Core Activity E - Recommend and maintain a sound control environment Flashcards
What are the three key principles for of corporate governance ?
Transparency
Accountability
Integrity
What are the 5 fundamentals of the CIMA code of ethics?
PIPCO
- Professional behaviour
- Integrity
- Professional competence and due care
- Confidentiality
- Objectivity (non bias)
What are the advantages of an internal control system ?
Helps the organisation to …
Achieve strategies and objectives
Safeguard assets
Safeguard shareholders funds
Comply with laws and regulations
Produce accurate, complete and timely information
Prevent and detect fraud
What did the London stock exchange do to promote internal control amid accounting scandals such as Enron etc ?
Implemented the Turnbull report with the aim of ensuring
Sound business practice
Remain relevant
Benifit companies of all sizes
What is COSO’s goal ?
Committee of sponsoring organisations
Provide thought leadership dealing with three interrelated subjects
ERM, internal control, fraud deterrence
What was initiated as a direct response to Enron and worldcom scandals?
The Sarbanes-Oxley act
What is a useful acronym for the detection of fraud and error in relation to control activities?
Soapspam
Segregation of duties (shared responsibilities of a key process)
Organisation structure (governance)
Authorisation and approval
Physical protection of assets
Supervisory controls
Personnel
Arithmetical / accounting controls
Management review of reports
What are the 3 pillars of the COSO integrated Framework?
Operations
Reporting
Compliance
What are the 5 sub pillars of control with reference to COSO?
Control environment
Risk assessment
Control activities
Information and communication
Monitoring activities
What levels exist in the COSO framework?
Entity level
Divisional level
Operating unit
Function
What’s the accounting principle that requires companies to account for transactions based on economic substance over legal form?
Substance over form
Leases
Swaps
Whats the role of a SID?
Senior independent director
Sounding board for the Chair
Responsible for leading the annual review of the Chairs performance
what are the key corporate governance failures ?
Lack of leadership (Satyam) poor governance structure and lack of separation between roles and most notably CEO and chair .. lead to issues of fraud powered by excessive compensation.
Risk blindness (Carillion building company) Not implementing an effective ERM with risk committee leading to complete failure and liquidation. Too many projects destroying shareholder wealth
Inadequate information to the board (VW diesel scandal)
Complexity of the control environment and also extremely high growth over a very short period of time.
What influences the control environment?
Company culture
Philosophy and adherence to Internal controls
The continuing development of new controls to adequately address he emergence of new risks
Upholding integrity within the workforce.
What are the most common board structures?
Unitary board
Also known as a single-tier board, this structure has one board that combines executive and non-executive directors.
Two-tier board
Also known as a dualistic governance model, this structure has two separate boards that divide responsibilities between management and supervision. The management board is responsible for the day-to-day management of the company, while the supervisory board supervises the management.
Why is it becoming increasingly less popular to have the same CEO and chair?
Poorer governance as it gives to much control to one person - it should only happen temporarily, perhaps when a new CEO is in the pipeline the chair may take a temporary role as CEO or vice versa
The demands of the roles are also very different
What is the role of the chair?
Provide corporate leadership
Ensure the board is functioning properly
What is the role of the CEO?
Managing the company
Managing the executive directors and management
What further governance is required as best practice, as well as NEDS, Executive directors and senior management?
Audit committee
(Independent of the executive management to protect shareholders interests)
Remuneration committee
Risk management committee
(Financial and non financial / mix of D’s and NEDs)
Nominations committee
(Non execs responsible for reviewing the composition of the board)
Does rotomyne have one? why don’e we have IT director?
How does the internal audit and risk manager roles differ?
Risk manager identifies evaluates and controls risks
Internal auditor reviews risks identified by risk management and both work together
Whats is the process for the audit of internal controls?
Identify the objective
Identify what procedures are in place to help meet the system objectives
Note whats not working?
Note what is working?
Identify how noted problem areas may be resolved
Report findings and recommendations to management
What type of audit could help Rotomyne comply with all global regulations and improve ESG?
Environmental audit
What is one of the main risk with internal audit?
The incorrect information or recommendations are reported to management
What control can be used to mitigate the incorrect information reported ?
Risk assessment covering
Control risk
Inherent risk
Detection risk
whats a key characteristic of internal audit?
It’s independent from the system and is not responsible to design or operating the system
This is maintained by them reporting to the audit committee rather than a particular manager
