Y Company wishes to recruit an employee who will have responsibility for the receipt and handling of
cash
From the point of view of the internal auditor which THREE of the following would be most likely to
provide useful information about the candidate"?
A. Confirmation that the candidate does not have a criminal record
B. The candidate's personal referees
C. The candidate's membership of a professional body
D. The candidate's academic qualifications.
E. References from previous employers of the candidate.
B, C, E
107/107
HGY is a major global corporation that has decided to implement the COSO Enterprise Risk
Management Framework and integrate management practices throughout the organisation
Which THREE of the following would be appropriate for HGY?
B, E, F
UJK manufactures garden machinery. The company is dependent upon another manufacturer for the
motors that power its products.
One of the factors that is being considered in a stress test requested by UJK's Board is the possibility
that the motor manufacturer increases its selling prices by 10% The motor accounts for a significant
proportion of the overall manufacturing cost of UJK's products
Which of the following are correct?
C, D
TDC is a company which runs gas-fired power stations in western Europe. The Risk Committee has
just received a report that a power station built to the same design and specification in a developing
country has recently collapsed. The causes of the collapse are unclear but the consequences for TDC
would be catastrophic if something similar were to happen in Europe
Which of the following actions being considered by the Risk Committee are ethical?
Select ALL that apply
A, B, C
JHG manufactures inexpensive cars that compete largely on price Its cars have very basic equipment
and small but economical engines JHG's Board is considering launching a luxury brand of cars that
will be far better equipped, more comfortable and have much better performance
Which THREE of the following would be relevant factors to incorporate into the stress testing of this
new strategy to create a luxury brand?
C, D, F
DFR is an online retailer that sells picture frames The software running on DFR's website enables
customers to log in and make purchases by inputting an email address as a user name and a
password that must contain at least eight characters, including upper and lower case letters,
numbers and punctuation marks (e.g. , $ or!) Once logged in, customers can check previous orders
that they have placed.
Customers can also use DFR's website to change personal details, including credit card numbers and
delivery addresses Whenever they wish to use those facilities, the software sends a text message
containing a six-digit number to their mobile phones They must input that number before the system
will accept changes to their personal details
Which TWO of the following statements are correct?
A. It is illogical to have different security measures in place for orders and for access to personal
details.
B. The software treats customers' personal details as being more sensitive than their ordering
histories
C. The arrangement with the text message will have no effect on the security associated with
changing personal details
D. Customers should be able to update the mobile phone numbers in their DFR accounts using only
their email addresses and passwords for access
E. The software should never show the whole of a customer's credit card number on screen, even if
the customer has logged in and input the six-digit number.
CE
105/107
Questions & Answers PDF
P-
A junior sales clerk at BCD, a wholesale jewellers, received an email which appeared to be from a
well known parcel delivery company informing her that a delivery had been attempted outside office
hours and had consequently failed She was asked to click on a link and complete some seemingly
innocent but logical questions to effect the delivery on the next day She thought no more about it
but was very surprised the next month to be awarded salesperson of the month as her sales had
doubled
Unfortunately, on investigation it was found that this was as a result of several fraudulent orders for
high-value items that had seemingly been placed by an existing customer but delivered to a new
address, which turned out to be a temporary box number The existing customer's credit card had
been fraudulently charged for these orders
Which of the following types of cyber-attack had the sales clerk been a victim of?
B
C is an accounts clerKwho is supposed to sign each invoice as evidence that she has conducted
checks against supporting documents Sometimes C signs invoices without making these checks
D is a member of the internal audit team He has been told to conduct compliance tests on whether C
is checking the invoices property
Which of the following would grve D a false sense of assurance that C's checks have been in
operation?
Select ALL that appry
A. D reviewed a sample of invoices for purchases of plant and equipment and found that C had not
signed them C explained that she believed that those were authonsed by someone else although the
accounts manual indicates that it was her responsibility
B. asked C a series of open-ended questions about the operation of the purchases system She did not
mention anything about detailed checks of invoices against documents
C. D examined a sample of invoices to make sure that they had been signed by C AH had been signed
selected a sample of purchase invoices and compared each to the supporting documents that C is
supposed to review Every one of D's invoices was supported by the related documents
D. D worked at a spare desk in the accounts department and quietly watched C without telling her
She checked every invoice carefully while D was present
B, C, D
104/107
Questions & Answers PDF
P-
HWG is a large company which grows and processes coffee The coffee is sold to supermarkets,
branded with their names for sale as "own brand" products HWG brands and packages the coffee
using the supermarkets' own designs
HWG's directors are considering a strategic proposal to develop a range of coffees to be sold under a
brand that HWG will develop
Which TWO of the following should the directors consider as part of their strategic analysis?
B, C
JC is a car manufacturing company in country C and manufactures diesel cars It is facing a number of
serious risks Which TWO of the following nsk factors are external?
B, D