Lecture 4 Flashcards
internal control
is a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives
reasonable assurance
an organisation meets its objectives
Satisfaction as to the reliability of the information provided
management
different people are involved in internal control
people effect how internal controls operate
internal control components
- the control environment
- the entity’s risk assessment process
- the information sysstesm
- control activities
- monitoring of controls
internal control evironment
managing integrity, ethical values, competence, philosophy, operating style, assignment of authority and responsibility and human resource policies and practices
Sarbanes Oxley section 404
requires management to evaluate internal controls every year and requires financial auditors to attest to the evaluation. identify the framework used
Sarbanes - section 302
the signing officers must certify that they are responsible for establishing and maintaining internal controls and have designed such internal controls to ensure that material information relating to the company
Sarbanes - section 802
criminal penalties for altering documents
Preventive controls
designed to stop errors or irregularities occuring
detective controls
will not prevent errors from occurring but rather they alert those using the system to errors and anomalies
corrective controls
are designed to correct an error or irregularity after it has occurred
general controls
a manual and IT control affecting the overall information of the organisation; the objective is to provide a reasonable level of assurance that the overall objectives of internal control are achieved
application controls
specific controls over specific applications
Security controls
Secure the computing infrastructure from internal and external threats
Database controls
database processing involves simulatenously updating of multiple tables