Entity-Level Controls – Fraud Questionnaire

Fraud is the intentional perversion of truth in order to induce another to part with something of value or to surrender a legal right. In the business community, the primary goal of fraud is often monetary gain.

Fraud prevention programs are essential to set the right tone for an effective internal control framework. In addition, strong internal controls provide better opportunities to detect and deter fraud. Because of this, it is important to assess whether management has implemented formal communication mechanisms, internal controls, and internal or external oversight processes to effectively prevent or deter fraud. This could include the identification of fraud risks in an entity­-wide risk assessment program; or establishing a separate risk assessment program that considers the vulnerability of the company to fraudulent activities.

This questionnaire captures the following information about control objectives related to entity-level fraud controls:

* COSO component
* Control objective
* Does this control exist?
* Describe specific activities, programs or controls in place that satisfy the objective
* New/Changed in current year
* Controls properly designed?
* Control owner
* Test procedures
* Documentation reference
* Work paper reference
* Controls operating effectively?
* Describe the basis for effectiveness conclusion (including evidence of operation)
* Deficiencies noted
* Type of deficiency (Efficiency, Fin. Reporting, Compliance)
* Management action plan to address deficiencies