A.  

A process implemented to review how well the organization’s risk management capabilities have increased value over time and how they will continue to drive value for the organization

B.  

A process, effected by an entity’s board of directors, management, and other personnel,designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance

C.  

A process involving personnel at all levels of the organization that aims to eliminate all uncertainty and risk while also ensuring the achievement of organizational goals

D.  

A process aimed at proactively identifying, evaluating, and addressing an organization ' s vulnerabilities to fraud by both internal and external sources

A.  

Governance and culture

B.  

Review and revision

C.  

Strategy and objective-setting

D.  

Risk tolerance

A.  

Saskia should withdraw from the audit engagement immediately and issue a disclaimer on any prior work performed.

B.  

Saskia should provide a written communication about her findings to the relevant regulatory agencies.

C.  

Saskia should communicate the deficiencies in writing to those charged with governance.

D.  

Saskia should suspend the current audit engagement and begin a new audit focused on the internal control deficiencies.

A.  

True

B.  

False

A.  

A confused organizational structure makes it harder for a fraudster to perpetrate and conceal their misdeeds.

B.  

Effectively documenting and communicating the organizational structure to all employees can help prevent fraud.

C.  

Formally establishing and communicating the proper flow of information in an organization can hinder its fraud prevention initiatives.

D.  

Displaying organizational and departmental hierarchies can help fraudsters select their targets.

A.  

It replaces the need for individuals to consult their own conscience.

B.  

It facilitates practical enforcement and profession-wide Internal discipline.

C.  

It serves as a reference and benchmark for ethical guidance

D.  

It provides more direct solutions to professional ethical dilemmas than might exist under general ethical principles

A.  

" The evidence does not support Dean ' s confession. "

B.  

" Dean is guilty of embezzlement. "

C.  

" Dean ' s confession is supported by the evidence. "

D.  

" Dean confessed to embezzlement. "

A.  

True

B.  

False

A.  

True

B.  

False

A.  

They state that a corporate governance framework should promote transparent and fair markets and the efficient allocation of resources.

B.  

They assert that a corporate governance framework should ensure that the treatment of shareholders differs based on the class of stock they own.

C.  

They are intended to be applicable in emerging markets but not in developed economies.

D.  

They are required to be implemented by all corporations in the jurisdictions that have officially adopted them.

A.  

ISA 240 requires auditors to effectively educate the staff about the risk of fraud within the audited organization.

B.  

ISA 240 establishes auditors as being primarily responsible for implementing anti-fraud internal controls within an organization.

C.  

ISA 240 provides guidance regarding the auditor ' s responsibility to consider fraud in an audit of financial statements.

D.  

ISA 240 creates requirements for the board of directors regarding the establishment of a holistic fraud risk management program.

A.  

Fully eliminates the risk of fraud

B.  

Focuses more on detective controls than preventive controls

C.  

Focuses more on preventive controls than detective controls

D.  

Increases the perception that fraud will be detected

A.  

Formal sanctions for intentional noncompliance should be kept private and only shared if a party absolutely needs to know.

B.  

All employees at the organization should be responsible for monitoring compliance with the program.

C.  

Punishment for intentional noncompliance should be individualized based on the offender ' s personal circumstances.

D.  

Systems to monitor and identify breaches in compliance must be included in the fraud risk management program.

A.  

Differential association theory

B.  

Routine activities theory

C.  

Justification of action theory

D.  

Rational choice theory

A.  

True

B.  

False

A.  

A code offers fewer and less direct solutions to professional ethical dilemmas than might exist under general ethical principles.

B.  

A code acts as a substitute for legal and regulatory requirements that apply to the profession.

C.  

A code provides answers to all ethical dilemmas that the organization ' s members might encounter.

D.  

A code facilitates practical enforcement and internal discipline throughout a profession.

A.  

Internal audit

B.  

Confession

C.  

Tips

D.  

External audit

A.  

Emphasizing to all employees that the company maintains a policy of zero tolerance for fraud.

B.  

Keeping all known incidents of fraud private to protect the identities of parties involved.

C.  

Maintaining a policy that allows employees one warning before they are terminated for committing fraud

D.  

Punishing frauds only if they have a significant financial impact.

A.  

Evaluating the organization ' s structures and process for fraud risk governance.

B.  

Issuing a report asserting that the organization ' s financial statements do not contain material misstatements caused by fraud.

C.  

Overseeing management ' s actions to manage fraud risks.

D.  

Reporting to regulators regarding the entity ' s vulnerability to fraud.

A.  

Saskia should provide a written communication about her findings to the relevant regulatory agencies.

B.  

Saskia should suspend the current audit engagement and begin a new audit focused on the internal control deficiencies.

C.  

Saskia should communicate the deficiencies in writing to those charged with governance.

D.  

Saskia should withdraw from the audit engagement immediately and issue a disclaimer on any prior work performed.

A.  

Undertaking an engagement that decreases the fraud examiner ' s ability to perform their duties for their full-time employer

B.  

Accepting an assignment to assess red flags of fraud at an organization in which the fraud examiner is a partner, provided the fraud examiner ' s ownership interest is disclosed

C.  

Undertaking engagements for both sides in a case of an alleged product substitution scheme

D.  

Accepting an assignment to secretly infiltrate the fraud examiner ' s employing organization and transmit inside information to another party

A.  

The company should communicate that fraud, waste, and abuse are more likely to occur in large organizations than small ones.

B.  

The company should require employees with information about potential fraud to report it directly and only to their immediate supervisor.

C.  

Employees are held accountable for reporting tips that are not able to be substantiated

D.  

Employees should be informed that, to the extent possible, their names will not be disclosed.

A.  

True

B.  

False

A.  

Positive reinforcement

B.  

Negative reinforcement

C.  

Punishment

D.  

None of the above

A.  

Tips

B.  

Internal audit

C.  

External audit

D.  

Management review

A.  

Receipt of kickbacks

B.  

Espionage by competitors

C.  

Payment of bribes

D.  

Aiding and abetting vendor fraud

A.  

Transparency

B.  

Fairness

C.  

Responsibility

D.  

Accountability

A.  

An ability to analyze situations where no professional rules are specifically applicable and determine right from wrong

B.  

Subordination of desires for personal gain to the interests of clients, employers, and the public

C.  

Independence of mental attitude

D.  

Avoidance of differences of opinion

A.  

When verifying past employment, management should only ask previous employers to verify the candidate ' s previous position and dates of employment.

B.  

If a background check was conducted on an employee at the time of hire, then there is no need for management to conduct additional background checks on that employee during their employment.

C.  

As part of the screening process, management should contact the personal and professional references provided by the job candidate only if they are unsure whether the candidate is being honest.

D.  

Management should perform a background check on any candidate who will have access to cash, checks, credit card numbers, or other items that are easily stolen.

A.  

To inform the development of audit programs for areas that have been identified as having a high risk of fraud.

B.  

To confirm whether there is conclusive evidence that fraud is occurring within the company.

C.  

To validate whether the organization is appropriately managing moderate-to-high fraud risks.

D.  

To design audit tests to evaluate whether fraud risk controls are operating effectively.

A.  

True

B.  

False

A.  

Event avoidance

B.  

Risk tolerance

C.  

Compliance

D.  

Review and revision

A.  

Executive failures

B.  

Excessive regulatory requirements

C.  

Profit pressure

D.  

Unethical corporate culture

A.  

True

B.  

False

A.  

Daniela should immediately resign from the engagement.

B.  

Daniela should report Charles to law enforcement.

C.  

Daniela should contact the media to report what she found.

D.  

Daniela should tell the company ' s board of directors about Charles.

A.  

Hiring policies and procedures

B.  

Independent reconciliations

C.  

Separation of duties

D.  

Fraud awareness training

A.  

Asset misappropriation; corruption

B.  

Corruption, asset misappropriation

C.  

Financial statement fraud: corruption

D.  

Asset misappropriation: financial statement fraud

A.  

Tips

B.  

Document examination

C.  

Internal audit

D.  

Management review

A.  

True

B.  

False

A.  

The program is structured and comprehensive.

B.  

The program is based upon the best available information.

C.  

The program is integrated into only high-risk organizational activities.

D.  

The program is customized and proportionate to the organization ' s operations and objectives.

A.  

Fraud risk governance

B.  

Fraud control activities

C.  

Fraud risk management monitoring activities

D.  

Fraud investigation and corrective action

A.  

Have a mandatory independent compensation committee.

B.  

Develop a written charter for management.

C.  

Have adequate audit committee resources and authority.

D.  

Give shareholders oversight of internal controls.

A.  

All government auditors maintain the same requirements for reporting evidence of potential fraud uncovered during a public-sector financial statement audit.

B.  

Government auditors are legally prohibited from reporting evidence of potential fraud to any parties outside the organization being audited.

C.  

Government auditors ' reporting requirements pertaining to fraud are substantially the same as those for external auditors in the private sector.

D.  

The requirements for government auditors to report evidence of potential fraud depend on the jurisdiction and the specific audit mandate.

A.  

Criminal behavior is learned using the same mechanisms as other learning.

B.  

Criminal behavior is learned through a process that is the same as imitation.

C.  

Criminal behavior is explained by an individual ' s general needs and values.

D.  

Criminal behavior is acquired through casual interactions in large groups.

A.  

The legal and regulatory environment in which the organization operates

B.  

The ability of the framework to remain static during changes in the corporate landscape

C.  

The organization ' s ethical environment

D.  

The organization ' s cultural environment

A.  

Integrity lapse

B.  

Rationalization

C.  

Perceived non-shareable financial need

D.  

Perceived opportunity

A.  

Organizations should include in their whistleblower policies the specific penalties that people might encounter for refusing to report known misconduct.

B.  

Organizations should emphasize that rules regarding whistleblower protections are only intended for lower-level employees who might be more vulnerable to retaliation.

C.  

Organizations should implement a clear whistleblower policy that lists every type of misconduct that has ever been reported at the company.

D.  

Organizations should publicize their whistleblower policies and procedures to individuals both inside and outside of the organization.

A.  

Performance

B.  

Strategy and objective-setting

C.  

Governance and culture

D.  

Information, communication, and reporting

A.  

Grace, a CFE, uncovered internal control deficiencies that were material but unrelated to the financial statement fraud she was investigating. In her final report to management, Grace included information about the deficiencies despite their being unrelated to the situation she was hired to investigate.

B.  

Eric, a CFE, accepted a fraud examination assignment and then instructed his employee to assess the company’s accounts receivable for indications of fraud. He accepted the employee’s work that showed no evidence of fraud without conducting his own assessment. However, the employee missed some key information, causing Eric to fail to uncover a costly fraud scheme.

C.  

Mae, a CFE, was hired by a client to conduct a fraud examination but found nothing unusual. A year later, she received a legal order from the local prosecutor ' s office to provide the client’s file. Mae complied with the court order despite not having the client ' s authorization to provide the file.

D.  

All of the above are violations.

A.  

Contract law

B.  

Guidance from her family and friends

C.  

The ACFE Code of Professional Ethics

D.  

Philosophical principles related to ethics

A.  

Control activities

B.  

Risk assessment

C.  

Monitoring

D.  

Control environment

A.  

Peter should make a public announcement that he is withdrawing from the audit engagement.

B.  

Peter should provide a written communication about the findings to those charged with governance.

C.  

Peter should report the findings in writing directly to the appropriate regulatory agencies

D.  

Peter should discreetly work with senior management to correct the underlying internal control deficiencies.

A.  

Not disclose the information about Green.

B.  

Report Green to law enforcement

C.  

Tell the company ' s board of directors about Green.

D.  

Resign from the engagement

A.  

General counsel

B.  

Human resources

C.  

Management

D.  

Fraud examiners

A.  

Reporting revenue in the wrong accounting period

B.  

Fraudulent customer payments

C.  

Espionage by competitors

D.  

Payment of bribes to procure business

A.  

Corporate violations that involve large sums of money are often spread among so many organizations that each gains very little individually.

B.  

Violations are caused by innocent errors in judgment rather than economic necessity.

C.  

Government regulations are justified because the additional costs of regulations and bureaucratic procedures increase government profits.

D.  

Government regulation is unnecessary because the matters being regulated are unimportant.

A.  

The absence of capable guardians

B.  

The availability of suitable targets

C.  

The presence of motivated offenders

D.  

The lack of societal ethics

A.  

A fraud examiner ' s report is considered privileged information and is therefore protected from being legally demanded by outside parties.

B.  

A fraud examiner ' s report may be privileged from disclosure in certain circumstances, but it does not have an absolute legal privilege.

C.  

A fraud examiner ' s report is privileged from disclosure by anyone other than the client.

D.  

A fraud examiner ' s report is only privileged from disclosure if the author is also a professional legal advisor.

A.  

Tell the nonprofit ' s board of trustees about Charles

B.  

Report Charles to law enforcement

C.  

Not disclose the information about Charles.

D.  

Resign from the engagement.

A.  

Prioritization of desires for personal gain over the interests of clients

B.  

A well-developed sense of moral philosophy and the ability to distinguish right from wrong

C.  

The ability to conceal errors to preserve the reliability of the work performed

D.  

Avoidance of differences of opinion on all material matters

A.  

A requirement for corporations to establish a legal, regulatory, and institutional framework to support good governance practices

B.  

A call to support the equal treatment of all members of an organization ' s governing body

C.  

Guidance regarding appropriate board structures, responsibilities, and procedures

D.  

An examination of the importance of effectively designed and implemented internal control mechanisms within an organization

A.  

Proactively identifying fraud risks

B.  

Limiting the damage caused by fraud occurrences

C.  

Punishing fraud perpetrators

D.  

All of the above

A.  

Organizations should emphasize that rules regarding whistleblower protections are only intended for lower level employees who might be more vulnerable to retaliation.

B.  

Organizations should implement a clear whistleblower policy that lists out every type of misconduct that has ever been reported at the company.

C.  

Organizations should publicize their whistleblower procedures internally but should avoid communicating any procedural information to parties outside of the organization.

D.  

Organizations should establish formal consequences that are to be imposed upon employees at the company who retaliate against a whistleblower.

A.  

Assuming the risk

B.  

Mitigating the risk

C.  

Avoiding the risk

D.  

Transferring the risk

A.  

Adding ghost employees to payroll.

B.  

Embezzling incoming customer payments.

C.  

Collusion between contractors.

D.  

Reporting revenue in the wrong period.

A.  

Including ethics-based metrics as a component of performance evaluations

B.  

Providing regular training to ensure that all employees are sufficiently prepared to perform their tasks

C.  

Establishing loosely defined job descriptions that allow employees flexibility in their roles

D.  

Tying employee compensation to reasonable organizational performance goals

A.  

Management should examine previous fraud occurrences to determine how the ideal fraud risk management program would have prevented tnem.

B.  

Management must balance the investment in anti-fraud controls with the benefit of those controls and the amount of risk it is willing to accept.

C.  

Management must assign a quantitative measure to its risk appetite so that it can accurately measure the fraud risk management program’s effectiveness.

D.  

Management should tailor the detailed objectives of the fraud risk management program to the organization ' s specific needs and goals.

A.  

Crime originates from a rational and conscious decision made by the perpetrator in order to receive an intended benefit.

B.  

Crime originates from an instinctual response to external stimuli without any rational or conscious decision by the perpetrator.

C.  

Crime can be deterred by increasing the personal benefit to potential perpetrators.

D.  

Crime can be deterred by decreasing the personal risk to potential perpetrators.

A.  

Controls are not effective in preventing theft and fraud If those at risk do not know of their presence

B.  

Most experts agree that it is harder to detect frauds than to prevent them

C.  

Educating employees about company hotlines and reporting programs increases their perception of detection

D.  

Conducting covert audits is among the most effective fraud prevention methods

A.  

True

B.  

False

A.  

Employees who steal do not commonly display lifestyle or behavioral warning signs of their misdeeds.

B.  

An increase in employee wealth is always a sign of fraud that should be investigated.

C.  

Managers should only observe employees for signs of suspicious behavioral or lifestyle changes if they can do so without the employees ' knowledge.

D.  

Managers should be instructed to observe employees for any unusual lifestyle improvements, such as an unexplained increase in luxury purchases.

A.  

Analytical review of the financial statements is best used to uncover small frauds that might be missed by other detection methods.

B.  

Fraud assessment Questioning techniques are most appropriately used when attempting to determine who might be responsible for a particular fraud scheme.

C.  

Implementing proactive fraud audit procedures demonstrates the organization ' s intention to aggressively look for possible fraudulent conduct.

D.  

Surprise audit procedures are an effective fraud detection mechanism, but they do not help prevent fraud

A.  

The internal audit function should discuss how and when to report fraud-related issues with senior management and the board of directors before such issues arise.

B.  

The internal audit function is permitted, but not required, to periodically report about the organization ' s fraud risks to senior management and the board of directors.

C.  

The internal audit function should not disclose the results of its fraud audits to senior management or the board of directors in order to maintain independence.

D.  

The internal audit function is not permitted to communicate with the board of directors about fraud, as that is the responsibility of external auditors.

A.  

Identity theft is both the most common and costliest category of occupational fraud.

B.  

Asset misappropriation schemes are the most common category of occupational fraud.

C.  

Corruption schemes are the costliest category of occupational fraud.

D.  

Financial statement fraud schemes are the most common category of occupational fraud.

A.  

Reporting revenue in the wrong accounting period

B.  

Payment of bribes to procure business

C.  

Fraudulent customer payments

D.  

Espionage by competitors

A.  

Men commit significantly more frauds than women do.

B.  

Most fraudsters have previous criminal convictions for fraud-related offenses.

C.  

An unwillingness to share duties is the most reported red flag displayed by fraud perpetrators prior to the detection of their crime.

D.  

Frauds committed by staff-level employees cause higher median losses than those committed by owners and executives.

A.  

Confront Brandon about the disagreements and discuss how they increase the organization ' s risk of fraud-

B.  

Have someone else perform the fraud risk assessment work related to the purchasing function

C.  

Include his disagreements with Brandon as a factor when assessing the risk of fraud in the purchasing function.

D.  

Automatically designate the purchasing function as a high-risk area.

A.  

True

B.  

False

A.  

Strong intervention of the government

B.  

Voluntary changes in corporate attitudes and structure

C.  

Consumer action to force change

D.  

Media blacklisting of the organization

A.  

Internal auditors

B.  

The audit committee

C.  

General counsel

D.  

Management

A.  

Management seeks out diversity in attitudes and perspectives when hiring employees

B.  

Rewards are given to employees who challenge the status quo

C.  

Management links employee performance goals with company performance goals

D.  

All of the above

A.  

Reflect the assessment team ' s subjective perspective regarding the risks identified.

B.  

Contain a detailed, comprehensive list of every assessment finding.

C.  

Focus on the findings that will make the most impact on the company ' s fraud risk management efforts.

D.  

Include a complete list of recommended actions for management to take to address all identified risks.