M1 IC Frameworks Flashcards
What are the 5 components of the Internal Control? (Hint: Mnemonic CRIME)
Control Environment
Risk Assessment
Information and Communication
Monitoring Activities
Existing Control Activities
What are the 17 principles within the 5 components
Control Environment
Commitment to ethical values and integrity
Board independence and oversight
Organizational structure
Commitment to competence
Accountability
Risk Assessment
Specify objectives
Identify and analyze risks
Consider the potential for fraud
Identify and assess changes
Information and Communication
Obtain and use information
Internally communicate information
Communicate with ecternal parties
Monitoring Activities
Ongoing and/or separate evaluations
Communication of deficiencies
Existing Control Activities
Select and develop control activities
Select and develop technology controls
Deploy through policies and procedures
COSO Application
Risk: MGMT is unaware of risks that could affect the company
Component: Risk Assessment
Principle: The company identifies risks to acheiving its objectives and analyzes risks to determine how the risks should be managed
Control Activity: Periodic risk assessment are reviewed by MGMT, including internal audit assessments
Risk: Employees act in unethical or unlawful manner
Component: Control environment
Principle: The company demonstrates a commitment to integrity and ethical values
Control Activitiy: A code of conduct or ethics policy exists and includes provisions abount conflicts of interest, related party transactions, illegal acts and the monitoring of the code by management, the audit committee, and board of directors.
What are the 3 categories on the COSO Cube
Operating
Reporting
Compliance
(Shown as columns on the top of the cube)
What are the 5 internal control components on the COSO Cube?
Control Environment
Risk Assessment
Control Activities
Information and Communication
Monitoring Activities
(Shown as rows on the front of the cube)
What are the 4 entity organzational structures on the COSO Cube?
Entity level
Division
Operating Unit
Function
(Shown/ Referred to as 3rd dimension on Cube)