BEC - B1: Internal Control Frameworks Flashcards
Why did COSO prepare the Internal Control Integrated Framework?
-In 1992, COSO issued “internal control - integrated framework” in order to assist organizations in developing assessments of the effectiveness of internatl controls. It was not related to anything from Congress or the SEC, and was not issued specifically in order to “compliment the ERM”. The ERM literature was developed in 2004, 12 years later.
Which of the following is not a critical step of the “monitoring internal control” component of the COSO framework?
- assessing and reporting the results
- designing and executing monitoring procedures that are prioritized based on risks
- increasing the reliability of financial reporting and compliance with laws and regs
- establishing a foundation for monitoring
(c) is not a correct answer. (c) increasing the reliaiblity of reporting and compliance with laws is congruent with “effective financial reporting and control”, not monitoring.
Corporation sets up a compliance program with ethics training and a hotline for anonymous reporting. What value of COSO are they emphasizing?
- Sound integrity and ethical values are developed and understood and set the standard of conduct for financial reporting?
- Management and employees are assigned appropriate levels of authority to facilitate effective IC over financial reporting?
- Management’s philosohpy and operating style support achieving effective internal control over financial reporting?
- (a) is the correct one.
- Sound integrity and ethical values go hand in hand with a corporate compliance program developed throughout different levels of the organization.
Which is correct regarding the sequence of “event identification” and “objective development” within an orgainzation?
- Event identification occurs after the development of objectives
- Event identification occurs before the development of objectives
- Event identification occurs after the development of objectives. The organization must first set its objectieves, and then events will either positively or negatively affect the achievement of these objectives
- Negative events (risks) can ONLY be identified within the context of the objectives of the organization
What are the five principles of the performance component of the COSO ERM?
- VAPIR:
- develops portfolio VIEW
- ASSESSES severity of risk
- PRIORITIZES risk
- IDENTIFIES risks
- implements risk RESPONSES
The ability of a firm / entity to withstand the impact of large-scale events refers to its:
Organizational stability.
NOT:
- risk inventory - all the risk that could possibly impact an entity
- risk profile - the composite view of the risk assumed in a specific situation, and how management develops a strategy in response to that risk
- risk capacity - the maximum amount of risk that an entity is able to absorb in the pursuit of strategy and business objectives
What’s the relationship between inherent risk and residual risk?
- Inherent risk is the risk if management does nothing to alter the likelihood/impact of a negative event.
- Residual risk is the risk leftover to an organization after management takes actions to reduce the inherent risk.
What is the relationship between risk appetite and residual risks? In relation to when an organization will not operate beyond its limits… ?
- An organization will not operate beyond the limits of its risk appetite.
- When risk appetite has been exceeded, that means the combined likelihood and impact of negative events SIGNIFICANTLY exceeds residual risks.
Sarbox of 2002 requires that officers of a corporation be held accountable to a code of ethics. According to Sarbox, codifications of ethical standards should include all of the following except:
- Honest and ethical conduct
- Compliance with laws, rules and regs
- Prompt internal reporting of code provisions, accountability for adherence to the code
- Full, fair accurate timely disclosure in periodic F/S
-C is the correct answer.
Although the SEC proposed standards for codes of ethics to include both internal reporting and accountability for adherance, Sarbox does not have this requirement specifically
-The Act specifically requires that the code provide for honest and ethical conduct, compliance with laws, and full, fair, accurate, timely disclosure in periodic financial statements
Conflict of interest provisions prevent which of the following for an issuer:
- loaning to director (personal loan) not in the ordinary course of business
- giving a director perquisite compensation
- having a director with 10% ownership of any form of equity
- having a director with 10% ownership of common stock
Disclosures are required for perquisite and 10% ownership. However, issuers are generally prohibited (you cannot) from making loans to directors or executives.
Which organization was established by Sarbox in 2002 to control the auditing profession?
PCAOB. It was created by Congress through Sarbox in 2002.
How do we calculate effective annualized percentage cost of financing?
Finance charge / loan proceeds
(finance charge = interest charged - any interest earned on mandatory checking accounts)
(loan proceeds = amount from the loan that the company actually has use of)
How do we calculate annual percentage rate on debt (“annual percentage rate of interest”)?
Finance charge / net proceeds
(charge = interest charged)
(net proceeds = what you have able to invest)
Which of the following has a higher interest rate risk? Which has a higher credit risk?
- Short term financing
- Long term financing
Short term financing has a higher interest rate risk, and a higher credit risk as well.
Short term financing results in lower interest rates, but higher risk on those rates because rates will fluctuate more dramatically for short term issues than long term ones.
Long term financing has lower credit risk (obviously) because you have more time to figure out how to repay the loan.
The required rate of return is generally computed as the RF rate of return plus a number of adjustments. Which of the following is not one of those adjustments?
- Maturity risk premium
- Credit risk premium
- Default risk premium
- Purchasing power risk premium
Credit risk premium is not one of the risk adjustments related to rate of return. Credit risk is related to the ability to obtain credit, not grant credit.
- Maturity risk premium (“interest rate risk”) is the compensation investors demand for bearing risk. Increases with the term to maturity.
- Default risk premium is additional compensation demanded for bearing the risk that an issuer of a security will fail to pay interest, or repay the principal
- Purchasing power risk premium (“inflation premium”) is the compensation required to deal with the potential for changing price levels
