Mnemonics Flashcards
CRIME = Components of Internal Control.
C = Control Environment.
R = Risk Assessment.
I = Information and communication.
M = Monitoring.
E = Existing Control Activities.
BOCCA = Principles of Control Environment.
B = Board Independence and Oversight.
O = Organizational Structure.
C = Commitment to Competence.
C = Commitment to Ethics & Integrity.
A = Accountability.
SICI = Principles of Risk Assessment.
S = Specify Objectives.
I = Identify and Analyze Risks.
C = Consider Potential for Fraud.
I = Identify and Assess Changes.
OCI = Principles of Information and Communication.
O = Obtain and Use Information.
C = Communicate with External Parties.
I = Internally Communicate Information.
OC = Principles of Monitoring Activities.
O = Ongoing and/or Separate Evaluations.
C = Communication of Deficiencies.
DSS = Principles of Existing Control Activities.
D = Deployment of Policies and Procedures.
S = Select and Develop Control Activities.
S = Select and Develop Technology Controls.
GOPRO = Components of ERM.
G = Governance and Culture.
O = Objective Setting and Strategy.
P = Performance.
R = Review and Revision.
O = Ongoing Information, Communication and Reporting.
DOVES = Principles of Governance and Culture.
D = Defines Desired Culture.
O = Oversight (Excercises Board Oversight).
V = Values (Commitment to Core Values).
E = Employees (Capable).
S = Structure (operating) is Established.
SOAR = Principles of Objective Setting and Strategy.
S = Strategies (Alt) are Evaluated.
O = Objectives (Bus) are Formulated.
A = Analyzes Bus Context.
R = Risk Appetite is Defined.
VAPIR = Principles of Performance.
V = View portfolio; Develops Portfolio View.
A = Assesses Severity of Risk.
P = Prioritizes Risk.
I = Identifies Risk.
R = Risk responses.
SIR = Principles of Review and Revision.
S = Substantial Changes.
I = Improvement in ERM.
R = Reviews Risk and Performance.
TIP = Principles of Ongoing information, communication and Reporting.
T = Technology leverage.
I = Information Risk is communicated..
P = Performance, Risk and Culture is reported on.
APRAS = 5 responses to risk.
A = Acceptance: No action is taken to change the risk.
P = Pursue: Accepts the increased risk to improve performance.
R = Reduce: Action is taken to reduce risk.
A = Avoid: Action is taken to remove risk.
S = Share: Action is taken to reduce risk by outsourcing. i.e. Insurance.
DIMPL = Types of Risk
D = Default Risk.
I = Interest Rate Risk.
M = Market Risk.
P = Purchasing Power Risk.
L = Liquidity Risk.
DUNS = Types of Risk (Market and Nonmarket)
D = Diversifiable Risk.
U = Unsystematic Risk.
N = Nondiversifiable Risk.
S = Systematic Risk.
