Unit 1.1 Flashcards
IA must evaluate and contribute to the improvement of the organization’s
Governance
Risk Management
Control (Control Processes)
Governance
The combination of processes and structures implemented by the board to inform, direct, manage, and monitor the activities of the organization toward the achievement of its objectives.
Risk management
A process to identify, assess, manage, and control potential events or situations to provide reasonable assurance regarding the achievement of the organization’s objectives
Control
Any action taken by management, the board, and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. Management plans, organizes, and directs the performance of sufficient actions to provide reasonable assurance that objectives and goals will be achieved
Control processes
The policies, procedures (both manual and automated), and activities that are part of a control framework, designed and operated to ensure that risks are contained within the level that an organization is willing to accept
Efficient
accurate, timely, and economical fashion
Reasonable assurance is provided if
the most cost-effective measures are taken in the design and implementation of controls to reduce risks and restrict expected deviations to a tolerable level
Princípios do modelo de 3 linhas
Governança Governing Body roles First and second line roles Third line roles Third Line independence Creating and protecting value