Our only savior is our will power. Will is the switch that controls everything in this universe. If you don't exercise your will power, you will be a weakling, easily influenced by your environment. Development of the will is the secret of magnetism. Men of success are men of great will power. When you develop will, no matter how you are pounded down by life, you rise again and say, "I am successful. I can win." Regards from Prof Mahaley Head Gmsisuccess Your Career Mentor Gmsisuccess...

Friday, February 6, 2026

Corporate finance MCQ

50 MCQs – Corporate Finance (Risk & Return) | CMA Part 2

1. Shareholders’ Wealth Maximization

The primary financial objective of a firm under modern finance theory is to: A. Maximize accounting profit
B. Maximize EPS
C. Maximize shareholders’ wealth
D. Minimize cost
✅ Answer: C

2. Market Capitalization

Market capitalization is calculated as: A. Book value of equity
B. Shares outstanding × Market price per share
C. Net income × P/E ratio
D. Total assets – liabilities
✅ Answer: B

3. Holding Period Return (HPR)

Holding period return for a stock includes: A. Dividend only
B. Capital gain only
C. Dividend + Capital gain
D. Interest income
✅ Answer: C

4. HPR Formula

HPR for common stock is best defined as: A. (Ending price − Beginning price) ÷ Beginning price
B. (Dividend + Price change) ÷ Beginning price
C. Dividend ÷ Market price
D. Price change ÷ Ending price
✅ Answer: B

5. Expected Return

Expected return is calculated using: A. Arithmetic mean of past returns
B. Weighted average of possible returns
C. Geometric mean
D. Median return
✅ Answer: B

6. Risk Measurement

Total risk of a security is most commonly measured by: A. Beta
B. Variance
C. Standard deviation
D. Covariance
✅ Answer: C

7. Coefficient of Variation

Coefficient of variation (CV) measures: A. Absolute risk
B. Systematic risk
C. Risk per unit of return
D. Market risk
✅ Answer: C

8. Risk Comparison

Between two investments, the one with the higher coefficient of variation is: A. Less risky
B. Risk-free
C. More risky
D. Better investment
✅ Answer: C

9. Risk-Free Asset

In CAPM, the risk-free rate is generally represented by: A. Corporate bonds
B. Equity shares
C. Treasury bills
D. Treasury bonds
✅ Answer: C

10. Default Risk

Default risk refers to: A. Market price fluctuation
B. Interest rate change
C. Failure to meet contractual payments
D. Inflation risk
✅ Answer: C

11. Financial Risk

Financial risk primarily arises due to: A. Business operations
B. Use of debt financing
C. Market volatility
D. Inflation
✅ Answer: B

12. Business Risk

Business risk is associated with: A. Capital structure
B. Operating leverage
C. Interest rates
D. Exchange rates
✅ Answer: B

13. Risk Attitudes

A risk-averse investor prefers: A. Higher risk for same return
B. Lower risk for same return
C. Riskier investments
D. Gambling investments
✅ Answer: B

14. Risk-Seeking Investor

A risk-seeking investor: A. Avoids uncertainty
B. Requires high certainty equivalent
C. Accepts more risk for same return
D. Invests only in T-bills
✅ Answer: C

15. Risk-Indifferent Investor

Risk-indifferent investors are concerned only with: A. Risk
B. Return
C. Variance
D. Beta
✅ Answer: B

16. Certainty Equivalent

Certainty equivalent represents: A. Risk premium
B. Guaranteed return equivalent to risky return
C. Expected return
D. Market return
✅ Answer: B

17. Portfolio Return

Portfolio expected return is: A. Average of individual returns
B. Weighted average of individual returns
C. Product of returns
D. Highest individual return
✅ Answer: B

18. Portfolio Risk

Portfolio risk depends on: A. Individual security risk only
B. Correlation among securities
C. Market return
D. Risk-free rate
✅ Answer: B

19. Covariance

Covariance measures: A. Individual risk
B. Degree to which two assets move together
C. Market risk
D. Beta
✅ Answer: B

20. Correlation Coefficient

Correlation coefficient ranges between: A. 0 to 1
B. –1 to +1
C. –∞ to +∞
D. 0 to +∞
✅ Answer: B

21. Diversification

Diversification reduces: A. Systematic risk
B. Unsystematic risk
C. Market risk
D. Inflation risk
✅ Answer: B

22. Fully Diversified Portfolio

In a well-diversified portfolio, remaining risk is: A. Total risk
B. Unsystematic risk
C. Systematic risk
D. Zero risk
✅ Answer: C

23. Systematic Risk

Systematic risk is also known as: A. Diversifiable risk
B. Firm-specific risk
C. Market risk
D. Operational risk
✅ Answer: C

24. Unsystematic Risk

Unsystematic risk can be reduced by: A. Hedging
B. Diversification
C. CAPM
D. Inflation
✅ Answer: B

25. Beta

Beta measures: A. Total risk
B. Firm-specific risk
C. Market risk sensitivity
D. Interest rate risk
✅ Answer: C

26. Beta = 1

A stock with beta = 1 has: A. No risk
B. Less risk than market
C. Same risk as market
D. Higher risk than market
✅ Answer: C

27. Security Market Line (SML)

SML represents the relationship between: A. Risk and price
B. Expected return and beta
C. Return and variance
D. Risk-free rate and inflation
✅ Answer: B

28. CAPM Formula

CAPM states: A. E(Ri)=Rf + β(Rm − Rf)
B. E(Ri)=Rm + β(Rf − Rm)
C. E(Ri)=Rf − β(Rm)
D. E(Ri)=Rm − β
✅ Answer: A

29. Market Portfolio

The market portfolio consists of: A. Only stocks
B. Only bonds
C. All risky assets
D. Risk-free assets
✅ Answer: C

30. T-Bills

Treasury bills are: A. Long-term
B. Risk-free
C. Corporate securities
D. Inflation indexed
✅ Answer: B

31. T-Bonds

Treasury bonds differ from T-bills mainly in: A. Credit risk
B. Maturity
C. Liquidity
D. Default risk
✅ Answer: B

32. Private Company Bonds

Bonds of private companies generally have: A. No risk
B. Lower return
C. Higher default risk
D. Risk-free status
✅ Answer: C

33. Equity vs Debt Risk

Compared to bonds, equity shares are: A. Less risky
B. Risk-free
C. More risky
D. Fixed return
✅ Answer: C

34. Portfolio Standard Deviation

Portfolio standard deviation depends on: A. Individual SD only
B. Covariance & correlation
C. Market return
D. Risk-free rate
✅ Answer: B

35. Negative Correlation

Perfect negative correlation helps: A. Increase risk
B. Eliminate risk
C. Increase return
D. Increase beta
✅ Answer: B

36. Market Risk Premium

Market risk premium equals: A. Rm − Rf
B. Rf − Rm
C. Ri − Rf
D. β × Rm
✅ Answer: A

37. Alpha

Alpha represents: A. Total risk
B. Excess return over expected
C. Market risk
D. Correlation
✅ Answer: B

38. CAPM Assumption

CAPM assumes: A. Multiple risk factors
B. Single risk factor (market)
C. Arbitrage pricing
D. Behavioral bias
✅ Answer: B

39. APT

Arbitrage Pricing Theory assumes: A. One risk factor
B. Multiple macroeconomic factors
C. Risk-free portfolio
D. Perfect certainty
✅ Answer: B

40. Advantage of APT

APT is preferred over CAPM because: A. It is simpler
B. It allows multiple risk factors
C. No arbitrage assumption
D. Uses beta only
✅ Answer: B

41. Fama-French Model

Fama-French Three Factor Model includes: A. Market, size, value
B. Market, inflation, GDP
C. Interest rate, beta, size
D. Beta only
✅ Answer: A

42. SMB Factor

SMB in Fama-French refers to: A. Small minus big
B. Systematic market beta
C. Stock market bonds
D. Small market beta
✅ Answer: A

43. HML Factor

HML represents: A. High minus low book-to-market
B. High market leverage
C. High market liquidity
D. High momentum loss
✅ Answer: A

44. Efficient Portfolio

An efficient portfolio: A. Has minimum risk for given return
B. Has maximum risk
C. Has no risk
D. Has lowest return
✅ Answer: A

45. Efficient Frontier

Efficient frontier represents: A. All possible portfolios
B. Risk-free portfolios
C. Best risk-return combinations
D. Market portfolio
✅ Answer: C

46. Investor Choice

Rational investors prefer portfolios on: A. Capital market line
B. Security market line
C. Efficient frontier
D. Random walk
✅ Answer: C

47. Capital Market Line

CML relates: A. Return and beta
B. Return and total risk
C. Risk-free rate and beta
D. Market risk and inflation
✅ Answer: B

48. Zero Beta Asset

An asset with beta zero: A. Moves opposite to market
B. Has no expected return
C. Has risk-free return
D. Is market portfolio
✅ Answer: C

49. Market Risk Cannot Be

Market risk cannot be eliminated through: A. Hedging
B. Diversification
C. Portfolio formation
D. Asset allocation
✅ Answer: B

50. CMA Exam Focus

CMA Part 2 places maximum emphasis on: A. Memorization
B. Conceptual + application-based questions
C. Only theory
D. Only calculations
✅ Answer: B

www.gmsisuccess.in

Perfect 👍
Below are CMA Part 2–style NUMERICAL PROBLEMS on Risk & Return, with step-by-step solutions (exactly how CMA expects).

NUMERICAL PROBLEMS – CORPORATE FINANCE (RISK & RETURN)

(CMA Part 2 Exam Focus)

1️⃣ Holding Period Return (HPR) – Common Stock

Problem:
A share was purchased for ₹120. During the year, a dividend of ₹6 was received and the share was sold for ₹138.
Calculate the Holding Period Return (HPR).

Solution:


HPR = \frac{Dividend + (Selling Price - Purchase Price)}{Purchase Price}


= \frac{6 + (138 - 120)}{120}
= \frac{24}{120}
= 0.20 = \mathbf{20\%}

✅ Answer: 20%

2️⃣ Expected Return (Probability Method)

Problem:
An investment has the following returns:

Return (%)	Probability
10%	0.3
15%	0.4
20%	0.3

Calculate the expected return.

Solution:


E(R) = \sum (R \times P)


= (10 \times 0.3) + (15 \times 0.4) + (20 \times 0.3)


= 3 + 6 + 6 = \mathbf{15\%}

✅ Answer: 15%

3️⃣ Standard Deviation of Returns

Using Problem 2 data, calculate standard deviation.

Step 1: Mean Return


\bar R = 15\%

Step 2: Variance


\sigma^2 = \sum P(R - \bar R)^2


= 0.3(10-15)^2 + 0.4(15-15)^2 + 0.3(20-15)^2


= 0.3(25) + 0 + 0.3(25)
= 15

Step 3: Standard Deviation


\sigma = \sqrt{15} = \mathbf{3.87\%}

✅ Answer: 3.87%

4️⃣ Coefficient of Variation (CV)

Problem:
Expected return = 12%
Standard deviation = 6%

Solution:


CV = \frac{\sigma}{E(R)} = \frac{6}{12} = \mathbf{0.50}

✅ Interpretation:
Lower CV = lower risk per unit of return

5️⃣ Comparing Two Investments Using CV

Investment	Return	SD
A	10%	4%
B	15%	9%

CV Calculation


CV_A = \frac{4}{10} = 0.40

CV_B = \frac{9}{15} = 0.60 

✅ Investment A is less risky

6️⃣ Portfolio Expected Return

Problem:
A portfolio consists of:

Asset	Weight	Return
X	60%	12%
Y	40%	8%

Solution:


E(R_p) = (0.6 \times 12) + (0.4 \times 8)


= 7.2 + 3.2 = \mathbf{10.4\%}

7️⃣ Portfolio Standard Deviation (2 Assets)

Problem:


\sigma_X = 10\%,\ \sigma_Y = 6\%

w_X = 0.5,\ w_Y = 0.5 
Correlation (ρ) = 0.3

Formula:


\sigma_p = \sqrt{w_X^2\sigma_X^2 + w_Y^2\sigma_Y^2 + 2w_Xw_Y\sigma_X\sigma_Y\rho}

Solution:


= \sqrt{(0.5^2)(10^2) + (0.5^2)(6^2) + 2(0.5)(0.5)(10)(6)(0.3)}


= \sqrt{25 + 9 + 9} = \sqrt{43}
= \mathbf{6.56\%}

8️⃣ CAPM – Required Rate of Return

Problem:
Risk-free rate = 5%
Market return = 13%
Beta = 1.2

Solution (CAPM):


E(R) = R_f + \beta (R_m - R_f)


= 5 + 1.2(13 - 5)
= 5 + 9.6 = \mathbf{14.6\%}

9️⃣ Security Over/Under Valued (SML Test)

Problem:
Required return (CAPM) = 12%
Expected return = 14%

Interpretation:

Expected > Required ⇒ Undervalued Security

✅ Buy recommendation

🔟 Certainty Equivalent Approach

Problem:
A risky project has expected return of 18%.
Certainty equivalent (CE) return is 14%.

Risk Premium:


Risk\ Premium = 18 - 14 = \mathbf{4\%}

🔥 CMA EXAM TIP

CV → comparison
SD → absolute risk
Beta → market risk
Diversification → removes unsystematic risk only
CAPM & portfolio numericals = high scoring

www.gmsisuccess.in

Thursday, February 5, 2026

Objectivity, Integrity and Independence of Internal Auditor

Objectivity, Integrity, and Independence of Internal Auditors

(As per CIA Part 1 – IIA Standards & Code of Ethics)

Introduction

Objectivity, integrity, and independence are foundational ethical principles governing the professional conduct of internal auditors. These principles are embedded in the IIA Code of Ethics and the International Standards for the Professional Practice of Internal Auditing (Standards). They ensure that internal auditors perform their work with unbiased judgment, honesty, and freedom from undue influence, thereby enhancing the credibility and reliability of assurance and consulting services.

Failure to uphold these principles can undermine audit quality, impair stakeholder confidence, and expose the organization to governance, risk, and compliance failures.

1. Integrity of Internal Auditors

Meaning and Concept

Integrity refers to the honesty, diligence, and responsibility with which internal auditors carry out their professional duties. Integrity establishes trust and provides the basis for reliance on the auditor’s judgment.

According to the IIA Code of Ethics, internal auditors shall:

• Perform their work with honesty, diligence, and responsibility

• Observe the law and make required disclosures

• Not knowingly engage in illegal activities

• Respect and contribute to legitimate and ethical objectives of the organization

Key Characteristics of Integrity

• Truthful reporting without concealment of facts

• Ethical courage to report unfavorable findings

• Avoidance of misleading statements

• Compliance with laws, regulations, and professional standards

Importance of Integrity

Integrity is the moral backbone of internal auditing. Even if an auditor is technically competent and independent, lack of integrity can result in:

• Manipulated audit reports

• Suppressed findings

• Misrepresentation of risks

• Loss of credibility of the internal audit function

CIA Exam Focus

• Integrity is non-negotiable

• It applies at all times, even when independence is not impaired

• An auditor cannot justify unethical conduct by management pressure

2. Objectivity of Internal Auditors

Meaning and Concept

Objectivity refers to an unbiased mental attitude that allows internal auditors to perform engagements without compromising professional judgment.

As per Standard 1120 – Objectivity:

Internal auditors must have an impartial, unbiased attitude and avoid conflicts of interest.

Objectivity vs Independence

• Objectivity is a state of mind

• It applies to individual auditors

• Independence is more about organizational positioning

Threats to Objectivity

• Personal relationships with auditees

• Previous operational responsibility

• Financial interests

• Self-review threats

• Familiarity threats

Safeguards to Maintain Objectivity

• Disclosure of conflicts of interest

• Rotation of audit assignments

• Independent review of work

• Exclusion from auditing areas of prior responsibility

CIA Exam Focus

• Objectivity can be impaired even without actual bias

• Perceived bias is enough to impair objectivity

• Disclosure alone may not always be sufficient

3. Independence of Internal Auditors

Meaning and Concept

Independence refers to the freedom from conditions that threaten the ability of the internal audit activity to carry out responsibilities in an unbiased manner.

As per Standard 1110 – Organizational Independence:

• The Chief Audit Executive (CAE) must report functionally to the board

• The internal audit activity must be free from interference in:

o Scope of work

o Performance of work

o Communication of results

Types of Independence

1. Organizational Independence

o Functional reporting to audit committee / board

2. Individual Independence

o Auditors should not audit areas where they had recent operational responsibility

Impairment of Independence

Independence is impaired when:

• Management restricts audit scope

• CAE reports only to management

• Auditors perform operational roles and later audit the same area

Disclosure Requirement

If independence is impaired:

• The impairment must be disclosed

• Disclosure should be made to appropriate parties

CIA Exam Focus

• Independence is primarily a structural concept

• Consulting services do not automatically impair independence

• Performing management responsibilities does impair independence

Relationship Between Integrity, Objectivity, and Independence

Aspect Integrity Objectivity Independence

Nature Ethical principle Mental attitude Structural condition

Applies to Individual auditor Individual auditor Audit function & auditor

Can be perceived No Yes Yes

Disclosure cures issue No Sometimes Sometimes

Key CIA Insight:

An auditor may be independent but not objective, or objective but not independent, but cannot lack integrity under any circumstances.

Consequences of Violation

• Loss of stakeholder confidence

• Audit findings ignored

• Regulatory scrutiny

• Professional disciplinary action

• Violation of IIA Code of Ethics

Here are some key words for CIA Part 1 exam on Objectivity, Integrity, and Independence of Internal Auditor:

Key Concepts

- *Objectivity*: Unbiased, impartial, and independent mindset

- *Integrity*: Honest, trustworthy, and ethical behavior

- *Independence*: Freedom from undue influence, conflicts of interest

Key Points

- Internal auditors must maintain objectivity and independence

- Avoid conflicts of interest, bias, or undue influence

- Disclose any impairments to independence or objectivity

- Maintain professional skepticism and due care

- Uphold confidentiality and avoid misuse of information

Relevant Standards

- *IIA Standards*: 1100, 1110, 1120, 1130 (Independence and Objectivity)

- *Code of Ethics*: Principles of Integrity, Objectivity, Confidentiality, and Competency

Some possible exam questions:

- What are the threats to internal auditor independence?

- How can internal auditors maintain objectivity?

- What should an internal auditor do if they encounter a conflict of interest?

www.gmsisuccess.in

TRICKY LOGICAL QUESTIONS (CIA Part 1 Style)

Question 1 (Objectivity vs Independence Trap)

An internal auditor previously worked as the procurement manager until six months ago. The CAE assigns the auditor to audit procurement due to staff shortage. The auditor believes they can remain unbiased.

Which statement is MOST appropriate?

A. The assignment is acceptable if the auditor remains objective

B. The assignment impairs objectivity, regardless of auditor belief

C. The assignment impairs independence of the internal audit activity

D. Disclosure alone eliminates any impairment

✅ Correct Answer: B

Explanation:

Self-review threat exists. Belief of objectivity is irrelevant. Objectivity is impaired due to recent operational responsibility.

Question 2 (Integrity Logic Test)

Management asks an internal auditor to delay reporting a significant control weakness until next quarter to avoid reputational damage. The auditor agrees but plans to disclose it later.

Which principle is primarily violated?

A. Objectivity

B. Independence

C. Integrity

D. Confidentiality

✅ Correct Answer: C

Explanation:

Delaying disclosure of known material issues violates honesty and responsibility, which directly breaches integrity.

Question 3 (Perception vs Reality)

An internal auditor is auditing a department headed by a close friend. The auditor feels confident of remaining unbiased and has no financial interest.

What is the BEST action?

A. Proceed with audit since no actual bias exists

B. Proceed but disclose relationship in the report

C. Decline assignment to avoid perceived impairment

D. Request management approval

✅ Correct Answer: C

Explanation:

Perceived impairment of objectivity is sufficient under CIA standards.

Question 4 (Consulting Engagement Trick)

The internal audit activity assists management in designing a risk management framework and later performs an assurance review of the same framework.

What is the MOST appropriate safeguard?

A. No safeguard needed since consulting does not impair independence

B. Disclosure of consulting role in the assurance report

C. Independent review by an external auditor

D. Assign different auditors for the assurance engagement

✅ Correct Answer: D

Explanation:

Using different auditors avoids self-review threat and preserves objectivity.

Question 5 (Board vs Management Reporting)

The CAE reports administratively and functionally to the CFO. Audit scope is approved by management.

Which principle is MOST compromised?

A. Objectivity

B. Integrity

C. Organizational independence

D. Individual independence

✅ Correct Answer: C

Explanation:

Functional reporting must be to the board, not management.

Question 6 (Disclosure Misconception)

Which of the following impairments CANNOT be resolved solely by disclosure?

A. Previous consulting engagement

B. Familiarity threat

C. Management responsibility assumed by auditor

D. Financial interest disclosed

✅ Correct Answer: C

Explanation:

Assuming management responsibility fundamentally impairs independence — disclosure is not sufficient.

Exam Tip (VERY IMPORTANT ⭐)

Integrity cannot be restored by safeguards.

Objectivity may be protected by safeguards.

Independence depends on structure and role clarity.

www.gmsisuccess.in

IS YOUR CHILD FACING THESE CHALLENGES? TALK WITH US!

GMSI Success Professional LLP

Student & Parent Counselling Centre

Goregaon West | Mumbai

www.gmsisuccess.in

🌟 Is Your Child Facing These Challenges?

Many parents today observe that their children:

Lack interest in studies
Cannot concentrate or focus
Have weak memory power
Forget lessons quickly
Show aggressive or impulsive behaviour
Feel stressed before exams
Underperform despite effort

👉 These are common problems — and they are solvable.

🧠 Our Solution: Scientific Counselling & Learning Support

At GMSI Success, we help students and parents using modern, scientifically-backed techniques that improve learning ability, behaviour, and academic performance.

We Focus On:

Memory enhancement
Concentration & focus building
Study skills & exam readiness
Behavioural improvement
Confidence & motivation

🎯 Benefits for Your Child

✔ Improved memory sharpness
✔ Better concentration & attention span
✔ Easy and effective study techniques
✔ Reduced stress, anxiety & aggression
✔ Improved exam performance
✔ Positive learning attitude

🧠 Scientifically-Backed Techniques We Use

Memory Enhancement Techniques

Spaced Repetition – Strengthens long-term memory
Chunking – Simplifies complex topics
Mnemonics – Smart memory tricks & associations
Active Recall – Learning by testing
Dual Coding – Visual + verbal learning

Concentration & Focus Techniques

Attentional Training – Focus despite distractions
Pomodoro Technique – Smart study-break cycles
Cognitive Shifting – Improves mental flexibility

Neuroplasticity Boosters

Neurofeedback-based methods
Brain training activities
Physical & mental exercises for brain growth

🔑 Best Options to Improve Memory Power

Spaced Repetition
Mnemonics
Active Recall
Dual Coding
Pomodoro Technique

👨‍🏫 Professional Counselling Support

One-to-one counselling
Parent & child guidance
Personalised improvement plan
Continuous monitoring & support

📍 Visit Us Today

GMSI Success Professional LLP

📌New Vohra House,2nd floor,Above Kajal Jewellers OPP Goregaon Rly Station Goregaon West, Mumbai

📞 Call Now: 9773464206
👨‍🏫 Counselling by experienced professionals

✨ Right Guidance Today Builds a Successful Tomorrow

www.gmsisuccess.in

Monday, February 2, 2026

Casebased question ⁉️ Integrity Objectivity Independence etc CIA Part 1

Here are case-based MCQs with answers focused specifically on objectivity, integrity, independence, proficiency, and professional credibility — topics emphasized in the CIA Part 1 (New Syllabus 2025).FIRST SOLVE..THEN CHECK ✅ YOURSELF, ANSWERS ARE AT THE END..

✅ OBJECTIVITY & INDEPENDENCE

Q1 — Case

An internal auditor in a multinational company has been asked to audit a division where a close relative is a senior manager. The auditor believes they can remain unbiased.

Which of the following is the best course of action according to internal audit standards?

A. Accept the assignment but disclose the relationship to the division manager.
B. Request reassignment to a different audit to avoid any perception of bias.
C. Proceed with the audit because the auditor feels objective.
D. Conduct the audit with limited reporting.

✅ Answer:

Q2 — Case

During an audit of procurement controls, an auditor realizes they’ve developed a close friendship with one of the procurement supervisors. The supervisor often provides informal suggestions during audit work.

Q5 — Case

An internal audit team is assigned to evaluate complex IT security controls. None of the team members have experience or certification in IT auditing.

The best action before performing the engagement is to:

A. Proceed and learn on the job.
B. Outsource or involve auditors with appropriate IT expertise.
C. Skip the detailed audit steps.
D. Rely on management’s assurance.

✅ Answer:

Q6 — Case

During a financial statement audit, an internal auditor encounters accounting treatments that are unfamiliar and potentially misleading.

Which action shows due professional care?

A. Ignore the unfamiliar treatments and proceed.
B. Consult with a senior auditor or accounting specialist.
C. Conclude the accounts are correct because management authorized them.
D. Guess the appropriate treatment based on experience in other areas.

✅ Answer:

✅ PROFESSIONAL CREDIBILITY

Q7 — Case

An internal audit report understated a significant control deficiency because the auditor believed management would be upset and delay future support for audit work.

Which of the following BEST describes what was compromised?

A. Audit efficiency
B. Professional credibility
C. Auditor independence
D. Regulatory compliance

✅ Answer:

Q8 — Case

A chief audit executive (CAE) wants to increase the internal audit’s visibility and influence in the organization. However, their reports contain frequent inaccuracies and unsupported conclusions.

Which of the following should the CAE do FIRST?

A. Assign more audits to junior auditors to build experience.
B. Improve quality assurance and training in the internal audit practice.
C. Focus on public relations to enhance perception.
D. Reduce the number of audits issued each year.

✅ Answer:

✅ KEY TAKEAWAYS

✔ Objectivity & Independence: Avoid conflicts and perceptions of bias.
✔ Integrity: Always be truthful and report significant issues even under pressure.
✔ Proficiency: Ensure skills and knowledge are adequate for assignments.
✔ Due Professional Care: Use judgment, seek help, and apply audit standards.
✔ Professional Credibility: Built through reliability, accuracy, and ethical conduct.

www.gmsisuccess.in

ANSWERS...

✅ OBJECTIVITY & INDEPENDENCE

Q1 — Case

An internal auditor in a multinational company has been asked to audit a division where a close relative is a senior manager. The auditor believes they can remain unbiased.

Which of the following is the best course of action according to internal audit standards?

✅ Answer: B – Auditors must avoid conflicts of interest and maintain independence; disclosing isn’t enough when a close relative is involved.

Principle: Objectivity & independence require avoiding situations that impair unbiased judgment.

Q2 — Case

What should the auditor do?

✅ Answer: C – The auditor must address the possible impairment of objectivity by involving supervision and changing assignment if necessary.

Principle: Objectivity also means avoiding relationships that compromise or appear to compromise judgment.

✅ INTEGRITY & PROFESSIONAL BEHAVIOR

Q3 — Case

An internal auditor discovers evidence of expense fraud by a senior executive. The executive threatens that disclosing the findings will harm the auditor’s career.

According to professional standards, the internal auditor should:

✅ Answer: B – Auditors must maintain integrity and report significant findings to the appropriate level.

Principle: Integrity means honesty and truthfulness; it overrides personal threats or pressure.

Q4 — Case

An internal audit manager finds that a long-serving junior auditor has been inflating audit hours on timesheets to receive higher productivity scores.

What is the most appropriate action for the manager?

✅ Answer: B – The situation involves ethical misconduct and must be reported and addressed appropriately.

Principle: Integrity applies not only to audit results but also professional conduct.

✅ PROFICIENCY & DUE PROFESSIONAL CARE

Q5 — Case

An internal audit team is assigned to evaluate complex IT security controls. None of the team members have experience or certification in IT auditing.

The best action before performing the engagement is to:

A. Proceed and learn on the job.
B. Outsource or involve auditors with appropriate IT expertise.
C. Skip the detailed audit steps.
D. Rely on management’s assurance.

✅ Answer: B – Auditors must have the knowledge, skills, or bring in specialists to conduct the audit properly.

Principle: Proficiency and due professional care require competent personnel and appropriate skills.

Q6 — Case

During a financial statement audit, an internal auditor encounters accounting treatments that are unfamiliar and potentially misleading.

Which action shows due professional care?

✅ Answer: B – Seeking expert input improves audit quality and accuracy.

Principle: Due professional care means using appropriate competence and obtaining help when needed.

✅ PROFESSIONAL CREDIBILITY

Q7 — Case

An internal audit report understated a significant control deficiency because the auditor believed management would be upset and delay future support for audit work.

Which of the following BEST describes what was compromised?

A. Audit efficiency
B. Professional credibility
C. Auditor independence
D. Regulatory compliance

✅ Answer: B – Professional credibility suffers when auditors alter findings to appease management.

Principle: Credibility requires accurate, complete, unbiased reporting.

Q8 — Case

A chief audit executive (CAE) wants to increase the internal audit’s visibility and influence in the organization. However, their reports contain frequent inaccuracies and unsupported conclusions.

Which of the following should the CAE do FIRST?

✅ Answer: B – Without quality and accuracy, credibility cannot be built.

Principle: Credibility derives from consistent quality, not visibility alone.

www.gmsisuccess.in

Friday, January 30, 2026

Internal control,coso cobit

An is a set of policies, procedures, and processes implemented by management to ensure reliable financial reporting, operational efficiency, compliance with laws, and asset protection. It acts as a safeguard against fraud and errors, providing , rather than absolute certainty, of achieving organizational objectives.

Definition

According to the AICPA Taxmann, internal control comprises the plan of organization and all coordinate methods adopted within a business to safeguard assets, check the accuracy and reliability of accounting data, promote operational efficiency, and encourage adherence to prescribed managerial policies.

Types of Internal Controls

Internal controls are categorized based on their function:

Preventive Controls: Designed to stop errors or fraud before they occur (e.g., segregation of duties, authorization limits, password protections).
Detective Controls: Designed to identify errors or fraud after they have occurred (e.g., bank reconciliations, physical inventory checks, audits).
Corrective Controls: Implemented to fix issues discovered by detective controls (e.g., correcting data entry errors, updating policies).
Administrative/Management Controls: Focused on operational efficiency and compliance (e.g., training programs, performance evaluations).

Components of Internal Control

Often based on the , these include:

Control Environment: The tone at the top.
Risk Assessment: Identifying risks to objectives.
Control Activities: Policies/procedures (segregation of duties).
Information and Communication: Systems that facilitate controls.
Monitoring: Ongoing evaluations of the system.

Limitations of Internal Controls

While essential, internal controls have inherent limitations:

Human Judgment & Error: Mistakes in decision-making, fatigue, or misunderstanding of instructions.
Management Override: High-level personnel may bypass controls for, or, to mask fraud.
Collusion: Two or more employees work together to bypass segregation of duties.
Cost vs. Benefit: The cost of implementing a control might outweigh its benefits.
Obsolescence: Systems may not adapt quickly enough to new, changing business risks.

Internal control systems are not designed to eliminate risk entirely, but to manage it to an acceptable level.

INTERNAL CONTROL – ULTRA IMPORTANT REVISION NOTES

(US CMA Part 1 & Part 2)

1️⃣ Meaning & Definition of Internal Control

Internal Control = a process designed and implemented by Board, Management & Employees to provide reasonable assurance regarding:

Effectiveness & efficiency of operations
Reliability of financial reporting
Compliance with laws & regulations

👉 KEY WORD: Process, not event | Reasonable, not absolute

📌 Exam Trap: Internal control does NOT guarantee prevention of fraud or errors.

2️⃣ Objectives of Internal Control

Safeguard assets
Ensure accurate & reliable records
Promote operational efficiency
Ensure compliance
Prevent & detect fraud/errors

3️⃣ Types of Internal Control

(A) Based on Nature

Administrative controls – policies, authorizations
Accounting controls – safeguarding assets, accurate records

(B) Based on Timing

Preventive controls → stop errors (authorizations, segregation)
Detective controls → find errors (reconciliation, audits)
Corrective controls → fix errors (backup restoration, adjustments)

📌 Best Practice: Strong preventive controls ↓ need for detective controls

4️⃣ Requisites of Good Internal Control System

Proper segregation of duties
Authorization & approval procedures
Adequate documentation
Physical & logical access controls
Independent checks
Competent personnel
Rotation of duties & mandatory leave

5️⃣ Inherent Limitations of Internal Control (VERY EXAMINABLE)

Internal control cannot eliminate risk because of:

Human error
Management override
Collusion
Cost > benefit constraint
Changing environment
Poor judgment

📌 MCQ Clue: Any option claiming absolute assurance = ❌

6️⃣ Effective Internal Control System – Characteristics

Integrated with operations
Continuous monitoring
Risk-based approach
Clear accountability
Supported by governance
Technology enabled

7️⃣ Internal Control Process Flow

Objectives → Risk Identification → Control Design → Implementation → Monitoring → Improvement

8️⃣ Risk Owner (Frequently Tested Concept)

Person accountable for managing a specific risk
Usually process owner, not auditor
Responsible for:
- Identifying risk
- Implementing controls
- Reporting failures

📌 Trap: Internal auditor is NOT risk owner

9️⃣ Governance & Internal Control

Governance ensures:

Ethical behavior
Accountability
Transparency
Oversight

Key Governance Players:

Board of Directors
Audit Committee
Senior Management
Internal Audit

🔟 Role of Board of Directors

Ultimate responsibility for IC
Set tone at the top
Approve risk appetite
Oversee financial reporting
Ensure independence of auditors

📌 Board does NOT design controls – management does

1️⃣1️⃣ Role of Audit Committee (HOT EXAM AREA)

Independent directors
Oversees:
- Financial reporting
- Internal control effectiveness
- Internal & external auditors
Reviews whistleblower complaints
Ensures auditor independence

📌 Audit Committee ≠ Management

1️⃣2️⃣ COSO Framework (CORE FOR CMA)

COSO = Internal Control – Integrated Framework

5 Components

Control Environment
Risk Assessment
Control Activities
Information & Communication
Monitoring Activities

17 Principles (conceptual, not memorization heavy)

📌 Most tested component: Control Environment & Risk Assessment

1️⃣3️⃣ Risk Assessment (Deep Focus Area)

Identify & analyze risks
Consider:
- Inherent risk
- Residual risk
Risk responses:
- Avoid
- Reduce
- Transfer
- Accept

📌 Dynamic process, not one-time

1️⃣4️⃣ COBIT & COSO – How They Support Each Other

COSO	COBIT
Overall internal control	IT governance & control
Enterprise-wide	IT focused
Strategic framework	Detailed control objectives

📌 Exam Line: COBIT complements COSO for IT controls

1️⃣5️⃣ Preventive, Detective & Corrective Controls

Examples:

Preventive: Segregation, authorization
Detective: Reconciliations, audits
Corrective: Data restoration, reprocessing

📌 Best IC system uses all three

1️⃣6️⃣ Compensating (Complementary) Controls

Used when ideal control not feasible Example:

No segregation → strong supervisory review

📌 Common MCQ: Compensating ≠ replacement

1️⃣7️⃣ Failure of Internal Control – Reasons

Poor design
Weak implementation
Lack of monitoring
Override by management
Inadequate training
System changes

1️⃣8️⃣ Components of Control System

(A) Input Controls

Authorization
Edit checks
Validation checks
Batch controls

(B) Processing Controls

Run-to-run totals
Reasonableness checks
Error logs

(C) Output Controls

Distribution controls
Review of reports
Reconciliation with source data

1️⃣9️⃣ Application Controls vs General Controls

Application Controls

Specific to individual systems
Input, processing, output controls

General Controls

Affect overall IT environment
Access controls
Change management
Backup & recovery
IT governance

📌 General controls must be strong for application controls to be effective

2️⃣0️⃣ Accounting Information System (AIS) & Internal Control

AIS helps:

Capture transactions accurately
Process data consistently
Generate reliable reports
Enforce controls automatically

AIS + IC Ensures:

Data integrity
Audit trail
Timely reporting
Compliance

📌 Automation improves control but does NOT eliminate risk

🔥 2-Minute EXAM ELIMINATION LOGIC

✔ Look for “reasonable assurance”
❌ Eliminate “absolute assurance”
✔ Management designs controls
❌ Auditors are not responsible for IC
✔ Preventive > Detective
❌ Collusion can defeat IC

🎯 HOW CMA EXAM TESTS THIS TOPIC

Conceptual MCQs (definitions & roles)
Case-based questions (control failure)
COSO component identification
IT & AIS control linkage
Governance vs Management responsibility

www.gmsisuccess.in

1️⃣ Control Environment vs Control Activities – Core Difference

Basis	Control Environment	Control Activities
Meaning	Overall tone, culture & attitude of the organization	Specific policies & procedures to ensure directives are carried out
Nature	Intangible / qualitative	Tangible / operational
Focus	“How seriously management takes control”	“What controls are actually performed”
Level	Organization-wide	Process / transaction level
Responsibility	Board, Top management, Audit committee	Managers, employees
Timing	Foundational – exists before other controls	Executed daily
COSO component	1st component	3rd component
Impact	Influences effectiveness of all controls	Directly prevents/detects errors & fraud

📌 One-line exam logic

Control Environment = Mindset
Control Activities = Mechanism

2️⃣ Control Environment – Explained with Example

🔹 What it includes

Integrity & ethical values
Management philosophy
Organizational structure
Assignment of authority & responsibility
HR policies
Role of Board & Audit Committee

🔹 Practical Example

Company A

Strong code of ethics
Zero tolerance for fraud
Independent audit committee
Clear reporting lines

➡️ This creates a strong control environment, even before any procedures are applied.

📌 Key exam trick
If the question talks about culture, ethics, tone at the top, governance → it is Control Environment.

3️⃣ Control Activities – Explained with Example

🔹 What it includes

Authorization & approval
Segregation of duties
Reconciliations
Physical controls
IT access controls
Supervisory reviews

🔹 Practical Example

Company B

Purchase orders approved by manager
Cash handling and recording done by different employees
Bank reconciliation prepared monthly

➡️ These are control activities.

📌 Key exam trick
If the question talks about procedures, approvals, checks, reconciliations → it is Control Activities.

4️⃣ Side-by-Side Real-Life Case Example

🏭 Manufacturing Company Case

CEO promotes ethical behavior & transparent reporting
👉 Control Environment
Inventory is:
- Counted monthly
- Access restricted
- Differences investigated
  👉 Control Activities

🔥 Exam Insight
A company can have strong control activities but weak control environment → controls may fail due to management override.

5️⃣ Case-Based MCQs (US CMA / CA / ACCA Style)

MCQ 1 – Identification

A company has well-designed approval procedures, but senior management frequently overrides them to meet profit targets. Which component is weak?

A. Risk assessment
B. Control activities
C. Control environment
D. Information & communication

✅ Answer: C

Explanation:
Override by top management indicates weak tone at the top, i.e., control environment.

❌ Wrong option trap:
B looks tempting because procedures exist, but procedures are not the problem.

MCQ 2 – Best Option

Which of the following BEST represents a control activity?

A. Management commitment to integrity
B. Board oversight
C. Segregation of cash handling and recording
D. Ethical code of conduct

✅ Answer: C

Elimination logic:

A, B, D → Control Environment
Only C is an operational control

MCQ 3 – Case Based

An organization has:

Strong ethical culture
Clear authority structure
No bank reconciliations
Same employee handles cash & recording

Which statement is MOST appropriate?

A. Control environment and control activities are strong
B. Control environment strong; control activities weak
C. Control environment weak; control activities strong
D. Both are weak

✅ Answer: B

📌 Exam gold point:
Strong culture cannot substitute for missing control activities.

MCQ 4 – Look Correct but Wrong

Which of the following is NOT a control activity?

A. Management review of performance reports
B. Authorization of transactions
C. Commitment to competence
D. Physical safeguards over assets

✅ Answer: C

⚠️ Trap:
“Commitment” sounds like action but belongs to Control Environment (HR policy).

6️⃣ Ultra-Short Exam Ready Summary (Write & Score)

Control Environment sets the tone of the organization by influencing control consciousness, while Control Activities are specific actions and procedures designed to ensure management directives are carried out.

A. Control activities
B. Risk assessment
C. Monitoring
D. Control environment

✅ Answer: D

MCQ 25 (Exam Trap)

A company has strong internal controls on paper, but fraud still occurs due to collusion. This BEST reflects:

A. Weak control activities
B. Weak control environment
C. Inherent limitations of internal control
D. Poor information system

✅ Answer: C

🎯 How Examiners Trap You (Quick Tips)

Ethics / tone / culture → Control Environment
Approval / segregation / reconciliation → Control Activities
Override / collusion → Inherent limitations
“On paper but not in practice” → Environment problem

🔥 50 ULTRA-TRICKY CASE-BASED MCQs

INTERNAL CONTROL | COSO | GOVERNANCE | AIS | IT CONTROLS

Q1

A company states that its internal control system ensures all fraud will be prevented.

Which COSO principle is being misunderstood?

A. Control Environment
B. Risk Assessment
C. Reasonable assurance
D. Monitoring

✅ Answer: C

Explanation:
Internal control provides reasonable, not absolute assurance. Fraud can still occur due to collusion or override.

Q2

A senior manager bypasses approval limits to authorize payments.

This illustrates which inherent limitation?

A. Human error
B. Cost-benefit constraint
C. Management override
D. Poor monitoring

✅ Answer: C

Q3

An internal auditor is assigned responsibility for mitigating cybersecurity risk.

This violates which principle?

A. Risk ownership
B. Independence
C. Segregation of duties
D. Monitoring

✅ Answer: A

📌 Risk owner = Management, not Internal Audit

Q4

Segregation of duties is not feasible due to staff shortage. Management increases supervisory review.

This is an example of:

A. Preventive control
B. Detective control
C. Compensating control
D. Corrective control

✅ Answer: C

Q5

Which control is MOST effective in preventing duplicate payments?

A. Bank reconciliation
B. Independent audit
C. Authorization before payment
D. Post-payment review

✅ Answer: C

📌 Preventive > Detective

Q6

A system logs all failed login attempts and alerts IT.

This is a:

A. Preventive control
B. Detective control
C. Corrective control
D. Governance control

✅ Answer: B

Q7

Which party has ultimate responsibility for internal control effectiveness?

A. Internal auditor
B. Audit committee
C. Board of Directors
D. External auditor

✅ Answer: C

Q8

An audit committee is reviewing whistleblower complaints.

This activity relates to:

A. Risk assessment
B. Control activities
C. Governance oversight
D. Application control

✅ Answer: C

Q9

A company uses run-to-run totals to ensure data completeness.

This is a:

A. Input control
B. Processing control
C. Output control
D. General IT control

✅ Answer: B

Q10

Access to accounting software is restricted using passwords.

This is:

A. Application control
B. Output control
C. General control
D. Detective control

✅ Answer: C

Q11

Which COSO component sets ethical tone?

A. Monitoring
B. Risk Assessment
C. Control Environment
D. Control Activities

✅ Answer: C

Q12

A company identifies foreign exchange risk due to overseas sales.

Which COSO component?

A. Information & Communication
B. Risk Assessment
C. Monitoring
D. Control Activities

✅ Answer: B

Q13

An automated system rejects invalid customer codes.

This is:

A. Preventive application control
B. Detective general control
C. Corrective control
D. Output control

✅ Answer: A

Q14

If general IT controls are weak, application controls are:

Q24

Correcting the error after detection is:

A. Preventive
B. Detective
C. Corrective
D. Governance

✅ Answer: C

Q25

Which control ensures data entered is reasonable?

A. Limit check
B. Batch total
C. Hash total
D. Run-to-run total

✅ Answer: A

Q26

Which control BEST prevents collusion?

Q34

✅ Answer: C

Q49

Which control ensures only valid programs run?

A. Input validation
B. Access control
C. Program change control
D. Output control

✅ Answer: C

Q50

Strong internal control system ensures:

A. Absolute fraud prevention
B. Zero errors
C. Reasonable assurance
D. Auditor responsibility

✅ Answer: C

🎯 EXAM STRATEGY TIP

Excellent choice 👍
This is exactly how toppers crack CMA MCQs. Below is a powerful WRONG-OPTION ELIMINATION LOGIC for Internal Control, COSO, Governance & AIS — use this when you’re stuck between options.

🔥 WRONG OPTION ELIMINATION LOGIC

Internal Control | COSO | AIS | Governance (US CMA Part 1 & 2)

1️⃣ ABSOLUTE WORDS = ❌ (FIRST ELIMINATION)

Immediately eliminate options containing:

Always
Completely
Guarantees
Eliminates all risk
Ensures zero fraud
Provides absolute assurance

📌 Correct CMA language = Reasonable assurance

2️⃣ WRONG RESPONSIBILITY = ❌

Eliminate options that assign responsibility incorrectly.

Topic	Correct	Eliminate
Design of IC	Management	Internal / External Auditor
Ultimate oversight	Board	Management only
Risk ownership	Process owner	Internal audit
Monitoring	Internal audit	Operations

📌 If auditor = owner/designer → ❌

3️⃣ PREVENTIVE vs DETECTIVE CONFUSION = ❌

If question asks BEST prevention, eliminate:

Reconciliations
Audits
Reviews after the fact

✔ Choose:

Authorization
Segregation
Validation checks

📌 Preventive > Detective > Corrective

4️⃣ COSO COMPONENT MISFIT = ❌

When matching examples to COSO components:

Control Environment

✔ Ethics, integrity, tone at top
❌ Reconciliations, approvals

Risk Assessment

✔ Identify & analyze risks
❌ Monitor controls

Control Activities

✔ Authorizations, segregation
❌ Culture, ethics

Information & Communication

✔ Data flow, reporting
❌ Control testing

Monitoring

✔ Ongoing evaluations
❌ Initial risk identification

5️⃣ GENERAL vs APPLICATION CONTROL TRAP

If general IT controls are weak:

❌ “Application controls are effective anyway”
❌ “No impact on systems”

✔ Correct logic:

Application controls become unreliable

6️⃣ COLLUSION LOGIC (HIGH-YIELD)

When collusion is mentioned:

❌ Segregation alone prevents fraud
❌ Automation eliminates fraud

✔ Best answers involve:

Independent oversight
Strong governance
Audit committee involvement

7️⃣ COMPENSATING CONTROL TRAP

Eliminate options saying:

❌ “Compensating control replaces segregation”

✔ Correct:

Compensating control reduces risk, does NOT replace ideal control

8️⃣ AIS & AUTOMATION TRAPS

Eliminate options that say:

❌ Automation removes need for control
❌ Computers eliminate human error
❌ IT guarantees accuracy

✔ Correct:

Technology enhances, not eliminates risk

9️⃣ CONTROL FAILURE LOGIC

If error/fraud is not detected timely:

✔ Control failure exists
❌ Reasonable assurance achieved
❌ Effective monitoring

📌 Detection after external audit = 🚨

🔟 AUDIT COMMITTEE vs MANAGEMENT CONFUSION

Eliminate options where:

❌ Audit committee manages daily controls
❌ Board designs controls

✔ Correct:

Management → design & operate
Audit Committee → oversight
Board → ultimate responsibility

1️⃣1️⃣ INPUT–PROCESS–OUTPUT CONFUSION

Input Controls

✔ Validation, edit checks
❌ Reconciliations

Processing Controls

✔ Run-to-run totals
❌ Authorization

Output Controls

✔ Report review, distribution
❌ Data entry checks

1️⃣2️⃣ RISK RESPONSE ELIMINATION

If risk still exists after controls:

✔ Residual risk
❌ Inherent risk eliminated
❌ Risk avoided completely

1️⃣3️⃣ GOVERNANCE LANGUAGE FILTER

Eliminate options lacking:

Oversight
Accountability
Transparency
Ethics

✔ Governance ≠ operations

1️⃣4️⃣ INHERENT LIMITATION FILTER

Valid inherent limitations: ✔ Collusion
✔ Management override
✔ Cost-benefit

❌ Auditor incompetence
❌ Lack of framework

1️⃣5️⃣ FINAL 10-SECOND RULE (EXAM DAY)

If confused, choose the option that: ✔ Sounds balanced
✔ Mentions reasonable assurance
✔ Assigns responsibility correctly
✔ Prefers preventive control
✔ Aligns with COSO logic

🧠 HOW TOPPERS USE THIS

Strike 2 wrong options immediately
Apply responsibility check
Check preventive vs detective
Read remaining 2 slowly

Excellent 😈
These are the most dangerous CMA questions — options that sound perfect, use right words, but are WRONG. Below are 15 “LOOKS-CORRECT-BUT-WRONG” MCQs from Internal Control, COSO, Governance & AIS with why your brain falls for it.

⚠️ LOOKS-CORRECT-BUT-WRONG MCQs

US CMA Part 1 & Part 2 – Internal Control

MCQ 1

Internal control is effective if it ensures all material misstatements are prevented.

A. True
B. False

❌ Looks correct because: “material” + “prevented”
✅ Answer: B

🔍 Why wrong:
IC provides reasonable assurance, not guaranteed prevention.

MCQ 2

Strong segregation of duties eliminates fraud risk.

A. True
B. False

❌ Trap: “Strong” sounds convincing
✅ Answer: B

🔍 Why wrong:
Collusion & management override still exist.

MCQ 3

Because internal auditors evaluate controls, they are responsible for ensuring controls are effective.

A. True
B. False

❌ Trap: Evaluation ≠ responsibility
✅ Answer: B

MCQ 4

If a control detects an error quickly, the control is considered effective.

A. True
B. False

❌ Trap: Speed ≠ prevention
✅ Answer: B

🔍 Detective ≠ effective prevention

MCQ 5

Automation of accounting processes removes human error.

A. True
B. False

❌ Trap: Technology bias
✅ Answer: B

MCQ 6

The audit committee is responsible for designing and implementing internal controls.

A. True
B. False

❌ Trap: Governance authority
✅ Answer: B

MCQ 7

If errors are discovered during the external audit, the internal control system is still effective because errors were detected.

A. True
B. False

❌ Trap: Detection logic
✅ Answer: B

🔍 Late detection = control failure

A strong control environment ensures ethical behavior by all employees.

A. True
B. False

❌ Trap: “Tone at the top” exaggeration
✅ Answer: B

MCQ 12

If management accepts a risk, it means no control is required.

A. True
B. False

❌ Trap: Risk acceptance misunderstanding
✅ Answer: B

MCQ 13

Monitoring activities focus primarily on identifying new risks.

A. True
B. False

❌ Trap: COSO component mix
✅ Answer: B

📌 Risk identification = Risk Assessment

MCQ 14

Input controls alone are sufficient to ensure accurate processing.

A. True
B. False

❌ Trap: Partial truth
✅ Answer: B

MCQ 15

Because AIS generates audit trails, internal auditors do not need to test controls extensively.

A. True
B. False

❌ Trap: AIS overconfidence
✅ Answer: B

🧠 COMMON PATTERNS IN “LOOK-RIGHT-BUT-WRONG” OPTIONS

Watch out for:

Absolute promises
Authority confusion (auditor/board)
Technology overconfidence
Late detection = “effective”
One control solving everything

🚀 HOW TO BEAT THESE IN EXAM

When an option feels too comfortable, ask: 1️⃣ Does it claim perfection? ❌
2️⃣ Does it shift responsibility? ❌
3️⃣ Does it ignore residual risk? ❌

www.gmsisuccess.in