These are actions taken to reduce risk to an acceptable level.
What are control activities or internal controls?
This type of risk arises from external factors like market changes, natural disasters, or new laws.
What is external risk?
The act of intentionally deceiving someone to gain an unfair or unlawful advantage.
What is fraud?
The NC Internal Audit Act typically requires state agencies to establish this function to oversee risk and controls.
What is an internal audit department or internal audit function?
“The Smartest Guys in the Room” documentary chronicles the downfall of this company that led to the Sarbanes Oxley Act of 2002
What is Enron?
This type of control is implemented before a transaction or activity occurs, to prevent errors.
What is a preventative control?
A risk that could cause significant damage to reputation or public trust.
What is reputational risk?
The most common type of occupational fraud, often involving theft of cash or assets.
What is asset misappropriation?
The North Carolina Central Internal Audit Office often collaborates with this agency responsible for investigating public corruption.
What is the State Bureau of Investigation (SBI)?
This 2002 biopic tells the story of Frank Abagnale who stole millions of dollars while pretending to be a pilot, doctor and prosecutor.
What is Catch Me If You Can?
A control that happens after a process is complete to spot problems, like reconciliations or reviews.
What is a detective control?
The process of identifying, analyzing, and responding to risk.
What is risk management?
This term refers to red flags or warning signs that fraud might be occurring.
What are fraud indicators?
This is the name of the North Carolina law that governs public records and transparency, which auditors often reference.
What is the North Carolina Public Records Act?
The Wolf of Wall Street was based on this person’s life who was convicted of securities fraud and money laundering.
Who is Jordan Belfort?
This type of control ensures only authorized individuals can access certain systems or data.
What is an access control?
When internal auditors assess how likely a risk is to occur and how bad the impact would be, they’re conducting this.
What is a risk assessment?
The fraud triangle includes three components: pressure, opportunity, and this.
What is rationalization?
The North Carolina Central Internal Audit Office follows standards set by this global professional organization.
What is the Institute of Internal Auditors (IIA)?
You may better recognize the red stapler or TPS reports, but a lack of IT controls led to hundreds of thousands of dollars being stolen from this company in “Office Space”.
What is Initech?
This is the first component of the COSO framework and includes tone at the top and organizational structure.
What is the control environment?
This risk management strategy involves transferring risk to another party, such as through insurance.
What is risk transfer?
A fraud detection method where employees anonymously report unethical behavior.
What is a whistleblower hotline/ethics hotline?
This North Carolina committee provides oversight on internal audit activities across state agencies.
What is the Council of Internal Auditing?
Robert De Niro and Michele Pfeiffer starred as Bernie and Ruth Madoff in this 2017 HBO movie based on the largest investment fraud in history
What is The Wizard of Lies?