Internal Control Monitoring and Terminology

Question 1

Why monitor controls?

Answer 1

Entropy- Over time controls deteriorate

Technology improvements

Changes in management techniques

People quit and take vacations

Question 2

What are the benefits of control monitoring?

Answer 2

Lessen negative effects of entropy

Identify IC problems before they become crises

More timely, accurate, and reliable information, certifications of IC

Maximize efficiency and reduce costs

Question 3

Who evaluates controls

Answer 3

Evaluators

• Monitor internal controls. Must have skills, knowledge, and authority to enable them to:
  1) Understand risks
  2) Identify critical controls related to managing and mitigating those risks
  3) Conduct and/or oversee monitoring information

Must be competence and objective

Question 4

Define competence:

Answer 4

Evaluators knowledge of controls and related processes

Question 5

What is board monitoring?

Answer 5

Monitoring by board or its committees

Includes evaluating management’s monitoring process and assessment of risk and management override of controls

Question 6

Define self-assessment?

Answer 6

“self” here is the unit or function

Assessment may be by personal who operate the control (i.e. self-review) peer or supervisory review within the same unit as control

Persons responsible for a particular unit or function

Question 7

Define Self-Review?

Answer 7

One review’s their own work.

LEAST objective type of “self-assessment”

Question 8

What is the order of review objectivity from least to most?

Answer 8

Self Review

Peer Review

Supervisor Review

Impartial Review

Question 9

What is a compensating control?

Answer 9

Control accomplishes the same objective as another control and can “compensate” for deficiencies in that control

Question 10

What are key controls?

Answer 10

Most important to assessing IC system’s ability to manage or mitigate meaningful risks.

• Failure in this could cause significant fraud or prevent the organization from meeting it’s objectives

Question 11

What are key performance indicators?

Answer 11

Metrics that assess critical success factors

Help measure progress

Question 12

What is direct information

Answer 12

Directly substantiates operation of a control. Must link directly to a judgment regarding the effective operation of control

Highly persuasive

Obtained by observing controls

Question 13

What is indirect information?

Answer 13

Relevant to assessing whether controls are operating and underlying risk is mitigated

Is not explicit evidence regarding whether controls are operating effectively

E.G. Analytical procedures