COSO

Question 1

3 Framework Objectives of COSO and Definitions

Answer 1

Operations - Effectiveness & efficiency of operations/Adequately safeguard against potential losses

Reporting - Reliability, timeliness, transparency

Compliance - Following laws & regulation

Question 2

Components of Internal Control and Definitions

Answer 2

CRIME

Control Environment - Tone at top (ethics)

Risk Assessment - F/S misstated or fraud

Information and Communication - Fair, Accurate, Complete, Timely

Monitoring - Efficiencies of IC, report deficiencies

(Existing) Control Activities - to mitigate risk

*All 5 components and and 17 principles must be PRESENT and FUNCTIONING

Question 3

Control Environment (CRIME)

Answer 3

EBOCA

• Ethics
• Board Independence
• Organizational Structure
• Competence (Hire, train, develop)
• Accountability

Question 4

Risk Assessment (CRIME)

Answer 4

EAR

• Event ID
• Assess Risk
• Respond to risk

Question 5

Information and Communication (CRIME)

Answer 5

FACT - Fair, Accurate, Complete, Timely

Between Internal and External

Question 6

Axes of the COSO Cube

Answer 6

X-axis: ORC
Y-axis: CRIME
Z-axis: Entity, Division, Operating Unit, Function

*All 5 components and and 17 principles must be PRESENT and FUNCTIONING

Question 7

Objectives of ERM

Answer 7

Strategic - High level goals designed to achieve mission
O
R
C

Question 8

Components of ERM

Answer 8

IS EAR AIM (Has CRIME in it)

Internal Environment
Setting Objectives
Event ID
Assessment of Risk
Risk Response
Activities (Control)
Information and Communication
Monitoring