Chapter 6 - Introduction to Internal Control Systems and Risk Management

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

6 control activities

(1) a good audit trail (2) sound personnel and practices (3) separation of duties (4) physical promotion of assets (5) internal review of controls by internal audit system (6) timely performance reports

3 types of controls

(1) preventative (2) detective (3) corrective

The 4 objectives of the internal control system

(1) to safeguard assets (2) to check the accuracy and reliability of accounting data (3) to promote operational efficiency (4) to encourage adherence to prescribed managerial policies

The 5 Components of Internal Control

1. Control Environment 2. Risk Assessment 3. Control Activities 4. Information and Communication 5. Monitoring

5 Components of Enterprise Risk Management

1. Risk governance and culture 2. Risk, strategy and objective-setting 3. Risk in execution 4. Risk information, communication, and reporting 5. Monitoring enterprise risk management and performance

2013 COSO Report

Added to Five Components of Internal Control - Improve governance - Use framework beyond financial reporting - Improve quality of risk assessment - Strengthen anti-fraud efforts - Adapt controls to changing business requirements

COSO

Committee of Sponsoring Organizations of the Treadway Commission

An internal system should consist of 5 components. Which of the following is not one of those five components? A). The control environment B). Risk assessment C). Monitoring D). Performance Evaluation

D. Performance Evaluation

Section 404 of SOX

Requires that company management document and assess the effectiveness of all internal control processes that can affect financial reporting. Company auditors express an opinion on whether management's assessment of the effectiveness of internal controls is fairly stated.

Control Activities

The policies and procedures that help ensure that management's directives are carried out.

Enterprise Risk Management (ERM)

a comprehensive risk management program that addresses the organization's pure, speculative, strategic, and operational risks

According to COSO 2013 it is clear that internal control is:

a process, is goal-oriented, is effected by people, can only provide reasonable assurance, and is applied at any and all levels of the enterprise

Which of the following is not one of the components of the 2017 COSCO Enterprise Risk Management: Aligning Risk with Strategy and Performance Framework: A). Risk and Compliance B). Risk, Strategy, and Objective-Setting C). Monitoring Enterprise Risk Management Performance D). Risk in Execution

a. Risk and Compliance

Which of the following would a manager most likely use to organize and evaluate corporate governance structure? A). The 2013 COSCO Internal Control - Integrated Framework B). The 2017 COSCO Enterprise Risk Management - Aligning Risk with Strategy and Performance Framework C). The Sarbanes-Oxley Act of 2002 D). COBIT

a. The 2013 COSCO Internal Control - Integrated Framework

This term describes the policies, plans, and procedures implemented by a firm to protect the assets of the organization. A). internal control B). SAS No. 94 C). Risk assessment D). Monitoring

a. internal control

COSCO recommends that firms ____ to determine whether they should implement a specific control. A). use cost-benefit analysis B). conduct a risk assessment C). Consult with internal auditors D). identify objectives

a. use cost-benefit analysis

Which of the following is not one of the 3 additional components that was added in the 2004 COSCO Enterprise Risk Management - Integrated Framework? A). objective setting B). risk assessment C). event identification D). risk response

b. Risk Assessment

Which of the following would a manager most likely use for risk assessment across the organization? A). The 2013 COSCO Internal Control - Integrated Framework B). The 2017 COSCO Enterprise Risk Management - Aligning Risk with Strategy and Performance Framework C). The Sarbanes-Oxley Act of 2002 D). COBIT

b. The 2017 COSCO Enterprise Risk Management - Aligning Risk with Strategy and Performance Framework

Segregation of duties is a fundamental concept in an effective system of internal control. But, the internal auditor must be aware that this safeguard can be compromised through: A). lack of training of employees B). collusion among employees C). irregular employee reviews D). absence of internal auditing

b. collusion among employees

Which of the following is not one of the four objectives of an internal control system? A). safeguard assets B). promote firm profitability C). promote operational efficiency D). encourage employees to follow managerial policies

b. promote firm profitability

Section 404 affirms that management is responsible for establishing and maintaining an adequate internal control structure. This section may be found in which of the following? A). The 2013 COSCO Internal Control - Integrated Framework B). The 2017 COSCO Enterprise Risk Management - Aligning Risk with Strategy and Performance Framework C). The Sarbanes-Oxley Act of 2002 D). COBIT

c. The Sarbanes-Oxley Act of 2002

Which of these is not one of the three major types of controls? A). preventative B). corrective C). objective D). detective

c. objective

Which of the following forms of audit is most likely to involve a review of an entity's performance of specific activities in comparison to organizational specific objectives? A). information system audit B). financial audit C). operational audit D). compliance audit

c. operational audit

Separation of duties is an important control activity. If possible, managers should assign which of the following three functions to different employees? A). analysis, authorizing, transactions B). custody, monitoring, detecting C). recording, authorizing, custody D). analysis, recording, transactions

c. recording, authorizing, custody

Statement on Auditing Standards (SAS) No. 94

cautions external auditors that internal controls are both manual and automated

When management of the sales department has the opportunity to override the system of internal controls of the accounting department, a weakness exists in A). risk management B). information and communication C). monitoring D). the control environments

d. the control environments

1992 COSO Report

established a common definition of internal control and a standard to assess internal control systems so that they can be improved if needed

Internal Control System

system consisting of the policies and procedures managers use to: protect assets promote efficient operations ensure reliable accounting urge adherence to company policies.

Corporate Governance

the system of governing a company so that the interests of corporate owners and other stakeholders are protected

risk assessment

to identify the organizational risks, analyze their potential in terms of costs and likelihood of occurrence and implement only those controls whose projected benefits outweigh their costs


Kaugnay na mga set ng pag-aaral

Nursing 3290 ATI Knowledge and Clinical Judgement

View Set

Chapter 28: Drugs Used to Treat Heart Failure

View Set

GEO101 Exam 2 Terms & Practice Questions

View Set