BEC 1 - Corporate Governance Flashcards
3 objectives within the COSO framework/of an internal control (ORC)
1) Operations - ensuring the efficiency and effectiveness of operations, and also ensuring assets are safeguarded
2) Reporting - ensuring the reliability, timeliness, and transparency of an entities internal and external financial and non financial reporting
3) Compliance - adhering to all laws and regulations
5 components of internal control (CRIME)
1) Control Environment - tone at the top
2) Risk Assessment - FS misstated, not efficient, breaking the law
3) Information and communication - Fair, Accurate, Complete, Timely
4) Monitoring - Effectiveness of controls and report deficiencies
5) (Existing) Control Activities - Policies and procedures to mitigate risks
Principles related to the Control Environment (EBOCA)
1) commitment to Ethics and integrity
2) Board independence and oversight
3) Organizational structure - establishing reporting lines
4) Commitment to Competence
5) Accountability - establishing performance measures and incentives
Principles related to Risk Assessment (SAFR)
1) Specify objectives
2) identify and Assess changes - in external environment, business model, leadership, etc
3) consider potential for Fraud
4) identify and analyze Risks - determine how risks should be managed
Principles related to Information and Communication (OIE)
1) Obtain and use information - use relevant, high quality information
2) Internally communication information
3) communicate with External parties
Principles related to Monitoring (SO D)
1) Separate and Ongoing evaluations - components of internal control are present and functioning
2) communication of Deficiencies
Principles related to Existing Control Activities (CATP)
1) select and develop Control Activities
2) select and develop Technology controls
3) deployment of Policies and Procedures
General Requirements for an effective system of internal controls
All five components and 17 principles that are relevant to be both PRESENT and FUNCTIONING
- Present: components and relevant principles are included in the design and implementation of the internal control system
- Functioning (operating effectively): components and relevant principles are currently operating as designed in the internal control system
Specific Requirements for an effective system of internal controls
Must have reasonable assurance that ORC objectives are being achieved
COSO framework guidance on what to DOCUMENT (COPS)
1) Overall assessment
2) Component evaluation
3) Principal evaluation
4) Summary of internal control deficiencies
Common risks identified using the COSO framework
- Material omission or misstatement (unintentional)
- Fraud
- Management override
- Illegal acts: violation of government regulations
Develop value through ERM (CPER)
- value Creation
- value Preservation
- value Erosion
- value Realization
5 components of ERM (GO PRO)
1) Governance and culture
2) strategy and Objective-setting
3) Performance
4) Review and Revision
5) Ongoing information, communication and reporting
Principles related to Governance and Culture (DOVES)
1) defines Desired culture
2) exercises board Oversight
3) demonstrates commitment to core Values
4) attracts, develops and retains capable Employees
5) establishes operating Structure
Principles related to Strategy and Objective Setting
1) evaluates alternative Strategies
2) formulates business Objectives
3) Analyzes business context
4) defines Risk appetite
