Organisational Control and Audit Flashcards
Who has created the framework for internal controls?
COSO
What are the eight components for the framework of controls?
- Control environment
- Objective setting
- Event identification
- Risk assessment
- Risk response
- Control activities
- Information and communication
- Monitoring
What is the control environment?
Culture that directors create in relation to the value and importance of internal controls, the philosophy and risk appetite of the company
What is the objective setting?
Ensure objectives and strategies are aligned with the company risk appetite
What is event identification?
Environmental scanning to identify events internally and externally that could prevent the company achieving its objectives
What is risk assessment?
Assessment of risk based on its likelihood and impact
What is risk response?
Using TARA
What is control activities?
Relates to policies and procedures that are in place to mitigate risk
What is information and communication?
Relates to the reporting arrangements within the organisations and with external parties - good communication to mitigate risk (detailed vs summary)
What is monitoring?
Relates to the fact that internal controls need to be monitored for their efficiency and effectiveness
What following factors does COSO identify which constitute the control environment?
Corporate culture Management style Organisational structure Risk appetite Ethical values and philosophy
What should the objectives of an organisation support?
An organisation’s mission and should be consistent with risk appetite
With regards to internal reporting, why is it important?
It is vital that it is communication to the staff in a way it is easy to understand and conveys their importance
With regards to internal reporting, what impacts how staff implement controls?
Culture and overall control environment
What is vital for internal reporting?
Monitoring and feedback for recommendations and improvements