Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CPA - BEC > Corporate Governance, Internal Control, ERM > Flashcards

Corporate Governance, Internal Control, ERM Flashcards

1
Q

According to COSO controls, what are reasons that systems fail?

A
  • they are not designed or implemented properly
  • they are properly designed and implemented but changes have occurred making the controls ineffective
  • they are properly designed and implemented but the way they operate has changed making them ineffective
    Note that mgmt overrides is a limitation for all systems no matter how effectively designed or implemented.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are limitations of enterprise risk mgmt?

A

Subject to mgmt override
Collusion among two or more individuals can result in failure
Risk relates to the future that is uncertain

Note that the fact that companies cannot avoid risk results in the need for enterprise risk mgmt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are advantages of the employment of an ERM systems?

A
  • helps an organization seize opportunities
  • improves the deployment of capital - capital deployed to opportunities that are consistent with the org’s risk appetite
    -enhances risk response decisions
  • reduces operational surprises
    Note it does not insure that organization shares all major risks - can respond other ways to risk.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the term for individuals within the company that monitor internal controls? (from COSO framework)

A

Evaluators - they must have competence and objectivity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Under Institute of Internal Auditors’ standards, what knowledge is required for the internal audit function?

A 
Knowledge of:
- key IT risks
- to evaluate fraud risk
- IT audit techniques
Not required to have knowledge of financial reporting
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the different responses to risk?

A

Avoidance
Sharing - ex: insurance, hedging
Acceptance
Reduction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How is internal control defined under COSO?

A

As a process - effected by an entity’s board of directors, mgmt, and other personnel - designed to provide reasonable assurance regarding the achievement of objectives in the following categories:
1 - reliability of financial reporting
2- effectiveness and efficiency of operations
3- compliance with applicable laws and regulations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the business judgment rule

A

Legal rule that prevents directors from being held liable for making bad decisions if they acted with good faith, loyalty, and due care.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the best form of mgmt compensation to align with shareholders?

A

Salary plus stock option that cannot be exercised for 10 years is better than a salary plus stock. It is more consistent with long term profitability.
A salary with bonus based on current period net income would encourage mgmt to take on too much risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are rights of shareholders

A

Right to inspect the books and records, rights to hare in dividends if declared, and right to sue on behalf of the corp if the officers and directors fail to uphold corporate rights.
Can vote to amend articles of incorporation.
They can vote on the dissolution of a company, and have a right to elect directors (who in turn elect officers).
They need to approve a change in the nature of corp.
Note they cannot determine the mission of the corp, that is done by board of directors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Who owes a fiduciary duty

A

Directors, officers to corp. MAJORITY shareholders to minority.
Note that directors who act in good faith may use the business judgment rule as a defense.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the board of directors powers?

A

Can select officers, declare dividends, and determine mgmt compensation.
They can appoint CEO, issue dividend, and change corporate strategic plan.
NOTE they cannot amend the articles of incorporation, that is the shareholders power

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are limitations of ERM

A

1 - future risk is uncertain
2- cannot provide reasonable assurance objectives will be achieved
3-cannot provide absolute assurance
a - subject to human error
b-can break down
c-collusion can result in failures
d-cannot be perfect due to cost benefit constraints
e-subject to mgmt override
NOTE that external forces attacking the system is a business risk and NOT a limitation of internal control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the components of ERM according to COSO

A

1- internal environment - org tone
2-objective setting - operational/reporting/compliance
3-event identification - internal/external, risk/opportunity, use process flow analysis, facilitated workshops, loss event data methodologies
4-risk assessment - likelihood and impact, use probabilistic models
5-risk response - avoidance/reduction/sharing/accept
6-control activities - policies and procedures to carry out risk response, routine controls over processes and transactions
7-info and communication - relevant info communicated
8-monitoring - make needed modifications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

NYSE requirements

A

have a majority of independent shareholders of the corporate board
adopt and make publicly available a code of conduct
have an independent audit committee

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

SOX audit committee requirements

A

At least one member of AC must be financial expert (does NOT need to be CPA) - must understand GAAP and FS - must disclose name or reason does not have role filled
All members must be independent
CFO is not independent and should not be on AC

17
Q

Dodd frank

A

All members of the compensation committee must be independent
Must disclose reason if CEO is or isnt the chairman of board
Shareholders must be allowed a nonbinding vote on officer compensation at least every three years

18
Q

What is the best internal and external monitoring device?

A

Internal - board of directors

External - external auditors more so than SEC as SEC relies on them to audit FS and internal controls

19
Q

Chief Audit Executive

A

Should report to the CEO

Should use a risk based approach to set priorities for internal audit activities

20
Q

Institute of Internal Auditors’ standards - what services are covered

A

Assurance and consulting services
The internal auditor must establish and maintain a system to monitor the disposition of audit results.
They are not required to assist external auditors, not have a financial interest in company.

21
Q

Institute of Internal Auditors’ standards - what are the sections

A

Performance standards, Implementation, Attribute

22
Q

Divisions of SEC

A

The division of corporate finance reviews corporate filings.
Office of the Chief Accountant advises the SEC on accounting and auditing matters and approves the rules of the PCAOB.
Division of Enforcement assists the SEC in executing its law enforcement function.

23
Q

What are transaction control activities?

A
  • reconciliations, physical control over assets, controls over standing data
    Note that technology development policies and procedures are NOT, they are general controls.
24
Q

Monitoring for change continuum stages?

A

Control baseline - developing initial understanding of control system
Change identification - identifying necessary changes
Change mgmt - monitoring is used to establish a new baseline after changes have been made. Evaluate design and implementation of changes and establishing a new baseline.
Control revalidation/update - revalidating the understanding periodically

25
Q

Implementing technology has benefits on the monitoring component how?

A

It can identify conditions and circumstances that indicate that controls have failed or risks are present.
Note technology could provide info more quickly but it does not relate DIRECTLY to monitoring component.

26
Q

SOX section 404 requirements

A

Statement of mgmt responsibility for establishing and maintaining adequate internal control over financial reporting.
Statement indicating framework used to assess internal control over financial reporting.
Assessment of the effectiveness of the corporation’s internal control over financial reporting.

27
Q

Who is eligible for a reward under whistle blowing under Dodd frank?

A

A customer is entitled to a reward.
Note a director who discovers a violation while performing their duties as a director is not eligible, same for internal and external auditors doing their jobs.

28
Q

Define risk tolerance, risk appetite, residual risk

A

It is the acceptable variation with respect to a particular objective.
NOTE it is NOT the level of risk an organization is willing to accept - that is risk appetite.
Residual risk is the risk of an event after considering mgmt’s response.
Events that require no risk response are accepted risks.

CPA - BEC (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions