Corporate_Governance

Question 1

What is the primary duty of the board of directors?

Answer 1

To monitor management behavior.

A board of directors is a policy-setting committee, elected by and accountable to the shareholders in a business.

Relationship to the company is a fiduciary relationship. To understand why, you must first define “fiduciary.” A fiduciary relationship is a legal or ethical relationship of trust between two people, organizations, or other such parties.

Question 2

What is the responsibility of the Nominating or Corporate Governance Committee of the board of directors?

Answer 2

Oversees the board Responsible for hiring new CEO

Question 3

What is the responsibility of the audit committee of the board of directors?

Answer 3

The audit committee appoints and oversees the external auditor.

An audit committee is a body formed by a company’s board of directors to oversee audit operations and circumstances. It selects and appraises the performance of the auditing firm. In accordance with SEC regulation, the audit committee must be composed of outside directors. The committee may also evaluate internal audit reports.

Question 4

What is the duty of the compensation committee of the board of directors?

Answer 4

The compensation committee handles the CEO’s compensation package.

Question 5

What does the NYSE and NASDAQ require of the board of directors?

Answer 5

They require the board to be independent.

Question 6

What is the main goal in an executive compensation package?

Answer 6

The package should ensure that the goals of management should match those of the shareholders.

Question 7

How can an executive compensation package ensure that goals of management align with those of shareholders?

Answer 7

Executive compensation should create an incentive for management to govern in a shareholder-friendly way that doesn’t sacrifice the long-term success of the enterprise for short-term gain.

Question 8

Which influences help mold the direction that management takes?

Answer 8

They range from internal (Board of Directors- Audit Committee- Internal Control) to external (Creditors- SEC- IRS) These influences should not be tainted by undue influence from management or have financial ties to management such as compensation-related duties

Question 9

What is shirking?

Answer 9

When management doesn’t act in the best interest of shareholders. It can be alleviated by tying compensation to stock performance or company profit.

Question 10

What requirements are imposed on a public company under Sarbanes-Oxley?

Answer 10

• Management must submit a report on the effectiveness of Internal Control in the 10K.
• Management must disclose significant Internal Control deficiencies.
• CEO/CFO must certify that the financial statements comply with securities laws and fairly present the financial condition of the company. - The Sarbanes-Oxley Act of 2002, Section 302,

Question 11

What characteristics are promoted by the COSO framework on Internal Control?

Answer 11

Reliable financial reporting Effective and efficient operations Compliance

The Committee of Sponsoring Organizations (COSO) studied internal controls and issued a report that:

(1) defined internal controls as the process implemented by the board of directors, management, and those under their direction to provide reasonable assurance that the following control objectives are achieved:

(a) Effectiveness and efficiency of operations
(b) Reliability of financial reporting
(c) Compliance with applicable laws and regulations

Question 12

What are the elements of the control environment?

Answer 12

Integrity & Ethics Competence The Board of Directors & Audit Committee Management’s Operating Style Organizational Structure Authority & Roles of Responsibilities HR Policies

Question 13

What are control activities?

Answer 13

A component of Internal Control that includes actions being taken to promote the control environment.

Question 14

What are the basic elements of Internal Control?

Answer 14

Control Environment Risk Assessment Control Activities Information and Communication Monitoring

Question 15

What is the significance of the Information and Communication aspect of Internal Control?

Answer 15

Management must have access to relevant and timely information to make good decisions.

Question 16

How does Monitoring affect Internal Control?

Answer 16

Internal Control activities must be constantly monitored and evaluated for effectiveness.

Question 17

What activities does the COSO framework for enterprise risk management include?

Answer 17

• Identifies Risk Factors
• Promotes Risk Response Decisions
• Compares Management Risk vs. Shareholder Goals
• Aids in evaluating opportunities Promotes Quicker Capital movement
• Does NOT eliminate all risk

Question 18

What are possible responses to risk under the COSO framework for enterprise risk management?

Answer 18

• Avoid or
• Reduce
• Share or
• Accept

Question 19

The business judgment rules

Answer 19

The business judgment rules protects officers and directors from shareholder lawsuits alleging a lack of due care in carrying out the business of the corporation.

Officers and directors of a corporation have a quasi-fiduciary duty to the corporation and its shareholders. They are required to act in the utmost good faith and must give the enterprise the benefit of their care and best judgment. They must exercise the powers conferred upon them solely in the interests of the corporation and its shareholders and not for their own personal interests. In the exercise of such power, they undertake to give their best judgment to the enterprise. They must have competent knowledge of the duties assumed.

When acting with reasonable care and diligence in good faith, the officers and directors of a corporation will not be liable for losses resulting to the corporation from mere errors in judgment, provided that judgment encompasses the above factors.

Question 20

There are eight components of COSO’s ERM framework:

Answer 20

There are eight components of COSO’s ERM framework:

1. Internal environment. The people in a business and the environment in which they operate are the foundation for all other ERM components.
2. Objective setting. Management must put into place a process to formulate objectives in order to help the company assess and respond to risks.
3. Event identification. Certain events can affect the company’s ability to implement its strategy and achieve its objectives. Management must identify these events and determine whether they represent risks or opportunities.
4. Risk assessment. Identified risks are evaluated to determine how they affect the company’s ability to achieve its objectives and how to manage them. Both qualitative and quantitative methods are used to assess risks.
5. Risk response. Management can choose to avoid, reduce, share, or accept risks after careful analysis.
6. Control activities. To ensure that management’s risk responses are effectively carried out, policies and procedures should be implemented.
7. Information and communication. Information about ERM components needs to be communicated through all levels of the company and with external parties.
8. Monitoring. ERM processes must be monitored, deficiencies reported to management, and modifications performed when required.

Question 21

internal auditor

Answer 21

An internal auditor is an employee of a business entity who audits the work performed by accountants and others within the enterprise. Although internal auditors are employees of the enterprise they audit, they must be independent with respect to the employees whose work they audit.

Internal auditors are required by the International Standards for the Professional Practice of Internal Auditing (set forth by the IIA, Institute of Internal Auditors) to assist the organization in maintaining effective controls by evaluating their effectiveness and efficiency and by promoting continuous improvement. Internal auditors do not act as management by implementing control activities. In fact, they are prohibited from doing so and must remain independent. Internal auditors cannot assess operations for which they have been responsible.

Question 22

Change control

Answer 22

Internal control consists of the following five interrelated components:

• Control environment sets the tone of an organization, influencing the control consciousness of its people. It is the foundation for all other components of internal control, providing discipline and structure.
• Risk assessment is the entity’s identification and analysis of relevant risks to achievement of its objectives, forming a basis for determining how the risks should be managed.
• Control activities are the policies and procedures that help ensure that management directives are carried out.
• Information and communication are the identification, capture, and exchange of information in a form and time frame that enable people to carry out their responsibilities.
• Monitoring activities is a process that assesses the quality of internal control performance over time.

Generally, controls that are relevant to an audit pertain to the entity’s objectives of preparing financial statements for external purposes that are fairly presented in conformity with GAAP or other comprehensive basis of accounting (OCBOA). The controls relating to operations and compliance objectives may be relevant to an audit if they pertain to data the auditor evaluates or uses in applying auditing procedures.

Question 23

An embedded audit module

Answer 23

An embedded audit module is coded into the information processing software, allowing the auditor to access real data. Often the routines search for unusual items as transactions are processed and report those items to the auditor. There is some danger of data contamination since the routines are working with real data. Also, the auditors must work closely with management in the design of the embedded audit module, which may affect their independence.