Corporate Governance Flashcards

1
Q

which fundamental component of internal control: establishing ongoing and periodic evaluations, and addressing control deficiencies to operate effectively

A

monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

which fundamental component of internal control: establishing integrity and ethical values in the organizational culture.
Management’s philosophy toward controls, organizational structure, system of authority and responsibility, personnel practices, policies, and procedures.

A

control environment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

which fundamental component of internal control: change management, organizational objectives, assessment, fraud

The process of identifying, analyzing, and managing the risks involved in achieving the organization’s objectives.

A

risk assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

what control is an access control software

A

preventive control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

what control is an echo check

A

detective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

most likely to be responsible for determining system access.

A

support functions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

According to the COSO internal control framework, if an organization outsources certain activities within the business to an outside party

A

Activities of an organization may be outsourced, but the responsibilities never transfer to the outsourced party. Management is never relieved of ultimate responsibility or accountability for internal control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A control that accomplishes the same objective as another control

A

compensating control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

evaluating internal control procedures should be the responsibility of

A

Internal audit staff who report to the board of directors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

The COSO model has 5 control objectives, and the COSO ERM model has 8.

A

.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Strategic, operations, reporting, and compliance objectives are a part of which of the following models of internal control?

A

COSO ERM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Public company audit committees must contain

A

financial expert

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

responsibility for determining system access

A

support functions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Four key roles and responsibilities for internal control are

A

BOD, management, support, internal auditors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

BOD responsibility

A

oversight of key internal control activities and the organization’s enterprise-wide risk management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Management responsibility

A

maintaining effective internal controls related to daily operations.

17
Q

Support (business-enabling) functions responsibility

A

legal, compliance, finance, human resources, IT, and others. Support functions clarify internal control requirements and evaluate control-related compliance with set standards.

18
Q

Internal auditors responsibility

A

assess and report on internal control and provide recommendations to correct or improve activities

19
Q

Limitations of internal control

A

Management, human judgement, management override, collusion

20
Q

Types of internal control deficiencies

A

control deficiency, significant deficiency, material weakness

21
Q

control deficiency is

A

reduces the likelihood of an entity achieving its objectives (least serious)

22
Q

significant deficiency is

A

more serious than a control deficiency but less severe than a material weakness, yet it is important enough to merit attention by those charged with governance.

23
Q

material weakness is

A

reasonable possibility that a material misstatement of the entity’s financial statements will not be prevented or detected and corrected on a timely basis.

24
Q

categories of controls include

A

preventive, detective, and corrective

25
Q

feedback controls are

A

Evaluate the results of a process and, if the results are undesirable, adjust the process to correct the results; most detective controls are also feedback controls.

26
Q

feed forward controls are

A

Project future results based on current and past information and, if the future results are undesirable, change the inputs to the system to prevent the outcome

27
Q

general controls are

A

controls over the environment as a whole. They apply to all functions, not just specific accounting applications. General controls help ensure that data integrity is maintained.
Examples of general controls include restricting physical access to computer resources, production and storage of backup files, and performing background checks of computer services personnel.

28
Q

application controls are

A

controls over specific data input, data processing, and data output activities. Application controls are designed to ensure the accuracy, completeness, and validity of transaction processing. As such, they have a relatively narrow focus on those accounting applications that are involved with data entry, updates, and reporting.
Examples of application controls include checks to ensure that input data is complete and properly formatted (e.g., dates, dollar amounts), that account numbers are valid, and that values are reasonable (e.g., that we don’t sell quantities that are greater than the quantity currently in inventory). TRANSACTION controls

29
Q

Control environment 5 principles

A

integrity/ethical values, BOD independence of management/oversight, responsibility can never be outsourced, competence, accountability.

30
Q

Risk assessment 4 principles

A

objectives, assessment, fraud, change management

31
Q

Control activities 3 principles

A

risk reduction, technology controls, policies

32
Q

Information and communication 3 principles

A

quality, internal, external

33
Q

Monitoring activities 2 principles

A

ongoing/periodic evaluations, address deficiencies