Section I

Question 1

Corporate values

Answer 1

An organization’s standards of behavior

Question 2

Compliance

Answer 2

The conformity and adherence to policies, plans, procedures, laws, contracts, regulations, or other requirements.

Question 3

Governance

Answer 3

The combination of processes and structures implemented by the board in order to inform, direct, manage, and monitor the activities of he organization toward the achievement objectives.

Starts at the top with the Board of Directors.

Question 4

Internal Audit activity

Answer 4

A department, division, team of consultants, or other practitioners that provide independent, objective assurance and consulting services designed to add value and improve the organization’s operations.

Question 5

What aspects of the organization’sgovernance initiatives overlap?

Answer 5

1. Compliance with legal or regulatory requirements
2. Internal control assessment and reporting
3. Enterprise risk management
4. Quality initiatives (i.e., continuous improvement)
5. Transparency and disclosure
6. Governance structure and processes

Question 6

Risk appetite

Answer 6

A set of policies and performance indicators to measure willingness to take on risk or avoid risk.

Question 7

Enterprise risk management

Answer 7

A structured, consistent, and continuous process across the whole organization for identifying, assessing, deciding on responses to, and reporting on opportunities and threats that affect the achievement of its objectives.

i.e., assesses organizational risk and mitigation strategies

Question 8

Who is responsible for establishing and maintaining the organization’s governance processes and obtaining assurances concerning the effectiveness of the risk management and control processes?

Answer 8

The board of directors

Question 9

Internal auditor

Answer 9

An independent, objective assurance and consulting activity designed to add value and improve an organization’s operations; brings a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.

Question 10

Key organizational governance responsibilities and activities of the Board of Directors

Answer 10

• establishes the ‘tone at the top’ and serves as the focal point for all governance activities (t)
• implements governance best practices (b)
• oversees organizational activities (doesn’t manage them) (o)
• assumes ultimate accountability and responsibility for the performance and affairs of the organization, effective risk management practices, and setting the risk appetite. (A)

AT BO

Question 11

Key organizational governance responsibilities and activities of senior management

Answer 11

• sets strategic decisions and establishes an entity’s value system
• provides assurance that risks are managed as part of the risk management process, operations are monitored, results are measured, and corrective actions are implemented in a timely manner.

Question 12

Key organizational governance responsibilities and activities of operations management

Answer 12

• deploys strategy, enforces internal controls, and provides direct supervision for areas under its control
• is accountable to executive management, and ultimately to then board, for implementing and monitoring risks management process and establishing effective and appropriate internal control systems.

Question 13

Key organizational governance responsibilities and activities of the internal auditors

Answer 13

• perform independent and objective assessments to provide assurance that governance structures and processes are designed properly and are operating effectively.
• provide advice on potential improvements to governance structures and processes
• coordinate their work with the external auditors to maximize efficiencies and avoid duplication of efforts.

Question 14

Key organizational governance responsibilities and activities of the external auditors

Answer 14

• provide independent assurance on the financial statement preparation and reporting activities, in accordance with applicable regulations and accounting principles.
• coordinate their work with that of the internal auditors to maximize efficiencies and avoid duplication of efforts.

Question 15

Financial Modernization Act of 1999

Answer 15

• aka Gramm-Leach-Bliley Act
• protect customer’s personal financial information held by financial institutions
• governs the collection and distribution of customer’s financial information
• requires institutions to protect customer financial data

Question 16

Health Insurance Portability and Accountability Act (HIPAA)

Answer 16

• addresses the security and privacy of health data.
• provides customers rights over the disclosure of their medical data
• provisions for secure transmission of electronic patient and medical data (oral and paper information)
• allows patients to easily obtain and correct medical records.
• restricts how employers use health-related information during interviews

Question 17

Freedom of Information Act (FOIA)

Answer 17

• establishes public’s right to obtain information from federal government agencies (not congress, courts, or local government agencies)
• allows any person to file a FOIA request
• allows agencies to withhold information pursuant to nine exemptions and three exclusions

Question 18

Children Online Privacy Protection Act of 1998

Answer 18

• gives parents control over what information is collected from their children by operators of commercial websites
• requires websites that knowingly collect data on children under the age of 13 to first obtain verifiable parental consent
• requires operators to lot a privacy policy on the homepage of the website and link to the privacy policy on every page where personal information is collected.

Question 19

Stakeholders to CSRs

Answer 19

Employees and their families
Environment
Neighboring communities
Shareholders
Customers
Suppliers

Question 20

Elements of the CSR

Answer 20

Governance
Environment
Ethics
Community involvement
Health, safety, and security
Transparency
Working conditions and human rights