SEC 592 Week 4 Quiz

SEC 592  Week 4 Quiz | Devry University

Week 4: Midterm

Question 1

 (TCO A) Control practices differ from control objectives, as __________.  

·         control practices define what controls should be implemented, and objectives relate to the COBIT mission  

·         control objectives define the COBIT mission, and control practices are best outcomes  

·         control practices offer guidance on why controls are important, and control objectives organizes the process model into the four domains  

·         control practices are best practices, and control objectives provide guidance on COBIT implementation

 

Question 2

 (TCO B) The function of enterprise risk management (ERM) is to __________.  

·         draw a line from COBIT standards to COSO I standards  

·         identify senior officers in the company responsible for risk management execution  

·         enable management to effectively deal with uncertainty and associated risk and opportunity, thereby enhancing the capacity to build value  

·         set the vision for how risk management is conducted in a division or department

 

Question 3

 (TCO C) In COBIT, the Domain acronyms PO, AI, DS, and ME are?  

·         Purchase and Originate, Artificial Intelligence, Directory Services, and Monitor and Evaluate.  

·         Plan and Organize, Acquire and Implement, Deliver and Support, and Monitor and Evaluate.  

·         Plan and Organize, Artificial Intelligence, Deliver and Support, and Maintain and Execute.  

·         Purchase and Originate, Acquire and Implement, Directory Services, and Maintain and Execute.

 

Question 4

 (TCO A The components of COSO’s Enterprise Risk Management include all of the following except __________.  

·         risk response  

·         control activities  

·         monitoring 

·         compliance

 

Question 5

 (TCO B) How is real-time reporting of material changes conducted for public companies?  

·         Conference call with shareholders and analysts  

·         Filing of an 8-K form through EDGAR  

·         Filing of a 10-K form through EDGAR  

·         None of the above

 

Question 6

 (TCO A) Governance does all of the following except __________.  

·         help in the creation of policy  

·         list controls for organizations to employ  

·         helps in organizational decision making  

·         help with formulating strategic guidelines

 

Question 7

 (TCO C) Due professional care refers to __________.  

·         the care someone takes in performing work  

·         the care someone takes when taking legal action  

·         the care someone takes in protecting another from harm  

·         the care someone takes in performing work in a skilled area

 

Question 8

 (TCO B) Which of the following is true regarding the COBIT domain of Planning and Organization?  

·         Compliance controls are usually burdensome and require a lot of paperwork.  

·         COBIT and ITIL guidelines are best suited for large company structures.  

·         There is no one-size-fits-all template for COBIT and ITIL.  

·         COBIT, ITIL, and SOX compliance all mean the same thing.

 

Question 9

 (TCO A) The COBIT domain that covers implementing technology and infrastructure under service level agreements is  

·         delivery and support.

·         monitoring. 

·         planning and organization.  

·         acquisition and implementation.

 

Question 10

 (TCO C) Risk analysis is described as __________.  

·         a systematic and analytical approach that identifies and assesses risk  

·         a procedure to implement business strategies  

·         a way of reducing organizational exposure  

·         a federal regulation on multinational companies

 

Question 11

 (TCO B) Which is not a class of the Statement of Accounting Standards (SAS) 31?  

·         Rights and Obligations  

·         Presentation and Disclosure  

·         Valuations  

·         Auditing Methodology

 

Question 12

 (TCO A) Which of the following has become the de facto standard for auditors regarding SOX compliance? 

·         ITIL  

·         Six Sigma  

·         COBIT  

·         There is no de facto standard

 

Question 13

 (TCO C) Sections 744 and 745 of the BASEL II accord cover __________.  

·         the external controls regulated by law  

·         the internal control review process  

·         the assessment of the internal control process  

·         the monitoring of internal controls

 

Question 14

 (TCO B) Which of the following is not a best practice to ensure good governance and ethics in an organization?  

·         Create a chief compliance officer.  

·         Create a process of ethics.  

·         Follow the United States' generally accepted accounting principles.  

·         Use compliance software to improve internal controls.

 

Question 15

 (TCO A) Section 404 of Sarbanes-Oxley requires executive management for which of the following?  

·         A quarterly report on implemented internal controls  

·         A report on the effectiveness of the internal control structure and procedures  

·         The hiring of third party, independent review boards  

·         Quarterly internal auditing drills

 

Question 16

 (TCO A) What are the six areas of COBIT? Describe them in detail.

COBIT covers six general areas:

 

Question 17

 (TCO B) Explain the criteria you would use to assess the appropriateness of control objectives under the planning and organization domain of COBIT? What is the purpose of this domain?

 

 

Question 18

 (TCO C) Analyze and compare the BASEL framework with SOX. What is BASEL and how is it similar to SOX?

 

Question 19

 (TCO B) What do you think is the value of Segregation of Duties (SOD) as it pertains to SOX?