BEC Deck 1-Corporate Governance & Internal Control

Question 1

SOX, in Section 407, provides that, in defining the term “financial expert” (which the SEC has done in detail), the Commission shall consider whether a person has through education and experience acquired:

Answer 1

(1) an understanding of GAAP and financial statements; (2) experience in (a) preparation of financial statements and (b) application of such principles in connection with the accounting for estimates, accruals, and reserves; (3) experience with internal accounting controls; and (4) an understanding of audit committee functions.

Question 2

Section 922 of Dodd Frank amended an SEC bounty program that predated SOX to require the Commission, in any case where it imposes sanctions in excess of $1 million to what:

Answer 2

Compensate whistleblowers who voluntarily provide original info leading to successful enforcement of the action with between 10% and 30% of the sanctions imposed.

Question 3

Preventive controls-“before the fact” controls-

Answer 3

Attempt to stop an error or irregularity before it occurs.

Question 4

Detective controls-“after the fact” controls-

Answer 4

Attempt to detect an error after it had occurred.

Question 5

Corrective Controls-

Answer 5

Always paired with detective controls and they attempt to reverse the effects of the observed error or irregularity.

Question 6

Feedback Controls-

Answer 6

Evaluate the results of a process and, if the results are undesirable, adjust the process to correct the results. Most detective controls are also feedback controls.

Question 7

Feed-Forward Controls-

Answer 7

Project future results based on current and past info and, if the future results are undesirable, change the inputs to the system to prevent the outcome.

Question 8

General Controls-

Answer 8

Controls over the environment as a whole. They apply to all functions, not just specific accounting applications. General controls help ensure that data integrity is maintained.

Question 9

Application Controls-

Answer 9

Controls over specific data input, data processing, and data output activities. Designed to ensure the accuracy, completeness, and validity of transaction processing.

Question 10

The 5 fundamental components of internal control:

Answer 10

1)Control Environment 2)Risk Assessment 3)Information & Communication 4)Monitoring & 5) Control Activities

Question 11

Control Enviroment-

Answer 11

Management’s philosophy toward controls, organizational structure, system of authority & responsibility, personnel practices, policies, & procedures. This is the core or foundation of any system of internal control.

Question 12

Risk Assessment-

Answer 12

The process of identifying, analyzing, & managing the risks involved in achieving the organization’s objectives.

Question 13

Info & Communication-

Answer 13

Systems that enable an organization’s people to identify, process, & exchange the info needed to manage & control operations.

Question 14

Monitoring-

Answer 14

In order to ensure the ongoing reliability of information, it is necessary to monitor & test the system & it’s data.

Question 15

Control Activities-

Answer 15

The policies & procedures that ensure that actions are taken to address the risks related to the achievement of management’s objectives.

Question 16

The 3 fundamental objectives of a system of internal control are:

Answer 16

1)Operations 2)Reporting 3) Compliance

Question 17

17 COSO Principles of Internal Control fall under these 5 headings:

Answer 17

1)Control Enviroment 2)Risk Assessment 3)Control Activities 4)Information & Communication 5)Monitoring Activities

Question 18

Control Environment Principles-5

Answer 18

1)integrity & ethical values 2)board of directors 3)Management 4)Competence 5)Accountability

Question 19

Risk Assessment Principles-4

Answer 19

1)Organization Objectives 2)Assessment 3)Fraud 4)Change Management

Question 20

Control Activities Principles-3

Answer 20

1)Risk Reduction 2)Technology Controls 3)Policies

Question 21

Information & Communication Principles-3

Answer 21

1)Quality 2)Internal 3)External

Question 22

Monitoring Activities Principles-2

Answer 22

1)Ongoing & Periodic 2)Address Deficiencies

Question 23

According to COSO ERM, the goals of risk management include:

Answer 23

1)Aligning risk appetite & strategy 2)Improving risk responses 3)Reducing operational surprises & losses 4)Identifying & Managing multiple & cross-enterprise risks 5)Seizing opportunities 6)Improving capital deployment

Question 24

The expected value of a loss is:

Answer 24

The likelihood of the loss, multiplied by the amount of a loss, should one occur

Question 25

4 critical activities related to internal control, which should be separated to lessen fraud risks:

Answer 25

1)Authorizing events 2)Recording events 3)Safeguarding resources related to events(custody) 4)Reconciling, overseeing & auditing