Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

BEC I and II > 1. Internal Control Framework > Flashcards

1. Internal Control Framework Flashcards

1
Q

What does COSO stand for?

A

Committee of Sponsoring Organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Who created COSO?

A

Fiver organization:
AICPA, The Institute of Internal Auditors, the Institute of Management Accountants, the American Accounting Association, the Financial Executive Institute.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

When and Why COSO created?

A

In 1987 to develop an integrated internal control model.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are 4 COSO contents?

A

the COSO integrated framework.
Internal control - Integrated framework.
Enterprise Risk Management (ERM) - integrated framework.
COSO elements from additional documents, relating to recent changes in IT.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The original COSO cube: what is internal control?

A
  1. Control environment (core, management philosophy, organizational structure, system of authority, personnel practices, policies, procedures)
  2. Risk assessment (identify, analyze, manage risks)
  3. Information and communication
  4. Monitoring
  5. Control activities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

The original COSO cube: Why do we have IC?

A

Operation (effectiveness/efficiency), Reporting (reliability), Compliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The original COSO cube: Where do we have IC?

A

Entity, division, operating unit, function

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The original COSO cube: what are 4 types of why?

A

Financial and Non-financial, External and internal.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

The original COSO cube: what are 3 examples of external financial reporting?

A

Annual FS, Interim FS, Earning Release

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The original COSO cube: what are 3 examples of external non-financial reporting?

A

IC, Report sustainability report, Supply chain/custody assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The original COSO cube: what are 3 examples of internal financial reporting?

A

Divisional financial reporting, cash flow/budget, bank covenant calculations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The original COSO cube: what are 4 examples of internal non-financial reporting?

A

Staff/asset utilization, customer satisfaction survey, key risk indicator dashboards, board reporting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are 5 principles of control environment?

A
  1. A commitment to integrity and ethical values - management.
  2. Board of directors operate independent of management, oversees IC
  3. Management establishes structures, reporting lines, authorities, responsibilities, including those outsourced service providers.
  4. Competence
  5. Accountability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are 4 principles of Risk assessment?

A
  1. Objectives
  2. Assessment
  3. Fraud
  4. Change management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are 3 principles of control activities?

A
  1. Risk reduction
  2. Technology controls
  3. Policies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are 3 principles of information and communication?

A
  1. Quality
  2. Internal
  3. External
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are 2 principles of monitoring activity?

A
  1. Ongoing and periodic

2. Address deficiencies

18
Q

What are 6 limitations of IC?

A
  1. Unsuitable management objectives
  2. Dependence on people
  3. Management override
  4. Collusion
  5. External event beyond control
  6. Inherent limitations
19
Q

What are 3 types of IC deficiencies?

A
  1. Control deficiency (in design or operation)
  2. Significant deficiency
  3. Material weakness
20
Q

What are 3 categories of controls?

A
  1. Preventive, detective, and corrective control
  2. Feedback and feed-forward controls
  3. General controls and application controls
21
Q

Who are 4 responsible parties for IC?

A
  1. The board of directors: oversight
  2. Managers
  3. Support functions
  4. Internal auditors.
22
Q

Who is responsible for oversight?

A

The board of director and audit committee

23
Q

To whom belongs ownership of IC?

A

Senior management, including CEO and FRO

24
Q

Who are support function personnels?

A

Personnel in law, compliance , risk management, IT

25
Q

Who evaluates IC? What are 2 important attributes for these people?

A

Evaluators.

Competence and objectivity.

26
Q

What are 3 levels of monitoring?

A
  1. Board monitoring
  2. Self-assessment
  3. Self-review
27
Q

What are 6 items in the nature or quality of control?

A
  1. Control objectives
  2. Compensating control
  3. Deficiency
  4. Key controls
  5. Key performance indicators
  6. Key risk indicators - forward looking metrics
28
Q

What are 6 elements of successful KRIs?

A
  1. Based on established practices/benchmark
  2. Consistent across organization
  3. Unambiguous
  4. Comparable over time and across organization
  5. Timely
  6. Efficient
29
Q

What are 2 types of information re: quality of evidence in IC?

A

Direct and indirect

30
Q

What are 7 characteristics of quality of evidence in information?

A

Persuasive, relevant, reliable, sufficient, suitable, timely, verifiable.

31
Q

What are 4 example method for reviewing control process?

A
  1. Review
  2. Benchmark assessment
  3. Questionnaires
  4. Focus groups and interview
32
Q

What are 5 examples of risk consideration?

A
  1. Materiality
  2. Significant change
  3. Areas of previous errors/irregularities
  4. High turnover of key personnel
  5. Previous issues identified by self-assessment
33
Q

What are 3 control monitoring process?

A
  1. Establish a foundation
  2. Design and execute
  3. Assess and report
34
Q

What is change control?

A

The process used to request, review, specify, plan, approve, implement, monitor changes to a system. Ensure implemented changes are structured, planned, and managed.

35
Q

COSO: What does control activity relate to?

A

risk reduction, technology controls, and policies.

36
Q

COSO: What does control environment relate to?

A

establishing integrity and ethical values in the organizational culture.

37
Q

COSO: What does monitorting relate to?

A

establishing ongoing and periodic evaluations, and addressing control deficiencies,

38
Q

COSO: What does risk assessment relate to?

A

organizational objectives, risk assessment, fraud, and change management.

39
Q

COSO: what does information and communication relate to?

A

proper measurement

40
Q

Where does the level of suitability derived from?

A

Suitability and sufficiency.

41
Q

What are 3 elements of suitable information?

A

relevant (i.e., fit for its intended purpose), reliable (i.e., accurate, verifiable and from an objective source), and timely (i.e., produced and used in an appropriate time frame)

42
Q

What are 2 elements of reliable information?

A

Accurate and verifiable.

BEC I and II (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions