2. Corporate Governance

Question 1

Board of Directors

Answer 1

Must act as a group
Fiduciary duty to corp (best interest)
1. Hire/fire mgmt and officers
2. Dividend policy
3. Buy back Treasury stock
4. General operations (main/big decisions)
5. Budget approval, loan/financing
6. Need 3 committees: Audit, compensation, nomination

Question 2

Officers (management)

Answer 2

Day to day operations

Agent of corp

Question 3

Shareholders

Answer 3

Vote in BoDir

Question 4

Audit Commitee

Answer 4

Members of board
Hire/fire auditor
Auditors report to committee
Need one financial expert (GAAP, internal acct controls)

Question 5

Nominating Committee

Answer 5

Pick officers (CEO, COO, etc)
Explain why/why not CEO is a Board member (or not)

Question 6

Compensation Committee

Answer 6

How to pay officers (fixed, incentives)
Dodd-Frank:
1. Shareholders vote on pay
2. Must be independent
3. Disclose fixed vs incentive use
4. Clawback of bonuses

Question 7

Internal Auditors

Answer 7

Report to audit committee
Must be competent and objective
Not independent (can’t be cuz work there)

Question 8

External Auditor

Answer 8

Must be independent
Stay confidential
Partner rotation - 5 years
Communicate with audit committee

Question 9

In order to comply with a director’s duty of loyalty to a corp, what actions should be taken when presented with a corporate opportunity?

• Reject it and don’t offer it to the corp
• Accept it and don’t offer it to the corp
• Accept it and disclose it to the corp
• Offer it to the corp and accept if they reject

Answer 9

-Offer it to the corp and accept if they reject

Question 10

What is a member of the board’s relationship to the company?

• Agent
• Executive
• Fiduciary
• Representative

Answer 10

-Fiduciary

Question 11

In a large public corp, evaluating internal control procedures is a responsibility of:

• Accounting management staff, reporting to CFO
• Internal audit staff, reporting to BoD
• Operations management staff, reporting to COO
• Security mgmt staff, reporting to chief facilities officer

Answer 11

-Internal audit staff, reporting to BoD (more specifically the audit committee)

Question 12

Which is necessary to be an audit committee financial expert?

• Limited understanding of GAAS
• Education and experience as a financial planner
• Experience with internal accounting controls
• Experience preparing tax records

Answer 12

-Experience with internal accounting controls

Question 13

A CEO or CFO who misrepresents a companies finances may be penalized with:

• Fine, not imprisonment
• Imprisoned, not fined
• Removed from office and fined
• Fined and imprisoned

Answer 13

-Fined and imprisoned

Question 14

Which is correct regarding the issuers audit committee financial expert?

• Current outside CPA firm partner must be the expert
• If there is not an expert, they must disclose why
• The expert must have experience in the industry
• Must also be the audit committee chair

Answer 14

-If there is not an expert, they must disclose why

Question 15

PCAOB AS-5: Internal control standards

Answer 15

CEO/CFO sign off on it

Auditors look at them and give opinion

Question 16

Internal Control: ACE

Answer 16

Accurate, Reliable, GAAP F/S
Compliance with laws
Effectiveness and efficiency

Question 17

COSO: CRIME

Answer 17

Control ENVIRONMENT: Tone at top, oversight, authority, responsibility, competency (CHOPPER)
RISK Assessment: identify/analyze risk
CONTROL Activities: ARCCS (procedures and controls)
INFORMATION/communication: relevant, internal/external communication
MONITORING: ongoing/separate evaluations, then fix

Question 18

Control Environment: CHOPPER (most important according to COSO)

Answer 18

Commitment to competency 
Human resources policies
Organizational structure, hierarchy
Philosophy and style of mgmt
Participation of BoD, Audit committee
Ethics and Integrity
Responsibility and authority assigning

Question 19

Control Activities: ARCCS

Answer 19

Authorized transactions
Recorded properly
Custody of assets is limited
Comparison of book to physical
Segregation within these

Question 20

Limitations of Internal Controls (COCO)

Answer 20

Collusion
Override by management
Competency- errors, mistakes (cost/benefit constraints)
Obsolescence - change in operations or size

Question 21

Which isn’t a component of internal control?

• Control Risk
• Control Activities
• Monitoring
• Control Environment

Answer 21

-Control Risk

It is “Risk Assessment”

Question 22

According to COSO, the use of ongoing and separate evaluations to identify and assess changes in internal control effectiveness can be accomplished in which of the following stages of the monitoring-for-change continuum?

• Control baseline
• Change identification
• Change management
• Control revalidation/update

Answer 22

Change identification

M4C: Baseline, Identification, Management, Revalidation

Question 23

Which is the most effective method to transmit a message of ethical behavior throughout an organization?

• Demonstrate by example
• Strengthen internal audit’s ability to deter behavior
• Remove pressures for unrealistic targets
• Specify the competence levels for all jobs

Answer 23

-Demonstrate by example

Question 24

Which is designed to ensure that internal controls continue to operate effectively?

• Control environment
• Risk assessment
• Information and communication
• Monitoring

Answer 24

-Monitoring

Question 25

An effective approach to monitoring internal controls involves each of the following steps, except:

• Establishing a foundation for monitoring
• Increasing reliability of financial reporting and compliance with applicable laws and regulations
• Designing and executing monitoring procedures that are made to achieve org goals
• Assessing and reporting the results, including following up on corrective action

Answer 25

-Increasing reliability of financial reporting and compliance with applicable laws and regulations
This would be developing controls, not monitoring

Question 26

There is a lack of segregation of duties within the application environment, with programmers having access to development and production without monitoring or a quality assurance function. This is considered a deficiency in:

• Change control
• Management override
• Data integrity
• Computer operations

Answer 26

-Change control
This is part of your ARCCS
Data integrity: would be from something coming in

Question 27

8 Components of Enterprise Risk Mgmt (basically expansion of CRIME)

Answer 27

Internal Environment: tone at top, chopper, ethics/ integrity
Objective Setting: Operating objectives, Reporting objective, compliance objectives
Event Identification: internal/external events with opportunities or threats
Risk Assessment: B/S approach, process approach, event identifier approach
Risk Response: Accept (do nothing), share (joint), reduce, avoid
Control Activities: ARCCS
Info & Communication:
Monitoring: effective or ineffective: design and implement changes

Question 28

Inherent vs residual risk

Answer 28

Inherent - risk if no action is taken

Residual- risk that remains if action and controls are taken

Question 29

Which is one of the 8 components of COSO’s ERM framework?

• Operations
• Reporting
• Monitoring
• Compliance

Answer 29

-Monitoring

Question 30

A manufacturer is relocating its production facilities because of difficulty sourcing raw materials where they are. This is what kind of response to risk?

• Risk reduction
• Prospect theory
• Risk sharing
• Risk acceptance

Answer 30

-Risk reduction

Question 31

Each of the following is a limitation of ERM except:

• ERM deals with risk, which relates to the future and is uncertain
• ERM changes with different objectives
• ERM can provide absolute assurance for objectives
• ERM is as effective as the people implementing it

Answer 31

-ERM can provide absolute assurance for objectives

REMEMBER THIS WAS AN EXCEPT QUESTION!

Question 32

According to COSO which component of ERM addresses an entity’s integrity and ethical values?

• Information and communication
• Internal (control) environment
• Risk assessment
• Control activities

Answer 32

-Internal (control) environment

Tone at the top, integrity, ethics