Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CPA-BEC > B1: Corporate Governance - Enterprise Risk Management > Flashcards

B1: Corporate Governance - Enterprise Risk Management Flashcards

1
Q

COSO - ERM general information?

A

In 2004 COSO issued ERM - Integrated Framework
Focus on: overall strategy & balance risk and return
1. Determine uncertainty
2. Deal with uncertainty
3. Balance risk and return

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is ERM?

A

ERM is designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are the themes of ERM?

A
  1. Aligning risk appetite and strategy
  2. Enhancing risk response
  3. Reducing operational surprises and losses - event identification
  4. Identifying and managing multiple and cross-enterprise risks - common risks
  5. Seizing the opportunities - better capitalization opportunities
  6. Improving deployment of capital - effectiveness and efficiency of capital investment
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are the enterprise objectives defined by ERM? - Four objectives - Compare with COSO internal control framework objectives (Memorize!!!)

A 
The "SORC":
S: Strategic - high-level goals designed to achieve the mission
O: Operations - effective and efficient
R: Reporting - reliable and consistent
C: Compliance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Illustration of ERM Components: What are the components of ERM? - Eight components - Compare with 5 components of internal control (Memorize!!!)

A

“IS EAR AIM”
ERM is broader in scope: beyond just financial reporting objectives.
I: Internal environment (C of CRIME - Control environment)
S: Setting objectives - “SORC”

E: Event identification (R of CRIME - Risk assessment)
A: Assessment of risk (R of CRIME - Risk assessment)
R: Risk response (R of CRIME - Risk assessment)

A: Control activities (E of CRIME)
I: Information and communication (I of CRIME)
M: Monitoring (M of CRIME)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Illustration of ERM Components: What does the ERM internal environment refer to? - C of CRIME under internal control framework (Memorize!!!)

A 
Tone at the top - "EBOCA" HR:
E: Ethics and integrity
B: Board oversight
O: Organizational structure
C: Commitment to competence
A: Accountability

H: Human resources standards - hire, train, evaluate, compensate, promote
R: Risk Appetite

Risk philosophy: aggressive or conservative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Illustration of ERM Components: What does the objective setting refer to under ERM?

A

The “SORC”

Selected objectives - align with risk appetite
Risk appetite - balance
Risk tolerance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Illustration of ERM Components: What does event identification refer to under ERM? - R of CRIME

A
  1. Identify internal and external risks
  2. Identify both negative risks and positive opportunities
  3. Techniques: workshops and brainstorming
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Illustration of ERM Components: What does risk assessment refer to under ERM? - R of CRIME also A of EAR

A
  1. Inherent risk and residual risks
  2. Probability and severity
  3. Techniques:
    - Benchmarking: industry standards
    - Probabilistic: statistical data, more objective (historical)
    - Non-probabilistic: opinions (outcome of lawsuit)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Illustration of ERM Components: What does risk response refer to under ERM? - R of CRIME also R of EAR

A

Align with the organization’s overall risk appetite:

  1. Avoidance
  2. Reduction (mitigate) : invest
  3. Sharing (transferring): insurance
  4. Acceptance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Illustration of ERM Components: What do control activities refer to under ERM? E of CRIME

A 
Refer to policies and procedures
Types of control activities:
- Top-level reviews: variance analysis
- Direct function/Activity management: performance reports
- Information processing
-Physical controls: assets
- Performance indicators: "red flags" & ratio analysis
- Segregation of duties
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Illustration of ERM Components: : What does information and communication refer to under ERM? I of CRIME and also I of AIM

A
  1. Internal and external communications

2. Information quality: “FACT”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Illustration of ERM Components: What does monitoring refer to under ERM? - M of CRIME and also M of AIM

A
  1. Ongoing monitoring (dictated by risk): verify effective operation of controls
  2. Separate evaluations - internal audit staff
  3. Reporting deficiencies - through normal chain or “fraud”
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does “effectiveness” ERM mean?

A
  1. IS EAR AIM must be present and functioning
  2. No material weakness
  3. Significance of effective ERM: reasonable assurance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are limitations of ERM?

A
  1. Subject to human judgement
  2. Errors
  3. Management override
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CPA-BEC (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions