Acronyms and Lists BEC- IMPORTANT COSO stuff

Question 1

Porter identified 3 general business strategies. What are they?

Answer 1

Cost leadership, Differentiation, Focus

Question 2

5 components of COSO ERM are:

Answer 2

Acronym GOPRO

• Governance and culture
• strategy and Objective setting
• Performance
• Review and revision
• Ongoing - Information, communication,
  and reporting.

Question 3

5 Principles of COSO ERM Governance and Culture:

DOVES

Answer 3

Acronym DOVES

-Defines desired culture
-Oversight (exercises board oversight)
-Values (demonstrates commitment to core
values)
-Employees (attracts, develops, and retains
capable individuals.
-Structure (establishes operating structure)

Question 4

What are the 5 key components of COSO’s internal control framework ?

Hint: CRIME

Answer 4

C.R.I.M.E.
The five components of COSO are often referred to by the acronym C.R.I.M.E:

• Control environment
• Risk assessment
• Information and communication
• Monitoring activities
• Existing control activities

Question 4

What are the 5 Principles related to the CONTROL ENVIROMENT in COSO’s internal control framework?

Hint: EBOCA

Answer 4

1. Ethics and integrity (commitment)
2. Board independence and oversight
3. Organizational Structure (segregation)
4. Competence (Employees / commitment)
5. Accountability

Question 5

What are the 3 categories of objectives within the COSO framework?

Answer 5

hint: Remember ORC

1.Operations Objectives (relate to effectiveness and efficiency)

2. Reporting Objectives (pertains to reliability, timeliness and transparency of all reports required by regulators).
3. Compliance Objectives (established to ensure the entity follows laws and regulations)

Question 6

Porters 5 forces ?

Answer 6

Competition in the industry
Potential of new entrants into the industry
Power of suppliers
Power of customers
Threat of substitute products

Question 7

Principles of COSO ERM Strategy & Objective setting?

hint SOAR

Answer 7

• Strategies evaluated
• Objectives of business context
• Analyzes business context
• Risk appetite defined

Question 8

Principles of COSO ERM Performance?

hint VAPIR

Answer 8

VIEW - develops portfolio View
Assesses severity of risk
Prioritizes risk
Identifies risks (events)
Responses - implements risk Response

Question 9

Principles of COSO ERM Review and Revision?

Hint SIR

Answer 9

Substantial - assesses Substantial change

Improvement - pursues Improvement in Enterprise Risk Management

Reviews risk and performance

Question 10

Principles of COSO ERM (Ongoing) Info, Communication, and Reporting?

hint TIP

Answer 10

Technology - Leverages information & Technology

Information - Communicates risk Information

Performance -Reports on risk, culture, & performance.

Question 11

What are the principles of COSO internal control’s Risk Assessment?

hint SAFR

Answer 11

Specify Objectives (Identify)

Assess changes

Fraud Potential Consideration

Risk Analysis (management)

Question 12

What are the principles of COSO internal control’s Information and Communication?

hint OIE

Answer 12

OBTAIN and use info -FACT (fair/accurate/complete/timely)

INTERNALLY communicate information

EXTERNAL party communication

Question 13

What are the principles of COSO internal control’s Monitoring?

hint SOD

Answer 13

Separate communications

Ongoing communication

Deficiencies communicated

Question 14

What are the 5 principles of COSO internal control’s Existing Controls?

hint CAT P

Answer 14

C/A - Control Activities (select & develop)
T - Technology Controls (select & develop)
P - Policies and procedures (deploy)