All questions are mandatory.
Compliance
Q1: What are the objectives of forming a compliance department in a company?*
A: To comply with the internal policies of the company
B: To Ensure that internal controls are present to adequately measure and manage the
risks.
C: To identify compliance requirements setup by the government
Q2: What is the primary goal of compliance management?*
A: Maximizing profits for the organization
B: Minimizing risks associated with non-compliance
C: Increasing customer satisfaction
D: Enhancing employee engagement and morale
Q3: What is the primary role of a compliance officer within an organization?*
A: Maximizing profits and revenue
B: Enforcing disciplinary actions against employees
C: Ensuring adherence to laws, regulations, and internal policies
Q4: What are the responsibilities of the business departments in context of compliance
management?*
A: Risk identification and Assessment
B: Formulate and improve the policy and process
C: Both of the above
Q5: Which department is responsible for executing accountability decisions for violators as
per regulations?*
A: Regulatory
B: Human Resource
C: Legal
Q6: Who is the first line of defence in managing operational and compliance risks?*
A: EMT / Board of Directors
B: Each Department & its employee are responsible for managing its risks
C: Fraud Management / Internal Audit / Specialized Risk departments
Code of Conduct
Q7: What is in accordance to CMPak policy regarding receipt of gifts from suppliers.*
A: Only Non-monetary gifts are acceptable
B: Only low value gifts are acceptable
C: No gifts should be accepted from vendor
Q8: What is meant by the term conflict of interest?*
A: Whereby an individual’s personal interest could compromise his professional
judgments or decisions
B: When areas of personal interests of two employees working in the same department
differ sharply
� C: When there is a conflict between management over a business decision
Q9: Which of the following are not permissible under the CMPak code of conduct?*
1. Knowingly concealing a personal or business relations that are doing business with CMPak
2. Employed part or full-time during working hours for entities other than CMPak
3. Restricting access to company’s information only to the relevant stakeholders
4. Sharing Salary details within and outside the organization
A: 1, 2 & 3 only
B: 1,2 & 4 only
C: All of the above
Q10: You have been offered a hefty bribe in return for a business favor by a vendor, which
you have rejected. Do you still need to report the incident to the Internal audit according to
the code of conduct?*
A: No, because the offer has been rejected. Moreover, maintaining a friendly relation
with our business partners is equally important according to the code of conduct
B: Yes, no matter the offer has been rejected, the incident shall still be reported to the
internal audit whatsoever.
Q11: According to the code of conduct which information can be exchanged internally
between departments?*
A: All sorts of information can be shared internally between the departments
B: Sensitive Information must only be shared with relevant business departments and
individuals
C: All sensitive information must remain within the department and must not be shared
Q12: When does a CMPak employee has to sign a code of conduct declaration, disclosing
his/her relations that are working or doing business with CMPak?*
A: At the time of joining
B: Whenever an update is necessary due to change in status
C: Both at the time of joining and whenever an update is necessary due to change in
status
Q13: You are working at CMPak for the past few years; your brother has just joined the
company as an employee in another department. What does the code of conduct direct in this
scenario?*
A: Congratulate him on assuming this position, and resign from the company
B: Ask him to resign, as you are already working here
C: Inform the management and HR about the change in the status of Code of Conduct
Declaration.
Embedded Integrity
Q14. If mitigation of a highly probable risk costs more than the damage it will induce, what
should be the best risk management strategy?*
A: Manage risk
B: Accept Risk
C: Avoid Risk
Q15. You are a manager of payables department and are on annual leaves, can you share
password of the approval module with your immediate subordinate, to approve the payments
in your absence?*
A: Yes, to avoid delays in payments password can be shared
� B: No, password cannot be shared , the approval hierarchy in the system will temporarily
be adjusted to delegate the authority
Three Important & One Big Fund- 3I1BF
Q16: Which of the following are key principles of 3I1BF decision making?*
1. Collective decision making
2. Scientific decision making
3. Democratic decision making
4. Autocratic decision making
A: 1 & 3
B: 1, 2 & 3
C: All of the above
Q17: In accordance to the 3I1BF policy what does principle of scientific decision making
implicate?*
A: Need to deploy team of technical experts for the specialized tasks
B: Need for feasibility study, investigation and survey before the decision making
C: Use of latest scientific gadgets to solve business problems
Whistle Blowing
Q18: Which of the following laws defines what constitutes corruption & corrupt practices in
greater detail, with application to general public at large?*
A: Prevention of Corruption Act 1947, Clause 5
B: National Accountability Ordinance 1999, Section 9, Clause (a)
C: Prevention of Corruption Act 1945, Clause 5
Q19. Whistle blower can choose to be anonymous?*
A: True
B: False
Q20. What are appropriate channels for Whistle blowing?*
A: Email at [email protected]
B: Email at [email protected]
C: Verbally inform member of the investigation team
D: All of the above
