Internal Control Frameworks Flashcards
A company that maintains a strong internal audit function that reports directly to the Board of Directors is applying which principle of effective internal control over financial reporting.
Organizational Structure.
Which principle states the board should be actively involved in overseeing the implementation of both financial reporting and internal controls?
Board of Directors Principle (NOTE: relates more to leadership than reporting)
_____________________________should be delegated to individuals within the org structure as appropriate to maintain effective internal controls.
Authority and Responsibility
(Note: The authority and responsibility of individuals can be undermined by flaws in the org structure.)
What is emphasized by the human resources principle?
Competence
NOTE: It’s NOT reporting.
Which principle stated human resources policies and procedures should be fully compatible with effective financial reporting and internal control?
Human Resources Principle
What is NOT a part of a “proper tone at top” according to COSO:
- Create compliance supporting culture that is committed to ERM
- Adhere to fiscal budgets and goals outlined by the audit committee
- Promote a willingness to seek assistance and report problems before its too late
- Navigate grey areas where no rules/guidelines exist
ANSWER:
Adhere to fiscal budgets and goals outlined by the audit committee
What best describes the nature of the Board of Directors relationship to a company?
FIDUCIARY
The Board of Directors has a FIDUCIARY responsibility to act on behalf of and in the best interest of the corporation.
What is NOT a part of a “proper tone at top” according to COSO:
- Create compliance supporting culture that is committed to ERM
- Adhere to fiscal budgets and goals outlined by the audit committee
- Promote a willingness to seek assistance and report problems before its too late
- Navigate grey areas where no rules/guidelines exist
Adhere to fiscal budgets and goals outlined by the audit committee
(NOTE: It is unlikely that the audit committee outlines budgets and goals)
Active engagement by an audit committee in representing the Board of Directors relative to all matters of internal and external audits is evidence of:
Oversight responsibility over financial reporting
The board’s understanding of their oversight responsibility over financial reporting.
What typically relates to the manner in which employees regard the importance of internal controls?
Management’s operating style
What principle ensures the appropriate alignment of reporting relationships to ensure that controls are NOT undermined?
(e.g. Internal auditors should NOT report to the CFO)
Organizational structure principle
What principle is typically related to defining staff responsibilities in manner that is compatible with their authority and consistent with effective financial reporting?
The authority and responsibility principle.
What relates to work ethic and commitment to effective financial reporting?
Managements operating style.
The existence of a compliance program that incudes both ethics training and a hotline for anonymous reporting is evidence of:
Ethical values
and ensuring those values are understood and taken seriously.
What relates to hiring practices and appropriate placement of individuals within an organization based on job descriptions?
Human Resources Standards
The existence of a company handbook and periodic acknowledgement of receipt and understanding of the handbook is evidence that:
SOUND INTEGRITY AND ETHICAL VALUES
are developed and understood AND set the standard of conduct for financial reporting.
What are the 5 key principles of COSO internal control integrated framework?
C.R.I.M.E.
The five components of COSO are often referred to by the acronym C.R.I.M.E:
Control environment
Risk assessment
Information and communication
Monitoring activities
Existing control activities
According to COSO, a primary purpose of monitoring internal controls is to verify that the internal control systems are adequate to address changes in ______________.
Risks
Which component of the internal control integrated framework includes principles such as financial reporting objectives?
The risk assessment component.
The control environment component of the internal control integrated framework included financial reporting ______________.
Competencies
Note: NOT objectives, human resources, org structure etc.
What is the FIRST monitoring step in evaluating the effectiveness of an internal control system?
Establishing a control baseline.
Without a baseline there is nothing to compare against when the evaluation is performed.
5 Principles of Control environment component of committee of sponsoring organizations
- commitment to Ethics and integrity
- Board independence and oversight
- Organizational Structure
- Commitment to competence
- Accountability
Remember EBOCA