IIA-CCSA Certification in Control Self-Assessment® (CCSA®) Questions and Answers

Planning, Execution, Controlling

Initiation, Planning, Execution, Controlling

Initiation, Planning, Execution, Testing

Planning, Execution, Controlling, Testing

Quality, time, performance

Quality, quantity, time

Data, quantity, time

Quality, quantity, resources

Competency

Feasibility

Relevancy

Testimonial

True

False

Program evaluation

Program effectiveness

Program efficiency

Program routine

Aptitude association

Competence union

Connection

Building bond

Analytical auditing

Time requirements

Functional specifications

Control activities

Accounts payable

Cash receipt

Inventory

Accounts receivable

To establish and help achieve business objectives.

To focus resources on areas that is key to the organization’s success.

To communicate established objectives to stakeholders.

To neglect establish criteria against which to measure progress.

Practitioners use a more democratic approach to leadership.

Strategic managers use a more democratic approach to leadership.

Autocratic managers use a more democratic approach to leadership.

Participate managers use a more democratic approach to leadership.

True

False

Workshops involve gathering information from individuals representing different levels in the press.

Workshops involve gathering information from work teams representing different levels in the business unit or function.

Workshops involve gathering information from individuals representing similar levels in the business unit or function.

Workshops involve gathering information from work teams representing similar levels in the lobby.

Production

Performance

Summative

Output

guidelines to handle internal controls monitoring with standards

policy or procedure that help ensure management’s objectives

timely information and communication about company’s goals

observance of tax laws, industry requirement and regulatory requirements

Risk Management

Risk Mitigation

Risk Measurement

Risk Prioritization

Entity wide plans

Activity-level objectives

General applications

Risk control activities

True

False

activities or initiatives by industry competitors

changes in production quotas or deadlines

economic shifts

technological advancements

Compliance control

Efficiency control

Timeliness control

Law enforcement

Risk arising from business strategies and activities are identified and prioritized.

Changes arising from business strategies and activities are identified and not prioritized.

Risk arising from business strategies and activities are identified and but less prioritized.

Risk arising from decision strategies and activities are identified and prioritized.

only quantitative and measure results associated with only products delivered by an organization.

both quantitative and qualitative and measure both results associated with products and services delivered by an organization.

only qualitative and measure results associated with only services delivered by an organization.

none of the above

Objectivity

Integrity

Confidentiality

Expert judgment

Program conclusion specify all activities and linking the program activities to expected final results.

Program modeling specify all activities and linking the program activities to expected intermediate and ultimate results.

Program developing specify all activities and linking the program activities to expected ultimate results.

Program integrity specify all activities and linking the program activities to expected intermediate results.

Machine bureaucracy

Performance bureaucracy

Functional bureaucracy

Organizational bureaucracy

comparison of statistics by showing the relationship of one or more type of units to a single type of unit

comparison of equivalence by showing the equivalent relationship of one type of unit to a different type of unit

comparison of rationality by showing the relationship of multiple types of units to a single type of unit

comparison of proportionality by showing the relationship of one type of unit to a different type of unit

Promotion system

Code of conduct

Rank vulnerability

Rank inherent risk

Sufficient

Feasible

Practical

Reliable

In traditional approach, reporting was done by work teams and in control selfassessment approach it is done by auditors.

In traditional approach, reporting was done by auditors and in control self-assessment approach it is done by work teams.

In traditional approach, setting business objectives were done by auditors and in control self-assessment approach it is done by management.

In traditional approach, accessing risks were done by auditors and in control selfassessment approach it is also done by auditors.

Control point

Accountability

Expense level

None of the above

Establishment of organizational objectives

Oversight groups

Assignment of authority

Human resource policies and practices

Identifying risk factors and significant exposures.

Accessing the control processes that do not mitigate or manage those risks.

Developing action plans to reduce risks to acceptable levels.

Determining the likelihood of, or assisting in, the achievement of business objectives.

2050.C1- Investigating progress

2500.A3- Implementing progress

2500.A1- Monitoring progress

2500.A2- Mitigating progress

Risk mitigation

Risk assessment

Risk analysis

Risk management

Performance integrity

Performance measures

Performance outcomes

Performance management

Internal audit activity

External audit activity

Activity entrustment

Activity Control

Strategic, Process and Operational

Business, Process and Operational

Strategic, Process and Assertion

Quantifiable, Strategic, and Operational

True

False