) because most perpetrators invest their illegal income rather than spend it, concealing key evidence
C) because most computer criminals are older and more cunning than perpetrators of other types of fraud
D) because perpetrators usually only steal very small amounts of money at a time, requiring a long period of time to pass before discovery


Answer: A

How does the U.S. Justice Department define computer fraud?

Naim 10:44

How does the U.S. Justice Department define computer fraud?



A) as any crime in which a computer is used
B) as any act in which cash is stolen using a computer
C) as an illegal act in which a computer is an integral part of the crime
D) as an illegal act in which knowledge of computer technology is essential


Answer: D

Which of the following is least likely to result in computer fraud?

Naim 10:44

Which of the following is least likely to result in computer fraud?



A) releasing data to unauthorized users
B) allowing computer users to test software upgrades
C) allowing computer operators full access to the computer room
D) storing backup tapes in a location where they can be quickly accessed


Answer: C

What are some of the distinguishing characteristics of fraud perpetrators?

Naim 10:44

What are some of the distinguishing characteristics of fraud perpetrators?



Answer: Some distinguishing characteristics of fraud perpetrators are: they tend to spend their illegal income to support their lifestyle; once they begin it becomes harder to stop and they become bolder as each incident happens; once they start to rely on the ill-gotten gains, they become more greedy and sometimes careless and overconfident. In the case of computer criminals, they are often young and have substantial computer knowledge. About two-thirds are men and likely to be an employee of the firm from which they steal. Many are unhappy or disgruntled with their employer because they feel unappreciated and underpaid. Most have no previous criminal record.

The most efficient way to conceal asset misappropriation is to

Naim 10:43

The most efficient way to conceal asset misappropriation is to



A) write-off a customer receivable as bad debt.
B) alter monthly bank statements before reconciliation.
C) alter monthly physical inventory counts to reconcile to perpetual inventory records.
D) record phony payments to vendors.


Answer: A

Which situation below makes it easy for someone to commit a fraud?

Naim 10:43

Which situation below makes it easy for someone to commit a fraud? 



A) placing excessive trust in key employees
B) inadequate staffing within the organization
C) unclear company policies
D) All of the above situations make it easy for someone to commit a fraud.


Answer: D

Which of the following is the best way to hide theft of assets?

Naim 10:42

Which of the following is the best way to hide theft of assets? 



A) creating "cash" through the transfer of money between banks
B) conversion of stolen assets into cash
C) stealing cash from customer A and then using customer B's balance to pay customer A's accounts receivable
D) charging the stolen asset to an expense account


Answer: D

Identify the opportunity below that could enable an employee to commit fraud.

Naim 10:41

Identify the opportunity below that could enable an employee to commit fraud.



A) An employee's spouse loses her job.
B) An employee has a close association with suppliers or customers.
C) An employee suddenly acquires lots of credit cards.
D) An employee is upset that he was passed over for a promotion.


Answer: B

Researchers have compared the psychological and demographic characteristics of white-collar criminals, violent criminals, and the general public. They found that

Naim 10:41

Researchers have compared the psychological and demographic characteristics of white-collar criminals, violent criminals, and the general public. They found that 



A) few differences exist between white-collar criminals and the general public.
B) white-collar criminals eventually become violent criminals.
C) most white-collar criminals invest their illegal income rather than spend it.
D) most white-collar criminals are older and not technologically proficient.


Answer: A

Which of the following is not a management characteristic that increases pressure to commit fraudulent financial reporting?

Naim 10:41

Which of the following is not a management characteristic that increases pressure to commit fraudulent financial reporting?



A) close relationship with the current audit engagement partner and manager
B) pay for performance incentives based on short-term performance measures
C) high management and employee turnover
D) highly optimistic earnings projections


Answer: A

Insiders are frequently the ones who commit fraud because

Naim 10:41

Insiders are frequently the ones who commit fraud because 



A) they are more dishonest than outsiders.
B) they need money more than outsiders.
C) they are less likely to get caught than outsiders.
D) they know more about the system and its weaknesses than outsiders.


Answer: D

Which of the following is not an example of the fraud triangle characteristic concerned with rationalization?

Naim 10:40

Which of the following is not an example of the fraud triangle characteristic concerned with rationalization?



A) revenge against the company
B) intent to repay "borrowed" funds in the future
C) sense of entitlement as compensation for receiving a lower than average raise
D) belief that the company won't suffer because an insurance company will reimburse losses


Answer: A

Lapping is best described as the process of

Naim 10:40

Lapping is best described as the process of 



A) applying cash receipts to a different customer's account in an attempt to conceal previous thefts of cash receipts.
B) inflating bank balances by transferring money among different bank accounts.
C) stealing small amounts of cash, many times over a period of time.
D) increasing expenses to conceal that an asset was stolen.


Answer: A

Misappropriation of assets is a fraudulent act that involves

Naim 10:40

Misappropriation of assets is a fraudulent act that involves



A) dishonest conduct by those in power.
B) misrepresenting facts to promote an investment.
C) using computer technology to perpetrate.
D) theft of company property.


Answer: D

Explain the impact of SAS No. 99 on auditors' responsibilities.

Naim 10:40

Explain the impact of SAS No. 99 on auditors' responsibilities.



Answer:

SAS No. 99, effective December 2002, requires that auditors explicitly consider fraud risks when planning and performing an audit. Auditors must understand types and characteristics of fraud. Audit teams must review clients' financial statements for areas susceptible to fraud and communicate with each other during planning of the audit. Auditors must ask management and audit committee members about any past or current instances of fraud. Since many frauds involve revenue recognition, auditors must exercise special care and testing in examining revenue accounts. Audit procedures and testing must be tailored in response to fraud risk assessment. Auditors must evaluate the risk of management override of controls and any other indications of fraud occurrences. All audit procedures, testing and findings must be documented and communicated to management and the audit committee. Auditors must evaluate and recognize the impact of technology on fraud risks, as well as opportunities technology may provide to design fraud-auditing procedures.

Describe Two kinds of fraud.

Naim 10:39

Describe Two kinds of fraud.



Answer:

1. Misappropriation of assets, or theft, by a person or group for personal financial gain is usually committed by employees.
2. Fraudulent financial reporting is intentional or reckless conduct that results in materially misleading financial statements.

Which of the following is not an example of one of the basic types of fraud?

Naim 10:39

Which of the following is not an example of one of the basic types of fraud?



A) While straightening the store at the end of the day, a shoe store employee finds and keeps an expensive pair of sunglasses left by a customer.
B) An executive devised and implemented a plan to accelerate revenue recognition on a long-term contract, which will allow the company to forestall filing for bankruptcy. The executive does not own any stock, stock options or grants, and will not receive a bonus or perk because of the overstated revenue.
C) A purchasing agent places a large order at higher-than-normal unit prices with a vendor that gave the agent tickets to several football games.
D) A salesperson approves a large sales discount on an order from a company owned partially by the salesperson's sister.


Answer: A

SAS No. 99 requires that auditors

Naim 10:39

SAS No. 99 requires that auditors



A) plan audits based on an analysis of fraud risk.
B) detect all material fraud.
C) alert the Securities and Exchange Commission of any fraud detected.
D) take all of the above actions.


Answer: A

Perpetrators do not typically

Naim 10:38

Perpetrators do not typically 



A) attempt to return or pay back stolen amounts soon after the initial theft, but find they are unable to make full restitution.
B) use trickery or lies to gain the confidence and trust of others at the organization they defraud.
C) become bolder and more greedy the longer the theft remains undetected.
D) begin to rely on stolen amounts as part of their income.


Answer: A

Seble wants to open a floral shop in a downtown business district. She doesn't have funds enough to purchase inventory and pay six months'' rent up front. Seble approaches a good friend, Zhou, to discuss the possibility of Zhou investing funds and becoming a 25% partner in the business. After a lengthy discussion Zhou agrees to invest. Eight months later, Zhou and Seble have a major argument. In order for Zhou to sue Seble for fraud, all the following must be true except

Naim 10:38

Seble wants to open a floral shop in a downtown business district. She doesn't have funds enough to purchase inventory and pay six months'' rent up front. Seble approaches a good friend, Zhou, to discuss the possibility of Zhou investing funds and becoming a 25% partner in the business. After a lengthy discussion Zhou agrees to invest. Eight months later, Zhou and Seble have a major argument. In order for Zhou to sue Seble for fraud, all the following must be true except



A) Zhou's decision to invest was primarily based on Seble's assertion that she had prior floral retail experience.
B) Seble told Zhou she had worked at a floral shop for several years, when in fact she did not have any prior experience in floral retail.
C) before Zhou invested, Seble prepared a detailed business plan and sales forecasts, and provided Zhou with copies.
D) Zhou's 25% share of the business is worth substantially less than her initial investment.


Answer: C

Logic errors are an example of which type of threat?

Naim 10:38

Logic errors are an example of which type of threat?



A) natural and political disasters
B) software errors and equipment malfunctions
C) unintentional acts
D) system inefficiency


Answer: C

Excessive heat is an example of a(n) ________ threat.

Naim 10:36

Excessive heat is an example of a(n) ________ threat.



A) natural and political disasters
B) software errors and equipment malfunctions
C) unintentional acts
D) system inefficiency


Answer: A

A power outage is an example of a(n) ________ threat.

Naim 10:36

A power outage is an example of a(n) ________ threat.



A) natural and political disasters
B) software errors and equipment malfunctions
C) unintentional acts
D) system inefficiency


Answer: B

Perhaps the most striking fact about natural disasters in relation to AIS controls is that

Naim 10:34

Perhaps the most striking fact about natural disasters in relation to AIS controls is that 



A) many companies in one location can be seriously affected at one time by a disaster.
B) losses are absolutely unpreventable.
C) there are a large number of major disasters every year.
D) disaster planning has largely been ignored in the literature.


Answer: A
Subscribe to: Posts (Atom)