The description of separation of duties, periodic password changes, access restrictions, and separate storage of cash and sensitive documents corresponds to which internal control component?

Prepare for the Certified Defense Financial Manager Exam 1. Study with flashcards and multiple choice questions. Each question includes hints and explanations to boost your knowledge. Ace your exam with confidence!

Multiple Choice

The description of separation of duties, periodic password changes, access restrictions, and separate storage of cash and sensitive documents corresponds to which internal control component?

Explanation:
Control activities are the policies and procedures that ensure management directives are carried out and risks are mitigated. The described items—separation of duties, periodic password changes, access restrictions, and keeping cash and sensitive documents in separate storage—are classic examples of these procedures in action. Separation of duties reduces the chance that one person can both cause and conceal errors or fraud by distributing key tasks among different individuals. Periodic password changes and access restrictions limit unauthorized system access, strengthening logical security. Storing cash separately from sensitive documents provides physical controls to protect assets and information. In the COSO internal control framework, control activities sit alongside the control environment, information and communications, risk assessment, and monitoring as essential components. The other components refer to the broader organizational culture and information flow (control environment and information and communications) or to the ongoing evaluation of controls (monitoring). Since the described items are about the specific actions and procedures that implement control, they fit under control activities.

Control activities are the policies and procedures that ensure management directives are carried out and risks are mitigated. The described items—separation of duties, periodic password changes, access restrictions, and keeping cash and sensitive documents in separate storage—are classic examples of these procedures in action. Separation of duties reduces the chance that one person can both cause and conceal errors or fraud by distributing key tasks among different individuals. Periodic password changes and access restrictions limit unauthorized system access, strengthening logical security. Storing cash separately from sensitive documents provides physical controls to protect assets and information.

In the COSO internal control framework, control activities sit alongside the control environment, information and communications, risk assessment, and monitoring as essential components. The other components refer to the broader organizational culture and information flow (control environment and information and communications) or to the ongoing evaluation of controls (monitoring). Since the described items are about the specific actions and procedures that implement control, they fit under control activities.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy