nayizhenfeng

The correct answer is A

A firm must present in the annual report a certification report of auditors (and not the board of directors) about the effectiveness of internal controls established by management.

nayizhenfeng

AIM 2: List and summarize the overriding objective of the Sarbanes-Oxley Act section 404.

 

1、Implications for designing an internal control system compliant with the requirements of the Sarbanes-Oxley Act section 404 include which of the following?

Assessment mechanism.
Control design.
Design testing.
Fraud disclosure.
A) II, III, and IV only.
 
B) I, II, and III only.
 
C) I, II, III, and IV.
 
D) I and II only.

nayizhenfeng

The correct answer is C

Management must identify the mechanism of assessing the effectiveness of the control system, and must provide sufficient information about the design of controls related to significant accounts. In addition, management should offer an explanation regarding its decision as to which controls need to be tested. Finally, management must disclose any fraud, material or nonmaterial, committed by all those involved in establishing internal control processes over financial reporting.

nayizhenfeng

2、Sarbanes-Oxley Act section 404 establishes requirements for internal control over financial reporting so that a firm must:

develop a process for ensuring reliability of financial statements.
ensure compliance with internationally accepted accounting principles.
disclose in the annual report the material weakness of its internal controls.
incorporate in the annual report a certification report of auditors concerning the effectiveness of internal controls.
A) I, III, and IV only.
 
B) I, II, and IV only.
 
C) II, III, and IV only.
 
D) I, II, and III only.

nayizhenfeng

The correct answer is A

Sarbanes-Oxley Act section 404 requires a firm to ensure compliance with generally accepted accounting principles (GAAP) and not necessarily internationally accepted accounting principles. Although there have been ongoing attempts to bring harmony between U. S. accounting principles and international accounting principles, but to this point, they are not the same. For example, the books in the U. S. are still prepared on historical cost basis, whereas many countries use market value accounting systems.

nayizhenfeng

2、With respect to integration of the “Sound Practices” principles in a firm-wide operational risk management framework, all of the following are correct EXCEPT:

A) a list of key op risk events and preventive controls must be developed.
 
B) dependencies among various functional areas must be recognized.
 
C) control standards must be reviewed every three years for certification purposes.
 
D) roles and responsibilities across managers and functional areas must be identified.
 

nayizhenfeng

The correct answer is C

Control standards must be reviewed periodically for certification purposes. Thus, there is no specific three-year review condition.

nayizhenfeng

3、The key principles relevant to banks for operational risk management as established by the 2003 “Sound Practices” study include how many of the following?

Monitoring and reporting of potential op risk events.
Controlling and mitigating op risk policies.
Contingency strategies in the event of severe operational disruption.
Public disclosure of the details of the op risk management plan.
A) All of these.
 
B) None of these.
 
C) Two of these.
 
D) Three of these.

nayizhenfeng

The correct answer is A

All of the above are key op risk management principles established by the 2003 “Sound Practices” study as published by the Bank for International Settlements.

nayizhenfeng

4、All of the following statements regarding SOX and Basel are correct EXCEPT:

A) according to the Sarbanes-Oxley Act section 404, a firm must present in the annual report a certification report of the Board of Directors about the effectiveness of internal controls established by management.
 
B) one of the eight key principles, established by the 2003 “Sound Practices” study, states that an op risk plan should state the definition and principles for identification, assessment, mitigation, control, and ongoing monitoring of op risk.
 
C) one of the eight key principles, established by the 2003 “Sound Practices” study, states that op risk inherent in all activities, systems, processes, and material products must be identified and assessed.
 
D) according to the Sarbanes-Oxley Act section 404, a firm must disclose in the annual report the weakness of its internal controls which can have bearing in preparation of financial statements.