COSO 3 Flashcards
Operations Objectives
There are three focuses now for the objectives, used to be more narrow and related only to reliable financial statements
Effectiveness and efficiency of entities operations and Financial Performance and Safeguarding Assets
Reporting Objectives
Related to internal and external
Financial and non-financial reporting to stakeholders
Reliable
Timely
Transparent
Used to be just related to financial reporting
Compliance Objectives
Laws and regulations
Now more broad and recognizes complexity of laws and accounting standards
Why are they Using COSO
Because the SEC and SOX require them to report on internal control and they need a framework
Internal Control over Financial Reporting Definition by SEC not in COSO
Process designed by or under the supervision of the principal executive and principal financial officers and effected By the issuer’s BOD management and other personnel to provide reasonable assurance regarding the reliability of financial reporting and preparation of FS for external purposes in accordance with GAAP
What changes was the Updated COSO standards trying to address?
Globalization of markets and operations and risk factors resulting from
Governance Concepts - more complex global organizations and regulations
Different Business Models - Organizations becoming more decentralize and include more third-party service providers and partnering arrangements
Laws and Regulations - more complex, greater stakeholder protection req’d
Competence and Accountability of Personnel - need more skilled people
Information Systems - Increased relevance of IT
FRAUD RISK - enhanced consideration of potential fraud
Control Environment
What are the 5 Principles
- Integrity and Ethics
- BOD independent from Mgt.
- Mgt estblishes, with bod oversight, lines of reporting authority so objectives can be carried out
- Commitment to Competency
- People are held Accountable
Risk Assessment (general Notes on)
Dynamic Process and considers external environment
Risk Assessment Process Includes:
Identification, Analysis, Response
Risk Tolerances Considered
Discussion of Risk Severity includes Velocity (what does this mean?) Persistence Impact Likelihood
Now must address the risk of fraud.
What type of costing involves the Equivalent Units and what type doesn’t.
Process costing involves the EU calculations. Job-Order Costing Does not.
Absorption Costing is called - one is direct and the other is ???
Need to remember this
What type of costing uses cost pools?
Activity based costing.
Control Activities. Defined What do they do.
Actions established by the policies and procedures to help ensure that management directives to mitigate the risks to achievement of objects are carried out.
Control Activites Defined - They may be _________ or ____________ in nature.
They may be preventative or detective in nature.
Control Activities - Encompass what types of activities?
A range of manual and automated activities such as authorizations and approvals, verifications, reconciliations, business performance reviews.
Under which component does this belong: Business performance review.
Control Activity - Performance Review I - can never remember this Physical Controls Segregation of Duties
Control Activities - What’s normally built in?
Segregation of duties is typically built into the selection and development of control activities.
