Module 3 - Internal Control Systems Flashcards

1
Q

Why do directors want to implement a sound system of internal control?

A

To provide them with assurance over:

Reliability of financial reporting

Effectiveness and efficiency of operations

Compliance with applicable laws and regulations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Mnemonic for the five components of a sound system of internal control

A

CRIME

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does CRIME stand for?

A

Control activities

Risk assessment process

Information systems

Monitoring of controls

control Environment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a Business Process?

A

A series of activities that enable a company to meet one or more of its objectives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a business risk?

A

The threat that an action or event will adversely affect the organisation’s ability to achieve its objectives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are accounting information systems?

A

Structures used by organisations to collect, store and process financial and accounting data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Mnemonic for control activities

A

PAIRS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How many categories of control activities are there?

A

Five

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does PAIRS stand for?

A

Physical

Authorisation

Information processes (ITGCs and IT and manual application controls)

performance Reviews

Segregation of duties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Examples of common IT application controls include

A

Audit log

Batch controls

Programmed editing

Calculation

Check digits

Exception reports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are entity-level controls?

A

Controls that help establish the tone and culture of the organisation and can be relevant to a number of the components of internal control including the control environment, risk assessment, information systems and monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Mnemonic for limitations of internal control systems

A

CROUCH

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does CROUCH stand for?

A

Cost

Relevancy / obsolescence

management Override

Unusual / infrequent transactions

Collusion

Human error

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Mnemonic of the four key areas that ITGCs commonly cover

A

APOC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does APOC stand for?

A

Access to programs and data

Program changes and development

computer Operations

Continuity of operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the components of Access to programs and data?

A

Awareness of information security policies by all staff

Appropriate restriction of access to IT computing resources

Segregation of duties within key processes

17
Q

What is the mnemonic when considering program changes and development

A

DATA

18
Q

What does DATA stand for?

A

Development

Authorisation

Testing

Approval

19
Q

What is the System Development Life Cycle (‘SDLC’)?

A

A process to introduce, develop and maintain and enhance software

20
Q

Stages of the System Development Life Cycle (‘SDLC’)

A

Business analysis

Feasibility study

Systems analysis

Design

Development

Testing

Implementation

Maintenance

Post-implementation review

Enhancements / wish list

21
Q

What computer operations components should organisations consider to mitigate operational problems?

A

Job processing

Backup and recovery procedures

Incident and problem management

22
Q

Continuity of operations - is the ability to carry on trading after a disaster a key objective of any company and therefore its IT department?

A

Yes