B1 - Corporate Governance and Financial Risk Management Flashcards
What are the five components of Internal Control?
CRIME!
C = Control Environment.
R = Risk Assessment.
I = Information and communication.
M = Monitoring.
E = Existing Control Activities.
What are the 5 principles related to the control environment component?
BOCCA!
1. Board Independence and Oversight. POF: Establishing oversight reponsibilities.
2. Organizational Structure. POF: Establishing reporting lines.
3. Commitment to Competence. POF: Hire, retain, develop and train competent employees.
4. Commitment to Ethics and Integrity. POF: Setting tone at top.
5. Accountability. POF: Establishing performance reviews, incentives and rewards.
What are the 4 principles related to the Risk Assessment component?
SICI!
1. Specify Objectives. POF: Identifying objectives that reflect mgmt’s choices, while being compliant.
2. Identify and Analyze Risks. POF: Analyzing internal and external factors.
3. Consider Potential for Fraud. POF: Assessing fraud triangle.
4. Identify and Assess Changes. POF: Assessing external changes and business changes.
What are the 3 principles related to the Information and Communication component?
OCI!
1. Obtain and Use Information. POF: Identifying and defining info requirements for internal control.
2. Communicate With External Parties. POF: Mgmt with open communication channels.
3. Internally Communicate Information. POF: Flow of info up and down,
What are the 2 principles related to the Monitoring Activities component?
OC
1. Ongoing and/or Separate Evaluations. POF: Establishing a baseline.
2. Communication of Deficiencies. POF: Monitoring corrective actions.
What are the 3 principles related to the Existing Control Activities component?
DSS!
1. Deployment of Policies and Procedures. POF: Establishing responsibilities and accountability.
2. Select and Develop Control Activities. POF: Integrating with risk assessment when selecting activities.
3. Select and Develop Technology Controls. POF: Include determining dependencies between the use of tech and establishing relevant tech for control activities.
What is the fraud triangle?
The fraud triangle represents the 3 primary factors that lead to fraud in the workplace:
1. Incentive/Pressure.
2. Rationalization.
3. Opportunity.
What is the nature of the relationship between the BOD and the company?
Fiduciary - It has a responsibility to safeguard the company.
What should be done when monitoring at top level management becomes difficult due to business growth?
Move the monitoring to lower levels.
What is ERM?
The culture, capabilities and practices, integrated with strategy-setting performance, that organizations rely on to manage risk in creating, preserving, and realizing value.
What are the two words in ERM that are linked together?
Core Values = Culture
What are the components of ERM?
GO PRO!
G = Governance and Culture.
O = Objective Setting and Strategy.
P = Performance.
R = Review and Revision.
O = Ongoing Information, Communication and Reporting.
What are the 5 principles related to the Governance and Culture component?
DOVES!
D = Defines Desired Culture.
O = Oversight (Excercises Board Oversight).
V = Values (Commitment to Core Values).
E = Employees (Capable).
S = Structure (operating) is Established.
What are the 4 principles related to the Objective Setting and Strategy component?
SOAR!
S = Strategies (Alt) are Evaluated.
O = Objectives (Bus) are Formulated.
A = Analyzes Bus Context.
R = Risk Appetite is Defined.
What are the 5 principles related to the Performance component?
VAPIR!
V = View; Develops Portfolio View.
A = Assesses Severity of Risk.
P = Prioritizes Risk.
I = Identifies Risk.
R = Risk; Implements Risk Responses.
What are the 3 principles related to the Review and Revision component?
SIR!
S = Assesses Substantial Changes.
I = Improvement in ERM.
R = Reviews Risk and Performance.
What are the 3 principles related to the Ongoing Information, Communication and Reporting component?
TIP!
T = Leverages Info Technology.
I = Communicates Risk Information.
P = Reports on Risk, Culture and Performance.
What is value preservation?
A company’s ability to maintain market share with high customer satisfaction and sustained profitability.
What are the 5 responses to risk under COSO ERM?
APRAS!
A = Acceptance: No action is taken to change the risk.
P = Pursue: Accepts the increased risk to improve performance.
R = Reduce: Action is taken to reduce risk.
A = Avoid: Action is taken to remove risk.
S = Share: Action is taken to reduce risk by outsourcing. i.e. Insurance.
What are the 3 risks that are considered part of risk assessment under COSO ERM?
- Inherent.
- Actual Residual.
- Target Residual.
When does event identification happen?
After the development of the objectives. Must know objectives first so we can assess which events willl impact the achievement of objectives.
When does a company exceeds its risk appetite?
When the likelihood and impact of negative events > residual risk.
What is inherent risk?
When management doe nothing to alter the likelihood or impact of a negative event.
What is residual risk?
The risk that is left to an organization after management takes actions to reduce the likelihood or impact of a negative event.
What is organizational sustainability?
The ability of an entity to withstand the impact of large-scale events.
How do you rank risk?
Likelihood % * Severity
Greater to lower.
What is the formula for Net Benefit?
Net Benefit = Potential loss * (Overall Threat % - Risk of loss).
What’s the big no-no for officers and directors when it comes to conflict of interest?
Accepting a personal loan.
What is the one thing that SOX does not provide?
Provide transparency on adequacy of internal controls.
What is a financial expert?
A person that has education/experience as an auditor or finance officer, and has an understading of:
1. GAAP.
2. Application of GAAP.
3. Internal Controls.
4. Understanding of Audit Committee Functions.
Per SOX, what provisions should the code of ethics include?
- Provisions for compliance w/ law, rules, and regs.
- Provisions for full, accurate, and timely disclosure in periodic FS.
- Provisions for honest and ethical conduct.
What is the 3-way match?
A vital control in the expenditure process.
It includes:
1. Receiving Report.
2. PO.
3. Supplier Invoice.
What is a picking ticket?
A list provided to the WH showing items and qty that needs to be picked and packaged for shipping.
What are the key business processes?
- Revenue process.
- Expenditure process.
- HR & Payroll process.
- Manufacturing process.
- Finance and Reporting process.
What is a Flowchart?
Flowcharts visualize not only the logical flow of data through a process but also the physical aspects of that flow.
What’s the difference between a Flowchart and a Data Flow Diagram?
Flowcharts show the physical aspects of a flow, and a Data Flow Diagram does not.
What is Cross-Footing?
A check on columns or rows!
What is Input Validation?
Ensures batch processing is done in a complete and accurate manner utilizing record counts and batch totals.
What is Data Matching?
Data matching works to mtch multiple items before processes are executed.
What is Sequence Check?
The process of having prenumbered documents and verifying that no documents or transactions are missing.
What are the Revenue process docs?
- Sales order.
- Pick ticket.
- Packing slip.
- B/L.
- Sales invoice.
- Receipt.
- Remittance advice.
What are the Expenditure process docs?
- Purchase requisitions.
- PO.
- Receiving report.
- Supplier invoice.
- Voucher.
What are the HR & Payroll process docs?
- Time card.
- Register.
- Paycheck.
- Earnings statement.
What are the Manufacturing process docs?
- Bill of materials.
- Production instructions.
- Production schedule.
- Production order.
What are the Finance and Reporting process docs?
- GL.
- TB.
- Bank statements.
- FS.
- Management reports.
What are the financial risks available?
DIMPL!
1. Default Risk.
2. Interest Rate Risk.
3. Market Risk.
4. Purchasing Power Risk.
5. Liquidity Risk.
What is Default Risk?
Risk that your debtors won’t pay you back.
What is Interest Rate Risk?
Risk of a fluctuating Interest Rate.
What is Market Risk?
Risk of fluctuating FMV.
What is Purchasing Power Risk?
Risk of fluctuating prices in assets and real estate.
What is Liquidity Risk?
Risk to sell inventments w/o significant price changes.
What is Price Risk?
Risk of decline in value of securities.
What is Back Testing Analysis?
A simulation model with past data to compare PREDICTED losses with ACTUAL results.
What are the risk types?
DUNS!
D = Diversifiable Risk.
U = Unsystematic Risk. (Nonmarket)
N = Nondiversifiable Risk.
S = Systematic Risk. (Market).
What’s the diff between put and call?
Remember from FAR:
Put = Sell.
Call = Buy.
What is risk averse behavior?
The more risk the more ROI.
What is risk seeking behavior?
Reduced return for higher risk.
What is risk indifferent behavior?
IDGAF about risk.
What is business risk?
All your eggs in one basket (equity financing).
What is the effective rate formula?
Annual interest / Net cash available
What is default risk premium?
The additional comp to withstand risk bc they can’t pay me back.
What are nominal dollars?
(1 + Inflation rate) * real dollars
How is effective percentage cost calculated?
(Original Issue Discount + Transaction costs) / Loan Amount
What is Original Issue Discount?
Face value - Value Paid
What do freely fluctuating exchage rates do?
They correct a lack of equilibrium in the balance of payments.
What is the economic exposure to exchange rate risk rule?
FX down, Dom up = In: Loss Out: Gain.
FX up, Dom down = In: Gain Out: Gain.
What are the risk exposure categories?
- Transaction Exposure = Potential econ loss from transactions.
- Economic Exposure = Potential fluctuation in PV.
- Translation Exposure = Potential BS Items change in value.
When should I take a short position?
When I sell goods and I expect payment in a foreign currency.
What is Risk Profile?
The collective view of different risks.
What is Risk Capacity?
The amount of risk an entity can absorb to meet their strategies and objectives.
What is Risk Appetite?
The amount of risk that you’re willing to accept to obtain value.
What is Risk Inventory?
A list of all risks that could impact you. Just like a regular inventory, but with risk.
When does identification of events occur?
Before risk assessment, and after objective setting.
What is the Required Rate of Return formula?
RF + Inflation Premium + Financial Risks.
What is Economic Exposure?
The potential that PV of Cash Flows would go up or down as a result of FX.
