Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

P3 > SECTION A - CHAPTER 1 - 5 > Flashcards

SECTION A - CHAPTER 1 - 5 Flashcards

1
Q

What can be considered under:

Business Risk

Operational Risk

A

Business Risk

  • Product
  • Environmental
  • Stakeholder
  • Investment

Operational Risk

  • Infomation & IT
  • Waste
  • Ethics
  • Compliance
  • Fraud
  • H&S
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Risk appetite may be explicit or implicit. Explain both

A

Explicit - Formal strategies and policies

Implicit - Decisions and Actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the Risk MGMT cycle order

A
  • Establish Risk MGMT and set goals
  • Identify risky areas
  • Understand and asses scale of risk
  • Response
  • Implement strategy and responsibilities
  • Monitor
  • Review and refine
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Explain the first 3 categories of Risk MGMT Cycle

A

Establish Group - Board to set up group and allow some delegated responsibility for Risk Appetite

Identify Risk - Through brinstorming, benchmarking, scenario analysis

Understand & Assess Scale of Risk

  • Quantify - VAR, Regression, Simulation
  • Qualitative - Risk Mapping
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

When risk mapping, what are the responses

A

High Likelihood: High Severity = AVOID

High Likelihood: Low Severity = Reduce

Low Likelihood: High Severity = Transfer

Low Likelihood: Low Severity = Accept

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is under the headings:

Control Environment

Internal Control Procedures

A

CE

  • MGMT approach to risk
  • Attitudes and Culture
  • Org Structure

ICP

  • Policies and Procedures to acheive objectives
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The Board will set up a Risk MGMT Group and appoint a Risk Manager. What is their role?

A
  • Establish Risk MGMT Policies
  • Promote Risk awareness
  • Implement risk indicators and produce risk reports
  • Establish risk register
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Gross Risk and Net Risk

A

GR - Risks without mitigation

NR - Risk that remain after mgmt has taken action to mitage them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the purpose of Risk MGMT

A

To identify and evaluate risks and implement a robust and effective control system for them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

COSO stated that effective Internal Control has 5 elements. What are they?

A
  1. Control Environment - Managers attitude, actions and awareness to the need for IC
  2. Risk Assesment - Feeds directly into IC and identifies Controllable and Uncontrollable risks
  3. Control Activites - To help reduce risks. Such as Org Structure, Contracts of Employment, Policies, Discipline & Reward System and Performance review
  4. Info and Comms - Quality of info (Timely, Relevant, Understandable, Accurate)
  5. Monitoring - IA reviews
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

In COSO model, what ar ethe 4 categories of objective setting

A
  • Strategic
  • Operartional
  • Reporting
  • Compliance
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

When looking at the Benefits of taking risks we use a grid to analyise our actions. We must consider:

  • Ability to gain Competitive Advantage
  • Activity Risk

Which may be High or Low. What is the response to each?

A

High CA: Low Risk - Identify and Develop (few and far between)

High CA:High Risk- Examine carefully

Low CA:Low Risk - Routine

Low CA:High Risk - Avoid

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is Economic Risk and what heading fall within

A

Economic risk is the risk that changes in the economy might affect the busines

  • FX
  • Inflation
  • IR
  • Unemployment rates
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the ways of quantifying risks and explain

A

Sensitivity

Regression - Historical Data used to predict future volatility so new factors can be considered

Simulation - Calculate possible range of outcomes then use mean and STD Deviation for range of expected profits

Scenario Planning - Identify possible future situations and determine best ways for them to be controlled

VAR - Maximum Loss Possible in a given period of time for a given level of probability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a FWD Contract and Futures and whats the difference

A

FWD - Binding Agreement to buy or specific asset at specific price at specific date

Futures - Same as above but have STD terms of size and delivery dates

Main difference is that futures are traded on exchange and can be closed at any point

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the 3 key considerations when looking at board membership?

A
  1. Size
  2. Inside/Outside Mix - Executive and NED
  3. Diversity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are the roles of the Chairman and CEO

A

Chairman

  • Leadership for the board
  • Board receives accurate and timely info
  • Communication between S/h and Board
  • Relationshop between NED and Executives and facilitate contribution from NED
  • Inductions and In Board development
  • Meet NED seperately

CEO

  • Leadershipt to business
  • Provide data
  • Comms with Stakeholders
  • Facilitate and implement board decisions
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Explain NED’s

A
  • No managerial responsibilites
  • Consider and safeguard interest of S/H
  • Independance
  • Reduce conflicts between board and mgmt
  • Strategy - Contribute
  • Scrutiny - Performance of MGMT
  • Risk - Controls are in place and financial info is accurate
  • People - Renumeration/Audit comittee
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are the responsibilites of Audit Commitee

A
  • Review FS
  • Monitoring the adequacy of Internal Controls
  • Investigate any matters of concern
  • Review effectivness of External Audit and re-appointment
  • Discuss any major issues with external auditors
  • Review Scope and Approve Internal Audit
  • Ensure IA has sufficent resources and access to info
  • Meetign with head of IA without MGMT
  • Review IA reports and response
  • Monitor effectiveness of IA
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What should the FS contain regarding renumeration arragements

A
  • Policy
  • Details of individual directors
  • Performance conditions attached to renumeration
  • Duration of contracts, notice period and termination payments under said contracts
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What are principlies of ethics

A
  • Integrity - Straightforward and honest in all professional realtionships
  • Objectivity - Do not allow bias or conflict of interest
  • Professional competence - Knowledge and skill
  • Confidentialty
  • Professional behaviour - abide by laws and do not discredit the profession
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What are the ethical threats

A
  • Self Interest - financial or other seld interest conflict
  • Self Review
  • Advocacy - When a person promotes a postion or opinion that will subsequently compromise further objectivity
  • Familiarity
  • Intimidation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What are CIMA Steps for addressing ethical conflict

A
  • Obtain the facts
  • Identify the ethical issues involved and principles
  • Escalate initally to direct manager
  • Escalate further to managers boss, BofD (following any internal grievance or whistleblowing procedure)
  • Seek advice from CIMA
  • Report external to auditors or regulatoy body
  • Remove youself from the situation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Information strategy has 3 strategic compenants. What are they ?

A
  • ISS - identifying info requirements of biz
  • ITS - Systems needed to communicte Info
  • IMS - How it will provided to users and Databases, security and outsourcing type issues
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What is the criteria for ‘Good Information’

A
  • Accurate
  • Complete
  • Cost-benefical
  • User-Targeted
  • Relevant
  • Authoritive
  • Timley
  • Easy to use
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What are the types in Info needs at each level

A

Strategic

  • Market Share
  • Suppliers/Customers/Competition
  • Stock Market
  • Technology
  • Political & Environmental

Tactical

  • Targets/Budgets
  • Production
  • Staff/Capacity

Operational

  • Work Schedule
  • Work Force
  • Primary Activities
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What are the Information systems to support management

A

Strategic -

  • EIS(ESS) - Key internal and external info. Interactive systemm for monitoring the business

Tactical -

  • DSS: Used as an aid in making decisions
  • MIS: Convert internal and external data into structured data in summary format (breakdown of product/variances)

Operational

  • TPS: High volume data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Explain the following:

ES

ERP

SEMS

A

ES - Holds expert knowledge and allows non experts to use data for info/advice & recommendations. Computer systems that performs role of an expert

ERP - Soft to intergrate all biz activites such as financial, HR, Supply chain, Customer Info

SEMS - Assist in making high-level strategic decisions using tools such as BS and ABM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What is the order of SDLC

A
  • Feasibility study
  • System Investigation
  • Analysis
  • Design
  • System Implementation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What is a post implementation review

A

To ensure a project has delivered what it set out to do - project specific

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What is Pure Risk and Speculative Risk

A

Pure risk (downside risk) - risk involving the possibility of loss with no chance of gain

Speculative Risk (2 way risk) - Outcome may be bettwe or worse than expected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

What is risk appetite determined by

A
  • Risk Attitude
  • Risk capacity
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Give examples of the below:

Business Risk

Financial Risk

Economic Risk

Political Risk

Reglatory Risk

Compliance Risk

A

Business Risk

  • Failure of new product
  • Raw Material price increase
  • Change in public opinon on product (not company)

Financial Risk

  • FX Changes

Economic Risk

  • Disposable income falls
  • Inflation rises

Political

  • Nationalisation
  • Change of government

Reglatory

  • Gov rises corp tax

Compliance

  • Breach of data
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Define Risk Appetitie and Risk Attitude

A

Risk Appetitite - determined by risk attitude. Amount of risk biz is willing to accept

Risk Attitude - feeds into appetite - Overall approach to risk

35
Q

What are the key principles of COSO’s ERM

A
  • Consideration of risk mgmt in the contect of biz strategy
  • Creation of risk aware culture
  • Comprehensive and hollistic approah to risk mgmt
36
Q

What is included in a risk register

A
  • Probability and likelihood
  • Name of owner of risk
  • Mitigating actions
  • Impact of risk
  • Residual Risk
37
Q

What are the 5 integrated elements of an effective Internal control system according to COSO

A
  1. Control Environment - Managers attitude, actions and awareness to the need for IC
  2. Risk Assesment - Feeds directly into IC and identifies Controllable and Uncontrollable risks both Internal and External
  3. Control Activites - To help reduce risks. Such as Org Structure, Contracts of Employment, Policies, Discipline & Reward System and Performance review
  4. Info and Comms - Quality of info (Timely, Relevant, Understandable, Accurate)
  5. Monitoring - IA reviews
38
Q

What are 3 of the benfits of a CSR programme

A
  • Reduced risk of Gov intervention
  • Ability to attract higher calibre staff
  • Improved reputation
39
Q

What are the benefits of an effective ERM

A
  • Focus on important risks
  • Reduced cost of finance through MGMT of risk
  • Commmon language of Risk MGMT understood by whole organisation
  • Investor confidence
  • Enhanced decision making
40
Q

How should Fraud Risk be managed

A
  • Prevention - Oppurtunity to commit fraud are minimised
  • Detection and Deterrence - By a company detecting fraud after it has occured may deterr staff to commit it in the first place
  • Response
41
Q

What is Malfeasance Risk

A

Doing wrong or committing an offense

It is like a Fraud Risk and is a type of Operational Risk

Deliberately making false representation on product

Commiting an offence such as not complying to regulatory requirements

It should be controlled by internal controls

42
Q

What types of Risk are there with International Ops

A
  • Culture
  • Litigation - Overseas MGMT may not understand the legislation as much
  • Credit
  • Items in transit
  • Financial risks
43
Q

What are the principles of Internal Controls

A
  • Safeguard Assets
  • Adherence to controls
  • Prevention and detection of fraud
  • Completeness of Accounting records
  • Timely preperation of financial info
44
Q

Who has responsibiites in Internal Controls

A
  • BoD sets policies and overall responsibility
  • All employees have some responsibility for Internal Controls
45
Q

What are the Elements of Internal Conrols

A
  • Facilitate effective and efficent op’s
  • Help ensure quality of internal/external reporting
  • Compliance with Laws and Reg
  • Be able to respond quickly to changes
46
Q

What are the 3 key features under Turnball guidance to Sound IC System

A
  • IC’s are Embedded within Op’s and not treated as seperate task
  • IC’s are capable of Responding Quickly to chnage in biz environment
  • IC’s includes Procedures for reporting control failings and weakness
47
Q

Examples of Organisational Control are?

A
  • Segregation of Duty - (can have the element of spotting unintentional mistakes)
  • Physical Control - protect physcial assets
  • Authorisation and Approval - Incl. authroisation Limits
  • MGMT Control
  • Supervision
  • Organisation - Controls provided by the Org Structure
  • Accounting
  • Personnel Controls
48
Q

What are the 4 types of controls for info systems

A
  1. General - Appropriate use of system and data
  2. Application - Designe dfor each individual application with aim to prevent, detect and correct errors
  3. Software - Correct software approved and used
  4. Network
49
Q

Under Application Controls what are the 3 categories

A
  1. Input - Manually checking, pre-numbered forms, batch control
  2. Processing - Verification and validation. Error detection
  3. Output - Control Logs, Physcial check
50
Q

What are the 6 stages of SDLC

A
  1. Planning - PID, Quality Plan, Budget, Work breakdown structure
  2. Analysis - of the current issues through interviews and feedback
  3. Design - Prototyping
  4. Development - which has been agreed upon
  5. Implement - Training, Flie conversion, documentation, testing
  6. Review - Post completion audit/Review quality, cost, timescale
51
Q

System development risks are high risk and mainly fail due to what reasons:

A
  • Cost to build and maintain are higher tahn expected
  • Do not satisfy end needs
  • Do not provide the data that was needed
  • Designed and programmed incorrectly
52
Q

What are the types of changeovers

A
  • Pilot - One part of biz at a time (of which they could be using direct or parallel) Once teething problems sorted then introduce across the biz bearing in mind different users have different issues
  • Direct - High risk. Appropriate if the two systems are very different or too expensive to run both
  • Parallel - Expensive but less risky
  • Phased - differes from Pilot on the fact that its implemented slowly across different parts of the biz. very time consuming - less risky
53
Q

Upon implementing a new info system what process come after testing, training and producing documentation

A
  • File conversion then;
  • Database creation;
  • Changover/Implementation;
  • Review
  • Maintence
54
Q

What is a CSF and a KPI

A

CSF - Something that must go right for biz to achieve its objectives

KPI - is an obejective stated in such a way that progress towards a CSF can be measured (SMART)

55
Q

Information strategy has 3 strategic compenants. What are they ?

A
  • ISS - identifying info requirements of biz
    • Info is acquired, retained, shared and made available
  • ITS - Systems needed to communicte Info
    • Hardware and software
  • IMS - MGMT of info gathered and how it used and accessed
    • Use of databases
    • Data warehousing/Data secruity
    • Archiving
  • IM is also concerned with:
    • Planning (IS & IT strategy are linked)
    • Org (Centralisation and De-Centralisation/Steering committes/IT Reporting)
    • Control (KPI)
    • Technology (managing IT priorities)
56
Q

What are the risks of Big Data

A
  • Skills needed to use big data
  • Fast changing systems
  • Security of data
  • Over use - not everything should be measured
  • Change in biz culture to use BD
57
Q

What is Big Data and what is it useful for

A

BD is large volumes of data beyond the normal processing, storage and analysis capacity of typical databases

Useful for:

  • Competitive Advantage
  • Driving innovation
  • Improving productivity
58
Q

What is data mining?

A

Processing and analyising data from different prospectives into useful information

59
Q

Adv and DisAdv of data warehousing

A

Adv

  • Lower volumes of data held and therefore lower costs
  • Easy to amend data and only 1 piece of data needs to be amended
  • User are confident of up to date data
  • Data MGMT is improved and controls
  • Consistency with decision making

DisAdv

  • New Hardware/Software
  • Training
  • Data needs to be ‘cleansed’ first - so expensive and time consuming
  • Back up essential for consistency
60
Q

What are the kep features of Data Warehouse

A
  • Data stored centrally
  • Local branches only store applications to use data
  • Effective to set up EIS and ERP systems
  • Internal and external source
61
Q

What is the structure of a Steering Committee

A
  • Chair (member of board)
  • Senior managers (Key IT user depts)
  • Senior IT Staff (Provide techincl input)
  • Senior finance manager (Appraisals costs/benefits
62
Q

What is the purpose of Steering Committee

A
  • Plan/Monitor & Control ISS/IMS/ITS
  • Identify and analyise IS/IT risks
  • Consider competitive issues raised by IT
  • IT/IS achieve objectives
  • Resource and IT funding decisions (and are effective)
  • Plan for future developments
  • Provide leadership for management of IT
  • Approve terms of reference for new IT project teams and developments
  • Monitor
63
Q

Explain what is meant by:

Cost Benefit Analysis

Net Value of Information

A

CBA - used to assess the costs and benefits of a system/project and justify

NVI - Difference in the value of system/project with and without info less any costs of obtaining that info

64
Q

Explain the following:

ES

ERP

SEMS

A

ES - Holds expert knowledge an dallows non experts to use data for info/advice & recommendations. Computer systems that performs role of an expert

ERP - Soft to intergrate all biz activites such as financial, HR, Supply chain, Customer Info

SEMS - Assist in making high-level strategic decisions using tools such as BS and ABM

65
Q

What are the Information systems to support management

A

Strategic -

EIS(ESS) - Key internal and external info. Interactive system for monitoring the business

Tactical -

DSS: Used as an aid in making decisions

MIS: Convert internal and external data into structured data in summary format (breakdown of product/variances)

Operational

TPS: High volume data

66
Q

What are the types in Info needs at each level

A

Strategic

  • Market Share
  • Suppliers/Customers/Competition
  • Stock Market
  • Technology
  • Political & Environmental

Tactical

  • Targets/Budgets
  • Production
  • Staff/Capacity

Operational

  • Work Schedule
  • Work Force
  • Primary Activities
67
Q

What are benefits of Info Strategy

A
  • Competitive Advantage
  • Costly so needs monitoring
  • Goal congruence
  • Affects all levels of staff
  • Developments in IT can be exploited
68
Q

What are some of the key objectives of IMS

A
  • IMS may help eliminate data duplication
  • ISS and ITS are integrated into strategic plams
  • IT Organisation - (De)Centalisation, Policies and Procedures of IT managers, Education and Training
  • Control - Performance monitoring of IT systems and costs
  • Technology - Managing priorities of IT Strategy
69
Q

What falls under Economic Risk

A

Anything that is external to the business

  • Inflation
  • Unelployment
  • International Trade
  • Fiscal policy
70
Q

What are the types of Financial Risk

A
  • FX
  • Int Rates
  • Gearing
  • Credit Rating risk
71
Q

What are the differences between the view of Risk MGMT

Tradtional

New Approach

A

Traditional = Protecting Org through conformance (avoiding downside)

New Approach (performance) - Taking advantage of O&T to increase overall returns (Adv of upside risk)

72
Q

What are some of the ways of Risk Identification

A
  • Brainstorming
  • External Advisors
  • Pest/SWOT
  • IA
  • Interviews/Questionnaires
73
Q

What shoudl be included in Risk Report which now forms part of the UK annual reports

A
  • Systematic review of risk forecast (at least annually)
  • Review of risk strategy and response to significatant risks only
  • Monitoring and feedback loop on significant risks only
  • System to provide early warning to business circumstances
  • IA as part of monitoring and info gathering
74
Q

What can Lean MA involve

A
  • Reduced cost centres
  • Elimination of variances
  • Reduction in labour utilistion reports
  • Fewer inventory counts (but depends on how much inventory is needed on various products)
75
Q

Purpose of steering comittee is to do what?

A
  • Consider competitive issues raise dby IT
  • Plan for new systems
  • Project achives objectives
76
Q

What are some examples of system development controls

A
  • System Training
  • System documentation
  • Formal approval of system design
77
Q

What are the 3 main reasons for disclosing commercially sensitive info to 3rd party

A
  • Required by Law
  • Professional duty or right to disclose
  • Permitted by law and approved by client
78
Q

What are the benefits of corporate governance

A
  • Access to capital markets
  • Stimulation of performance
  • Marketability
79
Q

What are the responsibilities of renumeration committee

A
  • Pay for Exec Directors
  • Pay for Chairman
  • Pay for Snr Managers
80
Q

Data Protection has 8 princilples. What are they?

A
  • Personal data should be accurate nad kept up to date
  • a person is entitled to access and have data corrected and erased
  • Data shall ne held and used for specified purposes only
  • Data should not be excessive
  • Data shall not be disclosed in a wrong manner
  • Data should not be kept for longer than needed
  • Data shoudl be obtained and processed fairly and lawfully
81
Q

What are the 3 alternatives names for controls in IS

A
  • Security - prevention of unauthroised data
  • Integrity - data is accurate
  • Contingency - if above fails, there is back up
82
Q

What are the 4 controls over IS

A
  • General = Passwords/Training/Supervision
  • Application - Data is accurate - Input.Process.Output
  • Software
  • Network
83
Q

What are the 4 sources of CSF

A
  1. Industry you work in
  2. C/o itself and situation within industry
  3. Environment
  4. Short term Org factors (too little or too mcuh inventory) things that need immiedate attention to continue

P3 (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions