Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

IRM > Unit 6 > Flashcards

Unit 6 Flashcards

1
Q

The requirement of corporate governance

A

To ensure that the correct people are accountable for the decisions that an org makes, the actions it takes, and the impacts those actions have.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does corporate governance provide

A

It provides assurance that orgs are directed and controlled in a way that ensures success and sustainability, not just to protect shareholder interests, but also the interests of the other internal and external stakeholders

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

When did the FRC first publish their governance code

A

1992

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the FRC Corporate Governance Code used for

A

A benchmark for effective board operations, oversight and risk management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

When was the FRC Corporate Governance Code of 1992 updated and what is it called now

A

2018 - UK Corporate Governance Code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does the UK Corporate Governance code define corporate governance as

A

the system by which companies are directed and controlled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the main features of the UK Corporate Governance Code

A
  1. Leadership = every company should be headed by a Board which is responsible for the long term success of the company
  2. Division of responsibilities = between the leadership of the board and the exec
  3. Composition, succession and Evaluation = The board and the committee should have a combo of skills, experience and knowledge. The composition of the board should be evaluated every year
  4. Audit, risk and internal control = the board should establish procedures to manage risk, oversee the internal control framework, and determine the nature and extent of the principal risks the company is willing to take to achieving its objectives
  5. Renumeration = these policies should be designed to support the strategy and promote long term success. Should also be in line with the orgs purpose and values
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

The Wates Corporate Governance Code

A

The FRC published this in 2018 along with the updated corporate governance code. Principles developed to improve the transparency and accountability for an org’s actions and the impact those actions could have to wider stakehodlers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Materiality

A

The uk corporate governance code requires orgs to consider material controls and uncertainties.

  • Materiality refers to anything of importance regarding the finances of an org.
  • Something is material if it has the ability to affect the bottom line in a meaningful manner, or if by withholding that piece of info an investor would not be able to make an informed decision
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Unitary board structure

A

Exec and non exec directors come together on one board

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Two tier

A

Where the responsibility for supervision is separated from the responsibility for day to day operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

The three key influences over corporate governance

A

FRC
US Sarbanes Oxley Act
OECD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

NED

A

Non - exec director
These are often board members
Independent of operational activities of an org and subject matter experts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

4 key responsibilities of the CRO

A

1) Insights and context = using knowledge of internal and external influences to ensure robust rm
2) Strategy and performance = developing a RM strategy to meet organisational needs
3) RM process = managing the RM process
4) Organisational capability = developing and managing a skilled, agile and responsible risk org

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is the role of internal audit

A

Concerned with evaluating an orgs management of risk. This is done through an examination of actual business or organisational practices and controls.

Internal audit provides independent assurance on the effectiveness of the control environment and assesses the operational of the RM strategy and activities within the org.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Assurance mapping

A

A technique to identify what types/mechanisms of assurance is present in an org.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Three Lines of Defence

A

Governing body and senior management = sit above the three lines, setting strategy and objectives

First line = staff, day-ty-day management. Their primary responsibility is for managing and controlling the risks. They have responsibility for applying the rm framework

Second line = risk management and compliance functions in support of the first line. They facilitate and monitor rm practices.

Third line = providing independent assurance of the effectiveness of governance, rm and internal controls, across the first and second line. Internal audit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

External audit

A

It provides increased confidence in an orgs disclosures on sustainability by providing an independent, third party review. They consider whether the financial statements of a company provide a true and fair reflection of the org financially

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Different sources of internal risk assurance (H&T)

A

Culture measurement, audit reports, unit reports, performance of the unit documentation
Self certification of controls (CRSA) = control risk self assessment. Where local management complete a regular review that risk assurance has been achieved in that local area.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Viable future

A

Going concern. Where there are material uncertainties that could affect an orgs ability to continue as a going concern, these need to be disclosed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Longer term viability statement

A

The UK Corporate Governance code requires orgs to state whether they have a reasonable expectation that they will be able to continue in operation and meet their liabilities

22
Q

International control system definition (FRC, 2014)

A

It encompasses the policies, processes, tasks, behaviours and other aspects of a company that, taken together:
- Facilitate the effective and efficient operation by enabling it to assess current and emerging risks, respond appropriately to risks and significant control failures and to safeguard its assets
- Helps to reduce the likelihood and impact of poor judgement in decision making; risk taking that exceeds the levels agreed by the board; human error, or control processes being deliberately circumvented.
- Helps ensure the quality of internal and external reporting
- Helps ensure compliance with applicable laws and regulations, and also with internal policies with respect to the conduct of business

23
Q

What 3 things does the internal control system include

A

1) control activities
2) info and communication processes
3) processes for monitoring the continuing effectiveness of the system of internal control

24
Q

The system of internal control should:

A
  • be embedded in the operations of the company and form part of its culture
  • be capable of responding quickly to evolving risks to the business arising from factors within the company and to changes in the business environment
  • Include procedures for reporting immediately to appropriate levels of management any significant control failures or weakened together with details of corrective action
  • The system should be kept under review
25
Q

Definition of control environment

A

Can be viewed as the whole range and interaction of controls that address risks

26
Q

Definition of CoCO

A

Criteria of Control Framework
Produced by the Canadian Institute of Chartered Accountants (1995)
- Means of measuring he quality of the control enviornment within an org
- Method of providing assurance on RM and internal control

27
Q

4 components of CoCo

A

1) Purpose = understanding the purpose of the task
2) Commitment = commitment to perform the task well
3) Capability = support in the implementation of the task
4) = Monitoring and learning = monitoring of the task to learn lessons and improve

These are the essence of control

Many use CoCo as a benchmark to measure their risk culture against

28
Q

Definition of internal control (COSO Internal control cube, 2004)

A

Differentiator from other definitions = focus on the criteria of objectives

“Internal control is a process effected by the Board of directors, management and other relevant personal, designed to provide reasonable assurance regarding the achievement of the following categories of objectives: effective and efficient operations, compliance with relevant laws and regulations, reliability of financial reporting”

29
Q

Definition of internal control (CoCo)

A

Differentiator from other definitions = focus on limiting out the elements of internal control rather than the different objectives

“Internal control is all the elements of an org that support people achieving the objectives of the org, these include resources, systems, processes, culture structure and tasks”

30
Q

Definition of internal control (IIA)

A

Differentiator from other definitions =
Focus on people being either grouped together or deliberately segregated as a control

“Internal control is the set of processes, functions, activities, systems and people who are either grouped together or consciously segregated to ensure the achievement of a orgs. Objectives”

31
Q

What year was the uK Corporate Governance code published and by whom?

A

1992, Cadbury Committee

32
Q

Turnbull Report 1999

A

Update to the UK Corporate Covernance Code which provided assistance to directors of listed companies on ensuring they had effective risk management and internal control systems for the management of risks to achieve their objectives

33
Q

Definition of principal risks by the UK Corporate Governance Code

A

They should include, but are not necessarily limited to, those that could result in events or circumstances that might threaten the company’s business model, future performance, solvency or liquidity and reputation.

34
Q

Comply or explain =
Comply or sign =

A

Principles based, not mandatory
Prescriptive or rules based, regulatory required instilled into law

35
Q

Nomination committee =
Remuneration committee =
Audit committee =

A

Responsible for the appotiment of new directors and ensuring succession plans are in place

Responsible for setting exec pay

Responsible for an organisations financial reporting and reviewing the effectiveness of internal controls and risk management.

36
Q

Who and when published the 3LOD model

A

The Institute of Internal Auditors in 2013

37
Q

What is the 3LOD

A

Provides a framework for managing risk and exercising control within an organisation with associated responsibilities.

38
Q

Factors that will influences the effectives . Implementation of ERM

A

SENIOR management influence
External influences, corporate governance
Nature of the business, products and cutlure
Corporate atttitudes (previous RM expereinces)
Legacy of previous RM initiatives

39
Q

What are orgs with a risk aware culture characterised by

A

Communication founded on mutual trust and a shared perception of the importance of rm. THERE laso needs to be a sharing of confidence in the selected control measures and a commitment to adhering to the established risk control procedures

40
Q

CoCo stands for

A

The Canadian Criteria of Control framework of international control

41
Q

What are the control environments and the internal environment measures of

A

The risk culture and the level of risk awareness

42
Q

How to improve the control or internal environment

A

The level of risk maturity, the achievement of a risk aware culture and fulfilment of the LILAC criteria

43
Q

Measure of how well ERM is embedded in an org

A

FOIL / 4 NS
F = fragmented and Naive. Orgs are unaware of the need for ERM. RM activities are fragmented and focused on legal compliance
O = orgs are aware of the benefits of eRM but have only just started to implement. Organized actions are planned to coordinate rm activities. Therefore, it is at novice stage.
I = Orgs have embedded ERM into business processed but management effort still required. ERM processes are influencing processs and behaviours but not consistently. Therefore at normalised stage
L = risk aware culture. Consideration of risk is leading business decisions and thus it is a natural part of doing business

44
Q

What does coco focus heavily on

A

Maturity . If risk cutlure and risk architecture, strategy and protocols are correct then good levels of risk management and internal control will be achieved.

45
Q

Internal control summary definition

A

Level of maturity of the Organization with regard to internal control activities.

46
Q

4 approach’s to evaluate the control environment

A

LILAC, CoCo, FOIL and 4NS

47
Q

LILAC or Coco =

A

Tool to drive and measure improvements in the control environment

48
Q

FOIL and 4Ns

A

Level of success in implementing the selected framework reflected in risk maturity measured by foil and 4NS

49
Q

Coco three major objectives of controls

A

Effectiveness and efficiency of operations

Reliability of interna land external reporting

Compliance with applicable laws and regulations and internal policies

50
Q

Components of CoCo framework

A

1) Purpose = when establishing and analysis g the purpose of the org, CoCo makes it clear that the risks and opportunities facing the org should be analysed in detail. THe importance of risk assessment and organisational resilience is emphasised, together with the importance of recognising the sources and origins of risk

2) Commitment = concerned with shared ethical values, including integrity. Also concerned with human resource policies and practices and coms through out the org. Authority, responsibility and accountability are included, and an atmosphere of mutual trust

3) Capability - concerned with the fact that people should have the necessary knowledge and skills to support objective, as well as its values. Suffice en info should be identified and communication. Activity should be co ordinated and designed as a integral part of the org

4) Monitoring and learning component of COCO = conerncde with interna land external environments and that they need to be monitored to obtain info. Performance needs to be monitored against targets and indicators and assumptions behind the objectives should be challenged

Management should periodically assess the effectiveness of controls in the org and communicate results

IRM (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions