IIA-CCSA Certification in Control Self-Assessment® (CCSA®) Questions and Answers

Control point

Accountability

Expense level

None of the above

Governance

Activity Approval

Communication

Evaluation

Entity wide objectives

Activity-level objectives

Presentations

Forms and means of communication

Implementation

Reporting

Planning

Analyzing

Personality characteristics

Organizational characteristics

Operational characteristics

Risk characteristics

more highly centralized organizations tend to push responsibility for making important decisions to lower levels of management.

more highly decentralized organizations tend to push responsibility for making important decisions to lower levels of management.

more highly productive organizations tend to push responsibility for making important decisions to upper levels of management.

more highly flat organizations tend to push responsibility for making important decisions to upper levels of management.

Presentation software

Electronic mailing

Project management software

None of the above

Internal control monitoring

Business decisions

Organizational policies and procedures

Standardization

True

False

Facts

Impacts

Scenarios

Figures

To establish and help achieve business objectives.

To focus resources on areas that is key to the organization’s success.

To communicate established objectives to stakeholders.

To neglect establish criteria against which to measure progress.

Control environment is designed to prevent and detect errors and omissions in the conduct of routine business functions.

Control activities are designed to prevent and detect errors and omissions in the conduct of routine business functions.

Risk assessment is designed to prevent and detect errors and omissions in the conduct of routine business functions.

Monitoring is designed to prevent and detect errors and omissions in the conduct of routine business functions.

True

False

Common to Formal, decentralized organizations that tend to be more participative, open and fixed.

Common to Formal, centralized organizations that tend to be more participative, open and fixed.

Common to informal, centralized organizations that tend to be more participative, open and flexible.

Common to informal, decentralized organizations that tend to be more participative, open and flexible.

the end product of strategic planning is the operational plan

the start product of strategic planning is the strategic plan

the end product of strategic planning is the strategic plan

the end product of operational planning is the strategic plan

Practical, Feasible, durable, General

Practical, Feasible, Cost effective, Specific

Sufficient, changeable, Cost effective, Specific

Practical, Feasible, Reliable, Specific

Directed vision

Visionary leadership

Visionary management

Intended vision

True

False

Analyzing, Planning, Developing and Reporting

Analyzing, Planning, Accountability and Reporting

Planning, Analyzing, Developing and Changing

Planning, Developing, Reporting and Follow-up

Informal controls

Formal controls

Procedural controls

Organizational controls

procedures designed to test for validity of flowcharts.

activities designed to test for risk assessment.

procedures designed to test for errors in the system of internal control.

procedures designed to test for errors in the automated control systems.

Risk, productivity

Risk, control

Control, productivity

Test, risk

Program evaluation

Audit resolution

Ongoing monitoring

Control environment

In traditional approach, reporting was done by work teams and in control selfassessment approach it is done by auditors.

In traditional approach, reporting was done by auditors and in control self-assessment approach it is done by work teams.

In traditional approach, setting business objectives were done by auditors and in control self-assessment approach it is done by management.

In traditional approach, accessing risks were done by auditors and in control selfassessment approach it is also done by auditors.

True

False

Loss of productivity

Excessive labor cost

Missed opportunities

Loss in process advancement

Internal audit can focus on validating the evaluation conclusions produced by controlself assessment.

controlling can focus on validating the evaluation conclusions produced by controlself assessment.

Internal audit can focus on resource and budgetary produced by control-self assessment.

Internal audit can focus on better risk assessment produced by control-self assessment.

Practitioners use a more democratic approach to leadership.

Strategic managers use a more democratic approach to leadership.

Autocratic managers use a more democratic approach to leadership.

Participate managers use a more democratic approach to leadership.

Inspecting environment

Monitoring environment

Environmental inspection

Environmental scanning

True

False

Culture

Legation

Refinement

Attitude

To determine the amount of change occurring in the organization.

Develop one or more general statements in the form of mission and objective.

Develop specific plans for achieving objectives.

Communicate the plan to affected staff.

System

Mission

Objectives

Philosophy

Risk mitigation

Risk assessment

Risk identification

Risk audits

Interviews

Survey

Voting

Auditing

External audit activity

Internal audit activity

Organizational adequate control

System’s internal effectiveness

People are one of the weakest links in control processes.

Processes are one of the weakest links in control processes.

Products are one of the weakest links in control processes.

Inadequate Planning is one of the weakest links in control processes.