COSO

Question 1

ORC - Three categories of objectives on COSO Framework

Answer 1

O - Operations Objectives
R - Reporting Objectives
C - Compliance Objectives

Question 2

CRIME - Internal Control Components

Answer 2

C - Control Environment
R - Risk Assessment
I - Information and Technology
M - Monitoring Activities
E - Existing Control Activities

Question 3

EBOCA - Principles of Control Environment

Answer 3

E - Commitment to Ethical Values and Integrity
B - Board independence and oversight
O - Organizational structure
C - Commitment to Competence
A - Accountability

Question 4

SAFR - Principles of Risk Assessment

Answer 4

S - Specify objectives
A - Identify and Assess changes
F - Consider the potential for Fraud
R - Identify and analyze Risks

Question 5

OIE - Information and Communication Principles

Answer 5

O - Obtain and use information
I - Internally communicate information
E - Communicate with External Parties

Question 6

SO D - Monitoring Activities Principles

Answer 6

SO - Separate and/or Ongoing Evaluations

D - Communications of Deficiencies

Question 7

CA T P - Existing Control Environment Principles

Answer 7

CA - Select and develop Control A ctivities
T - Select and develop Technology controls
P - Deploy through Policies and P rocedures

Question 8

ARTS - Help respond to risk

Answer 8

A - Avoid (high frequency, high severity)
R - Reduce (high frequency, low severity)
T - Transfer (low frequency, high severity) {Share}
S - Self-Insure (low frequency, low severity) {Accept}

Question 9

COPS - Steps to compile and document the internal control assessment

Answer 9

O - Overall Assessment - supported by complement evaluations
C - Component Evaluation - supported by principal evaluations
P - Principal Evaluation - The source for isolating and defining internal control deficiencies
S - Summary of Internal Control Deficiencies (if any) - Summarized and impact the overall assessment

Question 10

CPER - Develop value - make it CPER

Answer 10

C - Value Creation
P - Value Preservation
E - Value Erosion
R - Value Realization

Question 11

CCPIS - To Manage risk and create value

Answer 11

C - Culture
C - Capabilities (Competitive Advantage)
P - Practices
IS - Integration With Strategy-Setting and Performance

Question 12

GOPRO - Components of Enterprise Risk Management

Answer 12

G - Governance and Culture
O - Strategy and Objective Setting
P - Performance
R - Review and Revision
O - Information, Communication, and Reporting (Ongoing)

Question 13

DOVES - Governance and Culture Principles

Answer 13

D - Defines Desired culture
O - Exercises board Oversight
V - Demonstrates commitment to core Value (tone at the top)
E - Attracts, developes, and retains capable individuals (Employees)
S - Establishes operating Structure

Question 14

SOAR - Strategy and Objective Setting Principles

Answer 14

S - Evaluates alternative Strategies
O - Formulates business Objectives
A - Analyze business context
R - Defines Risk appetite

Question 15

VAPIR - Performance Principles of COSO enterprise risk management

Answer 15

V - Develops portfolio View
A - Assesses severity risk
P - Prioritizes risk
I - Identifies risk (events)
R - Implements Risk Responses

Question 16

SIR - Review and Revision Principles

Answer 16

S - Assesses Substantial change
I - Pursues Improvement in Enterprise Risk Management
R - Reviews risk and performance

Question 17

TIP - Information, Communication and Reporting (Ongoing) Principles

Answer 17

T - Leverages information and Technology
I - Communicates risk Information
P - Reports on risk, culture, and performance