Which of the following areas of responsibility would cause the GREATEST segregation of duties conflict if the individual who performs the related tasks also has approval authority?
The greatest segregation of duties (SoD) conflict arises when one person is responsible for both receiving goods and making payments for them. This creates a significant opportunity for fraud, such as:
Falsely recording the receipt of goods that were never delivered
Approving payment for those nonexistent goods
Circumventing detection by manipulating both processes
Why the other options are less critical:
A. Vendor selection and statements of work
🔹 These can present risk, but payments are still processed independently, offering some control.
B. Invoices and reconciliations
🔹 While this has risk, it's typically detected through internal audit or secondary review functions.
C. Purchase requisitions and purchase orders
🔹 This could lead to procurement without proper approval but doesn't directly lead to payment or loss of funds without further collusion.
The combination of goods receipts (confirming that goods or services have been received) and payments (authorizing payment for those goods or services) presents the greatest risk because the individual could:
Fabricate receipt of goods or services that were never delivered.
Approve payments for fraudulent or non-existent transactions.
While invoices and reconciliations (Option B) also involve important financial processes, separating these tasks does not inherently create the same level of conflict as goods receipts and payments. In the case of goods receipts and payments, the potential for misuse or abuse of authority is more pronounced due to the direct link between receiving goods and authorizing payments.
While Option A represents a segregation of duties concern, Option D presents a greater conflict because it involves both the physical handling of inventory and the financial control over payments, thereby posing a higher risk of fraud or misappropriation. Therefore, Option D is considered to have the GREATEST segregation of duties conflict.
Invoices and reconciliations present a segregation of duties conflict if the same individual who performs the related tasks also has approval authority because they can manipulate the invoicing and reconciliation process for personal gain. The individual may approve fraudulent invoices, alter the amounts on invoices, or misstate the reconciliation to hide discrepancies. Segregation of duties is a fundamental principle of internal control that aims to minimize the risk of fraud and error by dividing critical financial and operational responsibilities among different individuals. By separating the tasks of reconciling invoices from the authority to approve them, it becomes more difficult for a single individual to commit fraud or make an error without detection.
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Greens
2 weeks, 5 days ago1Naa
6 months, 2 weeks agoshalota2
1 year agoSwallows
1 year agoa84n
1 year, 2 months agoKAP2HURUF
1 year, 4 months agoBA27
1 year, 10 months agoBA27
1 year, 10 months agozebree
2 years, 5 months agoEric0223
2 years, 5 months agoDavid_Hu
2 years, 5 months ago