Chapter 6 - Risk Management + Internal control Flashcards

1
Q

Types of internal control:

A
  • Financial or non-financial (both qualitative and quantitative)
  • Prevent, detect, correct and direct
  • Input, process, output
  • Outsourcing
  • Service level agreements
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Financial control:

A
  • Budgets
  • Standard costing
  • Investment appraisal techniques
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Non-financial control:

A
  • Quantitative = KPIs and appraisal

* Qualitative = structure charts, codes of conduct and procedures manuals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Prevent, detect, correct and direct:

A
  • Prevents controls = stop risk from occurring in the first place (not paying invoice until matched with a valid order and GRN)
  • Detect controls = retrospective and identify risks once occurred (bank reconciliations)
  • Correct controls = reduce impact of errors (keeping back-up copies)
  • Direct controls = guide behaviour (training)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Input, process and output controls:

A
  • Input controls = what goes into a process (sourcing materials at best price and quality)
  • Process controls = process itself (optimal performance)
  • Output controls = outputs have met required standards
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Outsourcing:

A
  • Ad hoc = outsourcing short-term skills gap
  • Project management = installation of new system
  • Partial = no. of services is outsourced
  • Total = third party provides entire service/ function
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Service level agreements:

A
  • Series of minimum standards

* Typically, will include: timescale, service levels, change process and exit route

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Responsibilities of treasury functions:

A
  • Relationship with banks
  • Liquidity management
  • Borrowing activities and interest rate management
  • Funding arrangements such as equity issues
  • Currency management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Control activities:

A
  1. Authorisation:
    * Approvement of transactions by appropriate person
  2. Information processing:
    * General IT controls = policies and procedures for many applications
    * Application controls = processing of individual applications
  3. Performance review:
    * Review and analysis of actual performance vs. budget
    * Analysing relationships and investigating difference
    * Comparing internal data with external sources of information
    * Review of functional/ activity performance
  4. Physical controls:
    * Physical security of assets
    * Authorisation for access to computer programs and data files
    * Periodic counting
  5. Segregation of duties:
    * No of peoples involved in accounting process so no one person has overall control
    * Segregation of function = carry out of a transaction, recording that transaction in accounting records and maintaining custody of assets
    * Various steps in carrying out transaction should be segregated
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Limitations of internal controls:

A
  • Costs can sometimes outweigh benefits – pragmatic approach is often taken and only implemented if it is worth it
  • Human error or fraud – collusion between more than one employee
  • Management override – either legitimate or fraudulent purposes
  • Non-routine events that system was not originally set up to manage
  • Change of any systems that are no longer fit to control
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Costs & benefits of internal controls:

A

Benefits:
* Business assurance
* Efficiency and effectiveness of operation
* Validation by external auditors
Costs:
* Resource (human and financial), technology (hardware and software) and assets (premises, supplies and vehicles)
* Opportunity costs

  • Costs + benefits will not always be straight forward to measure and evaluate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

SMART targets:

A
Specific
Measurable
Achievable
Realistic
Time-bounded
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Governance and internal control:

A
  • Performance-related pay (PRP) = can lead to excessive risk-taking amongst executive directors – go beyond acceptable risk appetite of shareholders if motivated by personal gain (agency problem)
  • Share options = builds in limits on when options can be exercised to prevent directors from pursuing strategies that secure personal benefits in short-term at expense of longer-term value
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Management styles that can lead to dysfunctional behaviour:

A
  1. Budget-constrained:
    * Needs to meet budget constraints
    * Short-term viewpoint
    * High tension within the job
    * Short-term focus
    * High manipulation of data
    * Poor staff relations
  2. Profit-conscious:
    * Assessed only in relation to hitting targets no matter how it is done
    * Medium tension within the job
    * Little manipulation of data
    * Good staff relations
  3. Non-accounting:
    * Budgets not important (other factors such as customer service or quality is)
    * Medium tension – based on hitting targets
    * Manipulation of data less relevant as other measures are used
    * Good staff relations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Short-term vs. long term objectives

A
  1. Reduce capital expenditure/ R+D to protect cash flows and save costs
    = Limits potential growth, operating capacity, efficiency and competitive advantage
  2. Reducing quality control costs to increase profits
  3. Reducing levels of customer service to reduce costs = Negative impact on reputation and customer goodwill
  4. Cutting training and/or recruitment budgets to save costs
    = Potential skills shortages and poor morale
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Malfunction at any stage where employees are involved can lead to control failures due to:

A
  • Poor motivation – poor reward structures or poor management
  • Poor training – lack of skills or support from management
  • Inappropriate values – absence of a code of conduct or code being visibly ignored
  • Problems inappropriately managed – inequitably/ inadequately with no regard for feedforward learning
17
Q

Other forms of dysfunctional behaviour:

A
  1. Tunnel vision:
    Problem = Focus on stated performance measures only to detriment of other areas
    Solution = consideration of different dimensions of performance
  2. Myopia:
    Problem = preoccupation with immediate concerns leading to neglect of longer-term objectives
    Solution = fostering a long-term view amongst staff and management
  3. Measure fixation:
    Problem = activities and behaviours to achieve specific performance indicators only which may not be effective
    Solution = adopting a sensible number and application of measures
  4. Misinterpretation:
    Problems = creative reporting to suggest result is acceptable
    Solution = not placing too much emphasis on results + involvement of staff
  5. Ossification:
    Problem = unwillingness to change performance measure scheme once it has been set up
    Solution = keeping performance measurement system under constant review + all staff to input suggestions for change
18
Q

What is a Critical success factor?

A
  • Element of org activity which is central to future success
  • May change over time and may include: product quality, employee attitudes, manufacturing flexibility and board awareness
19
Q

What is a Key performance indicator?

A

Way of measuring performance against a specific objective

20
Q

Information needs according to management levels:

A
  1. Strategic management:
    * Monitors and controls org as a whole and take biggest decisions
  2. Tactical management:
    * Implements decisions of strategic management and ensures that divisions are running smoothly
  3. Operational management:
    * Controls day-to-day activities and escalates issues to tactical management for decisions
21
Q

Office automation system (OAS):

A

Email. Spreadsheet, word processing

22
Q

Transaction processing system (TPS):

A

Collects data about each business transaction

23
Q

Knowledge work system (KWS):

A

Allows new knowledge creation within org

24
Q

Management information system (MIS):

A

Draws info from TPS and presents it to managers for decision making and control in std report format

25
Q

Enterprise resource planning system (ERPS):

A

Captures data across whole enterprise so that custom-designed reports can be produced

26
Q

Strategic enterprise management system (SEMS):

A

Makes high-level strategic decision using tools such as activity-based management

27
Q

Decision support systems (DSS):

A

(e.g. Spreadsheet)

Data analysis tools that can be used to model scenarios and assist decision making

28
Q

Executive information system (EIS) or executive support system (ESS):

A

Data presented to senior managers, usually graphical and summarised, but with drill-down facilities

29
Q

Expert systems (ES):

A

Stores information and apply rules to make simple decisions

30
Q

Systems development life cycle:

A

Disciplined approach to systems upgrades intended to reduce possibility of ending up with a system that fails to meet the needs of org and wastes time and money

31
Q

Stages of systems development life cycle:

A
  1. Feasibility study:
    * Review existing system + identify possible alternative solutions
  2. Systems investigation:
    * Obtain details of current requirements and user needs
    * Identify current problems and restrictions
  3. Systems analysis:
    * Consider why current methods are used and identify better alternatives
  4. Systems design:
    * Determine inputs, processing and storage facilities
    * Consider matters such as programme design, file design and security
    * Prepare a detailed specification
    * Test system fully
  5. Systems implementation:
    * Write/acquire software, test it, convert files, install hardware and start running new system
32
Q

Systems test:

A
  1. Direct changeover:
    * Replacing old with new in one go
  2. Parallel running:
    * Running old and new together to highlight problems with new system
  3. Pilot operation:
    * Introducing a new system in one department to assess new systems and how it could be improved
  4. Phased changeover:
    * Splitting new system into elements and implementing one element at a time across whole org