CPA Exam: BEC (2023) B1
How does the principles-based approach support an effective system of internal control under
the COSO framework? - ANS-an effective system of internal control requires the use of
judgement in determining the sufficiency of controls, applying the proper controls, and assessing
the effectiveness of the system of internal controls.
The principles-based approach of the COSO framework emphasizes the importance of
management judgement.
What are the components of the Committee of Sponsoring Organizations' (COSO) Internal
Control integrated framework? - ANS-CRIME
1. Control environment
2. Risk assessment
3. Information and Communication
4. Monitoring
5. Existing Control Activities
What are the five principles associated with the control environment component of the
Committee of Sponsoring Organizations' (COSO) Internal Control Integrated Framework? -
ANS-EBOCA
1. Commitment to ethics and integrity
2. Board independence and oversight
2. Organizational structure
4. Commitment to competence
5. Accountability
What are the four principles associated with the risk assessment component of the Committee
of Sponsoring Organizations' (COSO) Internal Control Integrated Framework? - ANS-SAFR
1. Specify objectives
2. Identify and analyze risks
3. Consider potential for fraud
4. Identify and assess changes
What are the three principles associated with the (existing) control activities component of the
Committee of Sponsoring Organizations' (COSO) Internal Control Integrated Framework? -
ANS-CA TP
1. Select and develop control activities
2. Select and develop technology controls
3. Deploy through policies and procedures
, What are the three principles associated with the information and communication component of
the Committee of Sponsoring Organizations' (COSO) Internal Control Integrated Framework? -
ANS-OIE
1. Obtain and use information
2. Internally communicate information
3. Communicate with external parties
Name and describe the three objectives within the COSO Framework - ANS-ORC
1. Operations - effectiveness and efficiency of an entity's operations
2. Reporting - reliability, timeliness, and transparency of an entity's reposting
3. Compliance - necessary to ensure the entity is adhering to all laws and regulations
What is the purpose of the COSO cube? - ANS-The COSO cube shows a graphical
three-dimensional depiction of the relationship between an entity's three objectives, its five
integrated control components, and the entity's organizational structure.
What is necessary for the five components of the COSO framework to create an effective
internal control environment for an entity? - ANS-The five components and 17 related principles
must both be present and functioning. The five components must operate together as an
integrated system to reduce the risk to an acceptable level that the entity will not achieve its
objectives.
Differentiate the COSO framework from the Audit framework - ANS-COSO is for identifying and
evaluating the effectiveness of an entity's internal control. Adit focuses on how a given control
prevents or detects and corrects material misstatements in the entity's financial reporting.
Identify some inherent limitations that may exist even with an effective internal control system -
ANS-- Breakdowns in internal control due to error or human failure
- issues pertaining to the suitability of the entity's objectives
- external events beyond the control of the entity
- faulty or biased judgment and decision making
- management override of controls
- circumvention of controls through collusion
What constitutes ineffective internal controls under the COSO framework - ANS-if a major
deficiency is identified related to the presence and functioning of a component or relevant
principle, or with respect to the components operating together in an integrated manner, the
company may not conclude that the that it has an effective internal control system in place
under the COSO framework
What are the two principles associated with the monitoring component of the committee of
sponsoring organizations' (COSO) internal controls integrated framework? - ANS-SOD
1. Ongoing and separate evaluations
2. communications and deficiencies
How does the principles-based approach support an effective system of internal control under
the COSO framework? - ANS-an effective system of internal control requires the use of
judgement in determining the sufficiency of controls, applying the proper controls, and assessing
the effectiveness of the system of internal controls.
The principles-based approach of the COSO framework emphasizes the importance of
management judgement.
What are the components of the Committee of Sponsoring Organizations' (COSO) Internal
Control integrated framework? - ANS-CRIME
1. Control environment
2. Risk assessment
3. Information and Communication
4. Monitoring
5. Existing Control Activities
What are the five principles associated with the control environment component of the
Committee of Sponsoring Organizations' (COSO) Internal Control Integrated Framework? -
ANS-EBOCA
1. Commitment to ethics and integrity
2. Board independence and oversight
2. Organizational structure
4. Commitment to competence
5. Accountability
What are the four principles associated with the risk assessment component of the Committee
of Sponsoring Organizations' (COSO) Internal Control Integrated Framework? - ANS-SAFR
1. Specify objectives
2. Identify and analyze risks
3. Consider potential for fraud
4. Identify and assess changes
What are the three principles associated with the (existing) control activities component of the
Committee of Sponsoring Organizations' (COSO) Internal Control Integrated Framework? -
ANS-CA TP
1. Select and develop control activities
2. Select and develop technology controls
3. Deploy through policies and procedures
, What are the three principles associated with the information and communication component of
the Committee of Sponsoring Organizations' (COSO) Internal Control Integrated Framework? -
ANS-OIE
1. Obtain and use information
2. Internally communicate information
3. Communicate with external parties
Name and describe the three objectives within the COSO Framework - ANS-ORC
1. Operations - effectiveness and efficiency of an entity's operations
2. Reporting - reliability, timeliness, and transparency of an entity's reposting
3. Compliance - necessary to ensure the entity is adhering to all laws and regulations
What is the purpose of the COSO cube? - ANS-The COSO cube shows a graphical
three-dimensional depiction of the relationship between an entity's three objectives, its five
integrated control components, and the entity's organizational structure.
What is necessary for the five components of the COSO framework to create an effective
internal control environment for an entity? - ANS-The five components and 17 related principles
must both be present and functioning. The five components must operate together as an
integrated system to reduce the risk to an acceptable level that the entity will not achieve its
objectives.
Differentiate the COSO framework from the Audit framework - ANS-COSO is for identifying and
evaluating the effectiveness of an entity's internal control. Adit focuses on how a given control
prevents or detects and corrects material misstatements in the entity's financial reporting.
Identify some inherent limitations that may exist even with an effective internal control system -
ANS-- Breakdowns in internal control due to error or human failure
- issues pertaining to the suitability of the entity's objectives
- external events beyond the control of the entity
- faulty or biased judgment and decision making
- management override of controls
- circumvention of controls through collusion
What constitutes ineffective internal controls under the COSO framework - ANS-if a major
deficiency is identified related to the presence and functioning of a component or relevant
principle, or with respect to the components operating together in an integrated manner, the
company may not conclude that the that it has an effective internal control system in place
under the COSO framework
What are the two principles associated with the monitoring component of the committee of
sponsoring organizations' (COSO) internal controls integrated framework? - ANS-SOD
1. Ongoing and separate evaluations
2. communications and deficiencies
