B1-M1 Internal Control Frameworks Flashcards

1
Q

what is the purpose of internal control integrated framework (developed in 1992)?

A

to assist organizations assess internal control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

who is responsible for evaluating internal control procedures in a large public company?

A

independent internal audit function that reports to the governing body of the company. Ex: internal audit staff who report to the board of directors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what relationship is best describes the nature of board of directors to a company?

A

FIDUCIARY: act on behalf of and in best interest of the corporation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what are the 3 elements of the fraud triangle?

A
  1. pressure/motivation: both internal and external, creates the incentive to commit fraud
  2. opportunity: from poor internal controls, lack of duty segregation, and a weak control environment
  3. rationalization: represents the justification of actions by fraud perpetrators
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what are the 3 objectives, 5 components, and 17 principles of COSO?

A
  • 3 objectives: ORC
    1. Operating
    2. Reporting
    3. Compliance
  • 5 components: CRIME
    1. Control Environment: tone at the top - ethics
    2. Risk Assessment: FS misstated, not efficient, breaking laws
    3. Information & Communication: fair, accurate, complete, and timely FACT
    4. Monitoring: effectiveness of controls & report deficiencies
    5. Existing Control Activities: policies/procedures to mitigate risks
  • 17 principles: EBOCA SAFR OIE SOD CATP
  1. Control environment: EBOCA
    + Commitment to Ethics and Integrity
    + Board Independence and Oversight
    + Organization structure
    + Commitment to Competence
    + Accountability
  2. Risk Assessment: SAFR
    + Specify objectives
    + Identify and Analyze Risks
    + Consider potential Fraud
    + Identify and Assess changes
  3. Information and Communication: OIE
    + Obtain and use information
    + Internally communicate information
    + Communicate with External parties
  4. Monitoring Activities: SOD
    + Ongoing and/or Separate evaluation
    + Communication of Deficiencies
  5. Existing control activities: CATP
    + select and develop Control Activities
    + select and develop Technology controls
    + deployment of Policies and Procedures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

what are the 3 objectives of coso?

A

3 objectives: ORC
1. Operating: effectiveness and efficiency of entity’s operations and ensure that the assets of the organization are adequately safeguarded

  1. Reporting: focus of coso. It pertain the reliability, timeliness, and transparency of the entity’s external and internal financial and nonfinancial reporting established by regulators
  2. Compliance: ensure the entity is adhering to all applicable laws and regulations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

what are the triangle of fraud?

A
  1. incentive/pressure
  2. opportunity
  3. Attitude/rationalization
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

what are limitations of internal control?

A
  1. breakdowns in IC due to errors or human failure
  2. issues relating to suitability of entity’s objectives
  3. external events beyond control of entity
  4. collusion/circumvention
  5. management override
How well did you know this?
1
Not at all
2
3
4
5
Perfectly