Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Massey Subjects > Topic 1.5 Control In Accounting Information Systems > Flashcards

Topic 1.5 Control In Accounting Information Systems Flashcards

1
Q

Why is control needed?

A

So that we can avoid or try to overcome the threat and it’s financial burden

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Why do threats incur?

A

Even if there are certain guidelines to follow people still make mistakes and errors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the exposure or impact of threat?

A

The potential dollar loss should a particular threat become a reality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Primary objective of an AIS

A

Is to control the organisation so the organisation can achieve its objectives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is internal control?

A

Presses implemented to provide assurance that the following objectives are achieved:

  • safeguard assets
  • maintain sufficient records
  • provide accurate and reliable information
  • prepare financial reports according to established criteria
  • promote and improve operational efficiency
  • encourage adherence with management policies
  • comply with laws and regulations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Functions of internal control

A

Prevention controls
- deter problems from occurring

Detective controls
- discover problems that are not prevented

Corrective controls
- identify and correct problems; correct and recover from the problems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the categories of internal control

A

General

  • looking at internal control environment and does it have internal controls e.g does it have proper software
  • over IC system and processes

Application

  • transactions are processed correctly
  • ensure accuracy that all transaction are taking place in the right way
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are the four levers of control

A
  • belief system : what is the overall mission you want to pass down to your employees
  • boundary system : get the job done however you want but still in the belief of the company
  • diagnostic control system : where the firm makes a goal for each employee and then end of the year see if they meet it
  • interactive control system : face to face meetings with others to listen to others ideas
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the Serious Fraud Office (SFO)

A

Established in 1990 in response to the collapse of financial markets in New Zealand at the time. Only covers very serious fraud
SFO operates 3 investigative teams
- Evaluation and intelligence
- Financial Markets & Corporate Fraud
- Fraud & Corruption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the Financial Markets Authority (FMA)

A

Was established in 2011 in response to the need to address failures in the financial markets, made evident from the global financial crisis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Sarbanes-Oxley Acts (SOX)

A

Is the legislation passed in 2002 applies to publicly help companies and their auditors to

  • Prevent financial statement fraud
  • financial report transparent
  • protect investors
  • strengthen internal controls
  • punish executives who perpetrate fraud
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the control frameworks

A
  • COBIT (control objective for information and related technology)
    • framework of IT control
  • COSO (committee of Sponsoring Organisation)
    • framework for enterprise internal controls (control based approach)
  • COSO-ERM ( enterprise risk management)
    • expands COSO framework taking a risk- based approach
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is COBIT framework and its principles

A

It is a control framework

Current version is COBIT5

Based on the following principle:

  • meeting stakeholders needs
  • covering the enterprise end to end ( links all departments together e.g production to sales)
  • applying a single, integrated framework
  • enabling a holistic approach
  • separating governance and management
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What to management do in IT?

A

Plan
- APO

Build
-BAI

Run
-DSS

Monitor
-MEA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What do governance do in IT

A

Direct
Evaluate
Monitor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the components of COSO and COSO-ERM

A

COSO

  • control (internal) environment
  • Risk Assessment
  • Control Activities
  • Information and communication
  • Monitoring
COSO-ERM
The same as above but also
- Objective setting
- Event Identification
- Risk Response
17
Q

What is the difference between COSO and COSO-REM

A

COSO is more of an overview of control. More general

COSO-ERM Is more in depth

18
Q

In relation to COSO-ERM what does it he principle internal environment cover

A
  • The culture of the business
  • management’s philosophy, mission or vision. Operating style and risk appetite
  • commitment to integrity, ethical values and competence
  • internal control oversight board of directors
  • organising structure
  • methods of assigning authority and responsibility
  • human resource standards
19
Q

In relation to COSO-ERM what does the principle objective setting cover?

A

Strategic objective
- high level goals e.g the missions or 5 year goals

Operations objectives
- effectiveness and efficiency of operations e.g how to allocate resources so each department can work efficiently

Reporting objectives
- improve decision making and monitor performance e.g financial statements have to be accurate and complete

Compliance objectives
- compliance with applicable laws and regulations

Compliance

20
Q

In relation to COSO-ERM what does the principle event identification cover?

A

Identify incidents or events both internal and external that could affect the achievement of the organisation’s objectives

Key questions to ask

  • what could go wrong
  • how can it go wrong
  • what is the potential harm
  • what can be done
21
Q

In relation to COSO-ERM what does the principle risk assessment?

A

This is assessed from two perspectives

Likelihood
- probability that the event will occur

Impact
- estimate potential loss if the event happens

Types of risk

Inherent
- risk that exists before the plans are made to control e.g possibly that somebody will steal cash or assets

Residual
- risk that is left over after you control the risk

22
Q

In relation to COSO-ERM what does the principle risk response?

A

The four responses

Reduce
-implement effective internal control e.g get employees training

Accept
-do nothing, accept likelihood and impact of risk e.g if it’s out of your control or you can afford to do anything about the risk

Share
- buy insurance, outsource, or hedge e.g have insurance in case there is a flood you are covered

Avoid
- do not engage in the activity e.g close branch if it’s not going well

23
Q

In relation to COSO-ERM what does the principle control activities cover?

A
  • proper authorisation of transactions and activities
  • segregation of duties
  • project development and acquisition controls
  • change management controls
  • design and use of documents and records
  • safeguarding assets, records, and data
  • independent checks on performance
24
Q

In relation to COSO-ERM what does the principle monitoring cover?

A
  • perform internal control evaluations
  • implement effective supervision
  • employ computer security officer
  • engage forensic specialists
  • install fraud detection software
  • implement fraud hotline

Massey Subjects (12 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions