Examice

Exam IIA-CIA-Part1 All QuestionsBrowse all questions from this exam

Question 236

During the annual fraud risk assessment, an organization identified that an employee in the accounts payable department has the ability to both enter a new vendor into the system and process payments to the vendor. Which of the following is a preventative control that an auditor would propose to reduce the risk in this scenario?

New vendors may only be added into the vendor management system by employees in the procurement department.

Vendor payments may only be processed by employees in the accounts payable department.

An anonymous employee hotline is established for employees to report any suspicious activity they witness regarding payments to vendors.

The vendor management system activity log is reviewed by management on a weekly basis for suspicious transactions.

Correct Answer: A

A preventative control aims to prevent fraud before it occurs by segregating duties to ensure no single employee has too much control over any process. By ensuring that new vendors may only be added into the vendor management system by employees in the procurement department, the organization removes the ability for an accounts payable employee to create a fake vendor and process payments to that vendor. This reduces the risk of fraudulent activities significantly.

Discussion

Carrie888Option: A

why not A????