ExamTopics Logo
Mail Us[email protected]
Menu
Iia Discussions
exam questions

Exam IIA-CIA-Part1 All Questions

View all questions & answers for the IIA-CIA-Part1 exam
Go to Exam

Exam IIA-CIA-Part1 topic 6 question 137 discussion

Actual exam question from IIA's IIA-CIA-Part1
Question #: 137
Topic #: 6
[All IIA-CIA-Part1 Questions]

During the annual fraud risk assessment, an organization identified that an employee in the accounts payable department has the ability to both enter a new vendor into the system and process payments to the vendor. Which of the following is a preventative control that an auditor would propose to reduce the risk in this scenario?

  • A. New vendors may only be added into the vendor management system by employees in the procurement department.
  • B. Vendor payments may only be processed by employees in the accounts payable department.
  • C. An anonymous employee hotline is established for employees to report any suspicious activity they witness regarding payments to vendors.
  • D. The vendor management system activity log is reviewed by management on a weekly basis for suspicious transactions.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Carrie888 at Sept. 4, 2023, 11:31 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Carrie888
Highly Voted 1 year, 11 months ago
why not A????
upvoted 6 times
f30b972
11 months, 3 weeks ago
Because vendors shouldn’t be set up by procurement. That would allow procurement to place orders to potentially fake vendors whom may submit fake invoices that AP will process.
upvoted 1 times
umlaww1987
8 months, 2 weeks ago
But the option B seems to the scenario without any difference. The question already mentioned that the vendor payment is processed by an employee in account payable department.
upvoted 2 times
...
...
...
Kozy
Most Recent 1 month ago
Selected Answer: A
The risk arises from inadequate segregation of duties, where the same employee can both: Add a new vendor, and Process payments to that vendor. This creates an opportunity for fraudulent vendor creation and payment processing. Preventative controls are designed to stop fraud before it occurs. In this case: Restricting vendor setup to a separate department (procurement) ensures no single employee can both create vendors and issue payments, reducing fraud risk through proper segregation of duties.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel