Pre-Final Examinations
Acctg 238
General Instructions:
1. Total Duration: 1 hour 30 minutes
Total Points: 60 points
2. Exam Format:
This exam consists of three (3) sections:
o Section A: Matching (10 points)
o Section B: Short Answer Questions (30 points)
o Section C: Case Study (20 points)
3. Submission Policy:
o This is a timed, online exam. It must be completed and submitted within the
allowed time.
o Late turn-ins will not be checked or graded. No extensions will be granted
unless officially approved in advance.
4. Attendance Requirement (Online Setting):
o The exam will begin promptly at 6:00 PM.
o Only students who are present in the Teams room within the first 15 minutes
(by 6:15 PM) will be allowed to take the exam.
o Anyone joining the room after 6:15 PM will not be admitted or allowed to
participate in the exam.
o This mirrors regular class policy and will be strictly enforced.
5. Online Exam Conduct:
o Keep your camera on at all times during the exam.
o Microphones must be muted, but be ready to respond to questions or identity
verification if asked.
o You must remain in the room for the entire duration unless otherwise permitted
for emergency reasons.
o Any form of collaboration or use of unauthorized materials will be considered
a violation of academic integrity.
6. Section-Specific Instructions:
o Section A: Match roles with responsibilities. Write only the letter corresponding
to the correct match.
o Section B: Write short, structured responses using your own words. Apply
concepts from class and presentations.
o Section C: Analyze the case scenario and respond clearly using practical
applications of risk management principles.
7. Answer Guidelines:
o Use complete sentences and clear reasoning.
o Include examples where appropriate to strengthen your answers.
o Organize your thoughts logically. Use bullet points only where applicable.
o Submit answers in the format specified by the instructor (Word doc or PDF files)
� 8. Grading Criteria:
o Accuracy and depth of content
o Application of risk and governance principles
o Original thought and structure
o Clarity, coherence, and relevance
Section A: Matching (10 points)
Instructions: Match each role on the left with its corresponding responsibility on the right.
Write the letter of the responsibility next to the number of the role.
Roles
1. B. Internal Audit Manager
2. A. Risk Manager
3. C. CEO/Board
4. D. Specialist Risk Function
5. E. Individual Employees
Responsibilities
A. Maintain up-to-date risk management policies and coordinate control activities
B. Provide assurance on internal control effectiveness and audit risk processes
C. Determine the organization’s risk appetite and lead strategic direction
D. Support incident investigations and help managers assess risk effectiveness
E. Implement risk processes and report near misses or inefficient controls
Section B: Short Answer Questions (30 points)
Instructions: Answer the following questions in your own words using relevant examples
where possible. Each question is worth 6 points.
1. Explain why it is important for risk management to be integrated into an organization’s
overall strategy and decision-making process.
- Risk management should not be treated as a separate function but as an integral part of
an organization's overall strategy and decision-making process. When risk management is
embedded into business operations, it allows organizations to anticipate potential
challenges and create contingency plans. This proactive approach enhances resilience,
minimizes financial losses, and improves operational efficiency. Additionally, integrating
� risk management into strategic planning fosters a risk-aware culture where employees at
all levels understand their roles in mitigating risks.
2. How can the internal audit function contribute to improving the risk culture in an
organization?
- The internal audit function plays a key role in strengthening an organization's risk
culture by evaluating internal controls, ensuring compliance with regulations, and
identifying areas for improvement. Internal auditors provide independent assessments
that help organizations detect weaknesses in their risk management framework.By
offering recommendations for corrective actions, they contribute to building a more
robust risk culture where employees are aware of potential risks and take proactive steps
to mitigate them. Furthermore, internal audits promote transparency and accountability,
reinforcing the importance of ethical decision-making and compliance with
organizational policies.
3. Discuss the importance of clear communication from the CEO/Board regarding the
organization’s risk management framework.
- Effective communication from the CEO and Board regarding the organization’s risk
management framework is essential for ensuring alignment between leadership goals and
employee actions. When leadership clearly communicates risk expectations, employees
understand their roles in maintaining compliance and preventing disruptions. Clear
communication also promotes transparency, making it easier for employees to raise
concerns about potential risks. Additionally, strong leadership communication fosters a
culture of responsibility, where risk management becomes a shared effort rather than a
task assigned to a specific department.
4. In what ways can individual employees influence the success or failure of risk
management initiatives?
- Employees play a crucial role in the success or failure of risk management initiatives.
Their actions and level of engagement directly impact an organization's ability to prevent
or mitigate risks. Employees contribute by:
Identifying and reporting potential risks in their daily operations
Adhering to company policies and procedures related to risk management
Participating in training programs to enhance risk awareness
Providing feedback on risk-related policies and suggesting improvements
Taking proactive measures to prevent safety hazards or operational inefficiencies
5. What role does ongoing training and learning play in enhancing an organization’s risk
maturity?
� - Continuous training and education play a vital role in enhancing an organization's risk
maturity. Regular training sessions help employees and leaders stay updated on emerging
risks, regulatory changes, and best practices for managing uncertainties. By fostering a
culture of continuous learning, organizations can ensure that employees are well-
equipped to identify, assess, and respond to risks effectively. Training also reinforces the
importance of compliance and ethical behavior, reducing the likelihood of negligence or
oversight that could lead to financial or reputational damage. Ultimately, organizations
that invest in ongoing training develop a workforce that is more capable of handling risk
challenges and adapting to changing business environments.
Section C: Case Study (20 points)
Instructions: Read the scenario below and respond to the prompts that follow. Your response
should demonstrate critical thinking, problem-solving and practical application of risk concepts.
Case Scenario: The University Festival
Your university is planning a large-scale music and cultural festival involving over 3,000
attendees, multiple venues, food trucks, and live performances. A student committee is
organizing the event, but the university’s risk manager and internal audit team are overseeing
key controls.
During preparation, a few issues emerge:
A student reports a food safety concern involving one of the vendors.
Budget overruns are identified in the lighting and stage setup.
One venue has not received a proper fire safety inspection.
A heavy rain forecast could disrupt outdoor events.
Case Study Questions:
1. Identify and categorize at least three different types of risks in this scenario (e.g.,
operational, compliance, strategic, financial) and explain their potential impact.
(6 points)
Environmental Risk: A heavy rain forecast could disrupt outdoor events, causing
cancellations, damage to equipment, and safety hazards for attendees and performers.
Operational Risk: A student reports a food safety concern involving one of the
vendors. If not addressed, this could lead to food poisoning incidents, legal liabilities,
and reputational damage for the university.
� Financial Risk: Budget overruns in lighting and stage setup may strain the festival’s
financial resources, leading to cost-cutting in other critical areas or additional funding
requests.
2. Choose two roles from the risk management framework (e.g., Risk Manager, Internal
Audit Manager, Individual Employee) and describe how they should respond to the
identified issues.
(6 points)
Internal Audit Manager: This role involves reviewing financial records to identify
areas of excessive spending and ensure budget adherence. Additionally, the Internal
Audit Manager should verify that all necessary permits and safety inspections are
completed before the event to minimize compliance risks.
Risk Manager: The Risk Manager should coordinate with food vendors to ensure
compliance with food safety standards, implement additional inspections, and
develop a response plan in case of a food-related incident. They should also oversee
budget allocation to prevent financial mismanagement and evaluate contingency
plans for rain disruptions.
3. What steps could the senior management team take before the event to ensure a
proactive risk culture among student organizers and vendors?
(4 points)
Establish clear risk management policies and provide training to student organizers
and vendors on food safety, financial controls, and emergency procedures.
Conduct regular safety and compliance audits to ensure all vendors and venues meet
the required standards.
Set up a risk monitoring team to identify and report potential risks before they
escalate.
Implement a communication plan to ensure all stakeholders are aware of contingency
measures in case of adverse events.
4. Suggest two contingency plans that could be activated if the rain forecast worsens.
(4 points)
Relocation Plan: Move outdoor performances and food stalls to indoor or covered
venues to ensure that events continue without disruption.
Schedule Adjustment: Rearrange the festival schedule by rescheduling outdoor
activities for later times or alternative days, prioritizing safety while maintaining
audience engagement.
