1.Which of the following is not an aim of internal controls?
A To enable the organisation to respond appropriately to business,operational and financial risks
B To eliminate the possibility of impacts from poor judgement and human error
C To help ensure the quality of internal and external reporting
D To help ensure compliance with applicable laws and regulations
2.Some controls are provided automatically by the system and cannot be by-passed,ignored or overridden:for example,having to input a password to enter a computer system.These are classified as controls.
Which term correctly completes this statement?
Rationale:Options A,C and D were identified as aims of internal controls in the Turnbull report.However,the report also states that even a sound system of internal control reduces,but does not eliminate,the possibilities of poorly judged decisions,human error,deliberate circumvention of controls and unforeseeable circumstances.Systems only provide reasonable(not absolute)assurance.
Ways in:If you had to guess,you could probably see that option B is an exaggerated claim.Look out for options that say'always'or'never'or'total',in a similar vein:these are much more likely to be untrue than true,in the complex world of business
Rationale:Non-discretionary controls are as described:as opposed to discretionary controls which are subject to human choice.'Mandated'is a similar idea,but mandated controls are required by law and imposed by external authorities(as opposed to voluntary controls,chosen by the organisation).Detect controls are controls designed to detect errors once they have happened.Administrative controls are to do with reporting responsibilities,communication channels and other means of implementing policies.