Internal Controls

Question 1

COSO assists organizations in developing

Answer 1

comprehensive assessment of Internal Control effectiveness

Question 2

COSO Framework

Answer 2

is used by management to help obtain an initial understanding of effective I/C System

provides confidence to external stakeholders that I/C is in place to achieve objectives

Question 3

How does COSO framework assist Management and the Board

Answer 3

Effectively applying I/C

Determine requirements of effect I/C system

Allows Judgement and flexibility in Design and implementation of I/C system

Identify and analyze risk - then develop actions to mitigate these risk

Eliminate ineffective, inefficient and redundant controls

Extend I/C beyond financial reporting

Question 4

Internal control Definition

Answer 4

implemented by management and board to provide Reasonable Assurance that it will achieve it’s objectives

Question 5

COSO Framework Objectives

Answer 5

Operations - effectiveness and efficient, safeguard against potential losses

Reporting - reliability, timely, transparent

Compliance - laws and regulations

Question 6

Internal Control Components

Answer 6

Control Environment - tone at the top

Risk Assessment - F/s misstatement or fraud

Information and Communication - fair, accurate, timely

Monitoring - efficiency of I/C, report deficiencies

Existing Control Activities - Policies/Procedures

Question 7

Principles related to Control Environment (EBOCA)

Answer 7

Commitment to Ethics and Integrity
Board Independence and Oversight
Organization Structure
Commitment to Competence 
Accountability

Question 8

Principles related to Risk Assessment (SAFR)

Answer 8

Specify Objectives
Identify and Analyze Risk
Consider the Potential for Fraud
Identify and Assess Changes

Question 9

Principles related Information and Communication (OIE)

Answer 9

Obtain and Use Information
Internal Communication
External Communication

Question 10

Principles Monitoring Activities (SO D)

Answer 10

Ongoing and Separate Evaluation

Communication of Deficiencies

Question 11

Principles Existing Control Activities (CAT P)

Answer 11

Select and Develop Control Activities
Select and Develop Technology Controls
Deployment of Policies and Procedures

Question 12

Difference between Monitoring and Control Activities

Answer 12

Monitoring = Identify and correct control Weaknesses

Control Activities = identify and correct Errors

Question 13

Internal controls are effective when

Answer 13

ALL 5 components and applicable relevant 17 principles are

Present (included in design) and

Function (Operating as designed)

Also all 5 components operate together as Integrated System

Question 14

Internal controls are ineffective when

Answer 14

There is a Major Deficiency