All CPA Business Environment and Concepts (BEC) Resources
Example Questions
Example Question #1 : Coso Framework
Per the COSO ICIF, the main purpose of monitoring internal controls is to confirm that the internal control system can adequately address changes in:
Monitoring
Information and communication
Control Environment
Risk Assessment
Monitoring
Risks constantly change in terms of likelihood and severity. Internal controls should be created and upheld to address changes in risks.
Example Question #2 : Coso Framework
A company's management is experiencing a lack of segregation of duties within its application environment as its programmers have access to both development and production. The programmers have the ability to implement changes in code in production without monitoring or quality assurance. This is a deficiency in which area?
Management override
Computer operations
Data integrity
Change control
Change control
Programmers who have access to both instructions and live data can undermine management's control of data and their ability to verify that all changes have been performed in a manner consistent with their instructions.
Example Question #3 : Coso Framework
Of the following positions, which best describes the nature of a company's Board of Directors in relation to the company?
Fiduciary
Agent
Representative
Executive
Fiduciary
A company's board of directors has a fiduciary duty to act on behalf of and in the best interest of a corporation.
Example Question #4 : Coso Framework
According to COSO, which of the following is included in the assess and report phase of an effective approach to monitoring internal controls?
Prioritize risks
Tone at the top
Identify controls
Prioritize findings
Prioritize findings
Findings result from monitoring internal controls.
Example Question #5 : Coso Framework
The Treadway Commission was established by:
Private sponsoring organizations
The Treadway Foundation
The SEC
SOX 2002
Private sponsoring organizations
The COSO was an independent private sector initiative.
Example Question #6 : Corporate Governance
Of the following components, which would not be included in Risk Assessment activities?
Consider the potential for fraud
Identify and assess changes
These are all included
Specify objectives
These are all included
All of these components are required when conducting Risk Assessment under the COSO framework.
Example Question #1 : Erm Framework
A company owns and operates multiple businesses in the Caribbean. Management has identified interruptions in normal operations as a potential risk resulting from storm damage caused by hurricanes. Recognizing this, the company decides to treat the potential damage as part of its business model. The company's response to this potential risk is known as:
Avoidance
Sharing
Reduction
Acceptance
Acceptance
Self-insurance or tolerating the full exposure to a risk is acceptance of that risk.
Example Question #2 : Erm Framework
Governance and culture is a component of COSO's ERM framework. It is supported by all of the following principles except:
Exercises board oversight
Defines desired culture
Analyzes business context
Commitment to core values
Analyzes business context
Analyzing a business context is the core principle of strategy and objective setting within the COSO ERM framework.
Example Question #3 : Erm Framework
The core values of an entity most closely relate to its:
Capabilities
Practices
Strategy
Culture
Culture
The word most closely related to "core values" will always be culture as "tone at the top" is to corporate governance.
Example Question #4 : Erm Framework
According to COSO's ERM framework, which of the following is an essential element of the governance and culture of an entity?
Strategy
Performance
Commitment to core values
Information, communication, and reporting
Commitment to core values
A commitment to core values is one of the principles underlying governance and culture.