Lecture 4 Flashcards

1
Q

internal control

A

is a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

reasonable assurance

A

an organisation meets its objectives

Satisfaction as to the reliability of the information provided

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

management

A

different people are involved in internal control

people effect how internal controls operate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

internal control components

A
  • the control environment
  • the entity’s risk assessment process
  • the information sysstesm
  • control activities
  • monitoring of controls
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

internal control evironment

A

managing integrity, ethical values, competence, philosophy, operating style, assignment of authority and responsibility and human resource policies and practices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Sarbanes Oxley section 404

A

requires management to evaluate internal controls every year and requires financial auditors to attest to the evaluation. identify the framework used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Sarbanes - section 302

A

the signing officers must certify that they are responsible for establishing and maintaining internal controls and have designed such internal controls to ensure that material information relating to the company

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Sarbanes - section 802

A

criminal penalties for altering documents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Preventive controls

A

designed to stop errors or irregularities occuring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

detective controls

A

will not prevent errors from occurring but rather they alert those using the system to errors and anomalies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

corrective controls

A

are designed to correct an error or irregularity after it has occurred

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

general controls

A

a manual and IT control affecting the overall information of the organisation; the objective is to provide a reasonable level of assurance that the overall objectives of internal control are achieved

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

application controls

A

specific controls over specific applications

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Security controls

A

Secure the computing infrastructure from internal and external threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Database controls

A

database processing involves simulatenously updating of multiple tables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Business continuity controls

A

must develop and follow a sound backup strategy to prevent disruption of business activity due to computer failures and disasters

17
Q

deterrent controls

A

intended to discourage individuals from intentionally violating information security policies and procedures

18
Q

recovery controls

A

restore lost computing resources or capabilities and help the organisation recover monetary losses caused by security violation

19
Q

compensating controls

A

attempt to reduce the risk that an existing or potential control weakness will result in a failure to meet a control objective

20
Q

Limitations of controls

A
  • judegement of error
  • unexpected transactions
  • collusion
  • management override
  • weak internal controls
  • conflicting signals
21
Q

documenting controls

A

once controls are established it is essential to ensure that documentation outlines how these controls operate

22
Q

methods of documentation

A
  • narrative descriptions
  • questionnaires and check lists
  • flow charts
  • control matrix