Module 1 BEC Exam
What are the fines for violating ERISA as an entity?
$500,000
Any issuer periodic report which contains financial statements must include what certifications?
- A written statement that the periodic report fully complies with the SEC Act of 1934 - A written statement that the information contained in the report fairly presents, in all material respects, the financial condition and operating results of the issuer - The written statements above must be signed by the CEO & CFO
What are the enhanced financial disclosures required by the Sarbanes-Oxley Act?
- All material correcting adjustments identified by the auditor should be reflected in the financial statements - The financial statements should disclose all material off-balance sheet transaction (operating leases, contingent obligations, relationships with unconsolidated subsidiaries) - Use of special-purpose entities
What do the CEO and CFO have to sign off on for disclosures?
- All significant deficiencies and material weaknesses in the design or operation of internal controls which might adversely affect the financial statements - Any fraud (regardless of materiality) that involves management or any other employee with a significant role in internal controls - Represent whether there have been any significant changes to internal controls
Reporting on culture seeks to measure and provide feedback on behavior and attitudes and these types of reports can be embodied by?
- Analytics of cultural trends - Benchmarking to other entities and standards - Compensation schemes and potential influence on decision making - Lessons learned analysis - Reviews of behavioral trends - Surveys of risk attitudes and risk awareness
When are filing statements made by management and principal stockholders?
- At the time of registration - When the person achieves 10% ownership - If there has been a change in ownership
What are the requirements of the audit committee?
- Audit committee members are to be members of the issuer's board of directors but are to otherwise be independent. - Audit committee members may not accept compensation from the issuer for consulting or advisory services - Members may not be an affiliated person of the issuer (Affiliation means a person having the ability to influence finance decisions)
If an accounting restatement is made due to material noncompliance with any financial reporting requirement securities laws, what reimbursements must the CFO and CEO make?
- Bonuses or incentive-based or equity-based compensation - Gains on sale of securities during that 12-month period
If the CEO or CFO knowingly certifies the periodic financial report and its content knowing that it does not satisfy all the requirements shell be fined/imprisoned for how long?
- Certifies any statement knowing that it does not comply with all requirements will be fined not more than one million and imprisoned for not more than 10 years - willfully certifies any statement knowing that it does not comply with all requirements will be fined no more than five million and or imprinted no more than 20 years
What standards does the code of ethics for senior officers include?
- Honest and ethical conduct (including handling of conflicts of interest) - Full, Fair, Accurate, and Timely disclosures in period financial reports - Compliance with laws, rules, and regulation
What does the CEO and CFO sign off for internal controls?
- Internal controls have been designed to ensure that material information has been made available - Internal controls have been evaluated for effectiveness as of a date within 90 days prior to the report - Their report includes their conclusions to the effectiveness of internal controls based on their evaluation
What is the code of conduct for senior officers?
- Issuers must disclose whether the issuer has adopted a code of conduct for senior officers (CEO, CFO, controller and chief accountant). If no code of conduct has been adopted , the issuer must disclose the reasons. - Changes to or waivers from the code must be reported on a Form-8-k
What are the factors human resources professionals take into account when hiring an individual?
- Knowledge, skills, and experience - Nature and degree of judgement and limitations of authority to be applied to a specific person - The costs and benefit of different skill levels and experience
What compensatory damages may a former employee be rewarded if they were wrongfully fired for exposing fraud?
- Reinstatement with the same seniority status that the employee would have had - Back pay with interest - Compensation for any special damages asa result of discrimination including litigation costs, expert witness fees, and reasonable attorney fees
How does someone qualify as a financial expert?
- Through education, past experience as a public accountant, or past experience as a principal financial officer, controller, or principal account officer for an issuer - Understanding of GAAP - Experience in the preparation or auditing of financial statement for comparable issuers - Application of GAAP - Experience in internal controls - Understanding the audit committee functions
What does the CEO and CFO have to sign off on for the annual and quarterly report?
-They have reviewed the report -The report does not contain untrue statement or omit material information -The finical statements fairly present in all material respects the financial condition and results of operation of the issuer
How is the net transaction exposure netted?
1. Accumulate the inflows (exports/AR) and outflows (AP/imports) of foreign currencies by subsidiary 2. Consolidate the effects on the subsidiary by currency type 3. Compute the net effect in total
What three considerations support effective data management?
1. Data and information governance promotes standardization of high-quality data 2. Processes and controls promote reliability 3. Data management architecture refers to the fundamental design of the technology. Design is driven by value defined by management's needs
How can a company reduce economic exposure?
1. Decrease in sales - a company fearful of a depreciating foreign currency used by a foreign subsidiary may elect to reduce foreign sales to preserve cash flows 2. Increases in expenses - a company anticipating depreciating foreign currency may elect to increase reliance on those suppliers to take advantage of paying for raw materials or supples with cheaper currency
What are the two factors in translation exposure?
1. Degree of foreign involvement 2. Locations of foreign investments
What does risk and return depend on?
1. Market conditions 2. Risk preferences of the parties involved
What are the premiums included in the required rate of return (4)?
1. Maturity risk premium 2. Purchasing power or inflation premium 3. Liquidity risk premium 4. Default risk premium
What are the three objective of the Integrated Framework (ORC) ?
1. Operating 2. Reporting 3. Compliance
How do you measure transaction exposure?
1. Project foreign currency inflows (ARs) and foreign currency outflows (APS)/ Calculate the net asset or liability in that currency 2. Estimate the variability risk associated with the foreign currency
What are the three risk preferences?
1. Risk indifferent behavior 2. Risk-averse 3. Risk-seeking
How many principles does ERM have?
20
When was the Sarbanes-Oxley Act passed?
2002
How do you use a currency option hedge for payables?
A call option (an option to buy) is the currency option hedge used to mitigate the transaction exposure associated with exchange rate risk for payables. Similar to futures contract or forward contract, the business plans to buy a foreign currency at a low rate in anticipation of the foreign currency strengthening in comparison to the domestic currency in order to ensure that it can settle its liability at the predicted time
What is the definition of portfolio view?
A composite view of risk the entity faces which positions management and the board to consider the types, severity, and interdependencies of risk and how they may affect the entity's performance relative to its strategy and business objectives (holistic view/ parent view)
What is the definition of risk profile?
A composite view of the risk assumed at a particular level of the entity or aspect of the business that positions management to consider the types, severity, and interdependencies of risk and how they may affect performance relative to the strategy and business objective (type of severity interdependence ranging from product line, geography, customers)
What are the penalties for violating ERISA as an individual?
A fine of no more than $100,000 and not more than 10 years in prison
How can a forward contract mitigate transaction exposure for accounts payable?
A forward hedge contract to buy the foreign currency at a specific price at the time accounts payable are due for an entire subsidiary will mitigate the risk of a weakening domestic currency
How do you mitigate transaction exposure with a forward hedge?
A forward hedge is similar to a futures hedge in that it entitles its holder to either purchase or sell currency units of an identified currency for a negotiated price at a future point. Although futures hedges tend to be used for smaller transactions, forward hedges are contracts between businesses and commercial banks and normally are larger transactions. Although a futures hedge might hedge a particular transaction, a forward hedge would anticipate a company's needs to either buy or sell a foreign currency at a particular point. (Private OTC)
How do money market hedge receivables work?
A money market hedge used for receivables denominated in foreign currencies effectively involves factoring receivables with foreign bank loans. Foreign currency amounts are borrowed in discounted amounts that are repaid in the ultimate maturity value of the receivable denominated in the foreign currency. Borrowed foreign currency amounts are converted into the domestic currency.
How can a currency option for receivables be used to mitigate transaction exposure?
A put option (an option to sell) is the currency option hedge used to mitigate the transaction exposure associated with exchange rate risk for receivables
What is ERM depicted as?
A series of sequential yet intertwined components that drive an organization toward enhanced value
All of the following penalties under the Sarbanes-Oxley Act are correct, except a maximum imprisonment of: A. 10 years for altering a document with the intent to influence an investigation B. 10 years for an auditor failing to retain work papers for 7 years C. 20 years for the willful certification of a statement knowing that it fails to comply with SEC requirements D. 10 years for retaliating against an informant (whistle-blower)
A. 10 years for altering a document with the intent to influence an investigation
According to the Sarbanes-Oxley Act of 2002, anyone who knowingly alters, destroys, covers up, or makes a false entry in any record or document with the intent to obstruct or influences the investigation of any matter within the jurisdiction of any department or agency of the United States may be fined and/or imprisoned for up to: A. 20 years B. 5 years C. 15 years D. 10 years
A. 20 years
An internal auditor is considering a client's organizational structure as it affects the ethical climate established by company management. Each of the following considerations is valid in this regard, except: A. A company that is highly centralized will have a more diverse ethical culture than a company that is decentralized B. A highly structured organization with formal reporting lines may be appropriate regardless of entity size C. A decentralized environment may increase the risk that unethical decisions could be made by unit managers D. The appropriateness of an entity's organizational structure depends in part on the nature of its activities
A. A company that is highly centralized will have a more diverse ethical culture than a company that is decentralized
Each of the following financial instruments is a derivative, except: A. A fixed interest, five year note payable B. A contract to purchase a commodity in six months at a price determined today C. An agreement to buy a piece of equipment in six months at a price determined today D. Interest rate futures
A. A fixed interest, five year note payable
According to COSO, the position or internal entity that is best suited, as part of the enterprise risk management process, to devise and execute risk procedures for a particular department is: A. A manager within the department B. The internal audit department C. The chief executive officer D. The audit committee
A. A manager within the department
A manufacturer actively monitors a foreign country's political events whenever a supply chain disruption occurs within the country that exceeds 90 days. According to the COSO enterprise risk management principles, the manufacturer is following which of the following risk-response strategies? A. Accept B. Reduce C. Avoid D. Share
A. Accept
The concept of inherent risk is closely tied to which of the following risk responses? A. Acceptance B. Reduction C. Sharing D. Avoidance
A. Acceptance
According to COSO, the proper tone at the top helps a company to do each of the following, except: A. Adhere to fiscal budgets and goals as outlined by the internal audit committee and board of directors B. Promote a willingness to seek assistance and report problems before it is too late for corrective action C. Create a compliance-supporting culture that is committed to enterprise risk management D. Navigate gray areas where no specific compliance rules or guidelines exist
A. Adhere to fiscal budgets and goals as outlined by the internal audit committee and board of directors
Which of the following sets of duties would not be performed by a single individual in a company with the most effective segregation of duties in place? A. Approving sales returns on customers accounts and depositing customers checks in the bank B. Having custody of signed checks yet to be mailed and maintaining depreciation schedules C. Posting accounts payable transactions and entering additions and terminations to payroll D. Preparing monthly customer statements and maintaining the accounts payable subsidiary ledger
A. Approving sales returns on customers accounts and depositing customers checks in the bank
According to the Sarbanes-Oxley Act of 2002, when an issuer's board of directors selects members to be on the company's audit committee, the board of directors must select individuals who: A. Are members of the company's board of directors B. Are employed by the company in a financial management role C. Receive consulting fees, but not advisory fees, from the company D. Are affiliated persons of the company's subsidiary
A. Are members of the company's board of directors
The use of the Integrated Framework to establish a system of internal controls provides value to external stakeholders in all of the following, except: A. Assurance that controls cannot be circumvented or overridden B. A stronger understanding of an effective internal control system C. Confidence that the board is effectively overseeing the entity's internal controls D. Confidence that management will eliminate inefficient controls
A. Assurance that controls cannot be circumvented or overridden
Atlas Worldwide Industries conducts business in a number of different countries and is trying to evaluate its economic exposure to exchange rate risk. Which of the following statements is not true? A. Atlas will suffer an economic loss in the event it has net cash inflows B. Atlas will suffer an economic loss in the event it has net cash outflows or a foreign currency and the foreign currency appreciates C. Atlas will enjoy an economic gain in the event it has net cash outflows of a foreign currency and the foreign currency depreciates D. Atlas will suffer an economic loss in the event it has net cash inflows of a forge in currency and the foreign currency depreciates
A. Atlas will suffer an economic loss in the event it has net cash inflows
The Sarbanes-Oxley Act of 2002 was enacted in response to corporate scandals that largely centered on the quality of corporate financial disclosures and highlighted the inadequate oversight of management, auditors, and the Board of Directors. The Sarbanes-Oxley Act addresses the problems related to inadequate board oversight by requiring public companies to have an: A. Audit committee B. Annual audit for all issuers C. Internal auditor D. Independent Board of Directors
A. Audit committee
What does ARTS stand for?
A. Avoid R. Reduce T. Share (Transfer) S. Accept (self-insurance)
What is the definition of "implements risk responses"? (vapiR)
A. Avoid- action is taken to remove the risk (leaving a line of business). Avoidance is appropriate when an entity cannot devise a risk response that will mitigate the risk to objectives R. Reduce- Action is taken to reduce the severity of the risk. Management designs risk mitigation techniques to reduce risk to an amount of severity aligned with the target risk profile and risk appetite (hedge) T. Share (Transfer)- Action is taken to reduce the severity of the risk. Sharing risk with such techniques as outsourcing and insurance lower residual risk in alignment with risk appetite S. Accept (Self-insurance)- No action is taken to change the severity of the risk. Acceptance is most appropriate as a risk response when risk to strategy and business objectives is within the enity's risk appetite
Strand Inc's auditors have identified a major deficiency in regard to its internal controls. As a result of the deficiency, Strand: A. Cannot claim compliance with the requirements of an effective internal control system B. Cannot achieve any of its established objectives C. Must reestablish its operating and compliance objectives D. Must restate its finical statements
A. Cannot claim compliance with the requirements of an effective internal control system
The required rate of return is generally computed as the risk-free rate of return plus a number of risk premium adjustments. All of the following risk adjustments are used to compute the required rate of return, except: A. Credit risk premium B. Purchasing power risk premium C. Default risk premium D. Maturity risk premium
A. Credit risk premium
LTRP is an external audit firm hired to audit the financial statements of the Craft Co. Craft recently implemented a new internal control system based on the components and principles of the integrated framework. The categories of deficiencies that LTRP may identify after evaluating Craft's internal controls include all of the following, except: A. Critical weakness B. Material weakness C. (Control) deficiencies D. Significant deficiencies
A. Critical weakness
The core values of an entity most closely correlate with its: A. Culture B. Capabilities C. Practices D. Strategy
A. Culture
In assessing the need for a stronger system of internal controls, management will most likely use the internal control integrated framework to do all of the following, except: A. Define rules that must be followed throughout the organization B. Eliminate inefficient and ineffective controls C. Identify and analyze risks and risk mitigation strategies D. Apply internal controls throughout all levels of the organization
A. Define rules that must be followed throughout the organization
An internal audit manager requested information detailing the amount and type of training that the IT department's staff received during the last year. According to COSO, the training records would provide documentation for which of the following principles? A. Demonstrating a commitment to retain competent individuals in alignment with objectives B. Exercising oversight of the development and performance of internal control C. Holding individuals responsible for their internal control responsibilities in the pursuit of objectives D. Developing general control activities over technology to support the achievement of objectives
A. Demonstrating a commitment to retain competent individuals in alignment with objectives
Each of the following is a limitation of ERM, except: A. ERM can provide absolute assurance with respect to objective categories B. ERM operates at different levels with respect to different business objectives C. ERM deals with risk, which relates to the future and is inherently uncertain D. ERM is as effective as the people responsible for its functioning
A. ERM can provide absolute assurance with respect to objective categories
According to COSO, what is the first ongoing monitoring step in evaluating the effectiveness of an internal control system? A. Establishing a control baseline B. Periodically revalidating operations where no known change has occurred C. Identifying changes in internal control that have taken place D. Reevaluating the design and implementation to establish new baseline
A. Establishing a control baseline
According to COSO of the Treadway Commission, which of the following components of ERM addresses an entity's commitment to core values? A. Governance and culture B. Performance C. Review and revision D. Strategy and objective-setting
A. Governance and culture
According to the Committee of Sponsoring Organizations (COSO) of the Treadway Commission, which of the following components of enterprise risk management addresses an entity's commitment to core values? A. Governance and culture B. Strategy and objective-setting C. Performance D. Review and revision
A. Governance and culture
The performance component of COSO's ERM framework is supported by which of the following principles? A. Identifies risks B. Analyzes business context C. Defines risk appetite D. Establishes operating structure
A. Identifies risks
Under the Sarbanes-Oxley Act of 2002, which of the following statements is correct regarding an issuer's audit committee finical expert? A. If an issuer does not have an audit committee financial expert, the issuer must disclose the reason why the role is not filled B. The issuer's current outside CPA firm's audit partner must be the audit committee financial expert C. The issuer must fill the role with an individual who has experience in the industry D. The audit committee financial expert must be the issuer's audit committee chairperson to enhance internal control
A. If an issuer does not have an audit committee financial expert, the issuer must disclose the reason why the role is not filled
Which of the following statements is most accurate regarding the Enterprise Risk Management Framework? A. It aids management in balancing risks/uncertainty with the need to increase value/returns B. The purpose of the Framework is to help organizations eliminate risk C. It was developed prior to the Internal Control- Integrated Framework D. It is required by the SEC to be put in place for all public companies
A. It aids management in balancing risks/uncertainty with the need to increase value/returns
U.S. travelers to Europe usually exchange dollars for euros. Assuming that the euro supply is static, how does this currency exchange, considered in isolation, affect the demand for euros and the exchange rate? A. It increases demand and increases the dollar price of euros B. It decreases demand and decreases the dollar pice of euros C. It decreases demand and increases the dollar price of euros D. It increases demand and decreases the dollar price of euros
A. It increases demand and increases the dollar price of euros
Which of the following statements is correct regarding foreign economies? A. Lower inflation and increased purchasing power increase local demand, as imports are less expensive B. High interest rates reflect faster economic growth and increased demand C. A weak local currency increases demand for imported goods and reduces demand for exported goods D. A strong local currency reduces demand for imported goods and increases demand for exported goods
A. Lower inflation and increased purchasing power increase local demand, as imports are less expensive
According to COSO, which of the following identifies the group directly responsible for the implementation and development of the enterprise risk management framework? A. Management B. The board of directors C. External auditors D. Internal auditors
A. Management
According to COSO, an executive's deliberate misrepresentation to a banker who is considering whether to make a loan to an enterprise is an example of which of the following internal control limitations? A. Management override B. Collusion C. Costs versus benefits D. Breakdown
A. Management override
A financial institution looking to assess its investment portfolio's exposure to price changes most likely would use which of the following techniques? A. Market value at risk analysis B. Back testing analysis C. Earnings at risk analysis D. Cash flow at risk analysis
A. Market value at risk analysis
The Sarbanes-Oxley Act of 2002 seeks to improve investor confidence by providing greater transparency for all of the following issues, except: A. Means and methods for balancing risk and growth B. Competency of audit committees C. Compliance of senior officers with a code of ethics D. Adequacy of internal controls
A. Means and methods for balancing risk and growth
The ability of an entity to withstand the impact of large scale refers to: A. Organizational sustainability B. Risk capacity C. Risk profile D. Risk inventory
A. Organizational sustainability
According to COSO, which of the following is included in the assess-and-report phase of an effective approach to monitoring internal controls? A. Prioritize findings B. Identify controls C. Prioritize risks D. Tone at the top
A. Prioritize findings
The Sarbanes-Oxley Act of 2002 requires that the officers of a corporation be held accountable to a code of ethics. According to the Act, codifications of ethical standards should include provisions for all of the following except: A. Prompt internal reporting of code provisions and accountability for adherence to the code B. Full, fair, accurate, and timely disclosures in periodic financial statements C. Honest and ethical conduct D. Compliance with laws, rules and regulations
A. Prompt internal reporting of code provisions and accountability for adherence to the code
A university's chief internal audit officer is using the integrated framework to improve its internal controls. In establishing the "tone at the top", she will focus on all of the following principles, except: A. Risk identification and analysis B. Holding employees accountable for internal control responsibilities C. The development and retention of competent employees D. The university's organizational structure
A. Risk identification and analysis
According to the COSO, a primary purpose of monitoring internal control is to verify that the internal control system remains adequate to address changes in: A. Risks B. Technology C. The law D. Operating procedures
A. Risks
An entity's risk appetite: A. Serves to balance risk willingness with return and growth goals B. Is established by the board of directors C. Is a key element of the monitoring process D. Represents the acceptance level of variation relative to the achievement of objectives
A. Serves to balance risk willingness with return and growth goals
The internal auditor who works in ERM performs each of the following activities except: A. Setting the risk appetite of the organization B. Giving assurance that the risks of the organization are correctly evaluated C. Coordinating ERM activities D. Evaluating the risk-management process
A. Setting the risk appetite of the organization
A company that purchases international travel insurance for its executives is exhibiting which of the following risk responses? A. Sharing B. Reduction C. Avoidance D. Acceptance
A. Sharing
Solway International is owed 10,000 from its U.K. customer. The current exchange rate is $1.30 to the U.K. pound. Solway has purchased a put option to sell 10,000 in 60 days time for $1.25 and Solway has paid a premium of $.005. If 60 days from now the exchange rate is $1.20, what will be the overall result for Solway International? A. Solway will exercise the option and it will benefit Solway by $450 B. Solway will exercise the option and it will benefit Solway $500 C. Solway will exercise the option and it will benefit Solway by $500 D. Solway will allow the option to expire
A. Solway will exercise the option and it will benefit Solway by $450
Auburndale Corporation has a corporate compliance program that allows employees the option of anonymously reporting violations of laws, rules, regulations, policies or other issues of abuse through a hotline. Reported issues are reviewed by the internal auditor and either immediately forwarded to the CEO or summarized and reported to the CEO each month. The program also provides opportunities to report through supervisory channels and includes biannual training class that all employees must complete. The corporate compliance program demonstrates that: A. Sound integrity and ethical values are developed and understood and set the standard of conduct for financial reporting B. Management's philosophy and operating style support achieving effective internal control over financial reporting C. The Board of Directors understands and exercises oversight responsibility related to financial reporting and related internal control D. Management and employees are assigned appropriate levels of authority and responsibility to facilitate effective internal control over financial reporting
A. Sound integrity and ethical values are developed and understood and set the standard of conduct for financial reporting
The Carlton Corporation publishes an Employee Handbook that contains employee responsibilities for moral behavior including a code fo conduct. Each year, employees must acknowledge their receipt of the handbook, their understanding of the code, and if they have any awareness of non-compliance within the company. The policies would indicate: A. Sound integrity and ethical values are developed and understood and set the standard of conduct for financial reporting B. Human resources practices are designed and implemented to facilitate effective internal control over financial reporting C. Management's philosophy and operating style support achieving effective internal control over financial reporting D. Management and employees are assigned appropriate levels of authority and responsibility to facilitate effective internal control over financial reporting
A. Sound integrity and ethical values are developed and understood and set the standard of conduct for financial reporting
An issuer's board of directors would ordinarily participate in each of the following activities, except: A. Supervising and monitoring the quality-control testing upon the installation of a new information technology system B. Ensuring that suitable information technology resources and skills are available to meet the company's strategic objectives C. Establishing long-term strategy and objectives to which their information technology system should be aligned D. Maintaining awareness of current technology used by the organization to assure its efficiency and effectiveness for financial reporting
A. Supervising and monitoring the quality-control testing upon the installation of a new information technology system
Which of the following statements is most accurate regarding event identification within enterprise risk management? A. Technology is often both an internal and external event B. Positive events are more critical to the organization than negative events C. A negative event represents a potential opportunity to achieve established objectives D. The political environment is primarily an internal event
A. Technology is often both an internal and external event
The ERM- Integrated Framework of the Committee of Sponsoring Organizations (COSO) is best defined as: A. The culture, capabilities, and practices, integrated with strategy-setting and performance, that organizations rely on to manage risk in creating, preserving, and realizing value B. Process that takes a control-based approach to an organization C. Process that replaces COSO internal control framework D. Serial process in which one component affects only the next component
A. The culture, capabilities, and practices, integrated with strategy-setting and performance, that organizations rely on to manage risk in creating, preserving, and realizing value
Which of the following statements regarding an audit committee financial expert is most accurate? A. The existence of financial expert must be disclosed in financial reports of the issuer B. An audit committee must have a financial expert in order to continue existing as a committee C. Experience preparing financial statements for large corporate entities is required D. A financial expert must be a CPA or have an MBA in order to serve in this capacity
A. The existence of financial expert must be disclosed in financial reports of the issuer
The Sarbanes-Oxley Act of 2002 requires that one or more members of the audit committee be a financial expert and that the financial reports disclose: A. The existence of financial expert(s) on the audit committee or the reasons why the audit committee does not have a financial expert B. Confirmation of the audit opinion by the financial expert C. The name of the Board member(s) serving as financial experts D. Certification of independence of the financial expert
A. The existence of financial expert(s) on the audit committee or the reasons why the audit committee does not have a financial expert
The COSO Cube is visually structured that: A. The organization structure is shown as a third dimension B. The three categories of objectives are represented as rows C. The elements of the Audit Framework are shown as columns D. The five components are represented as columns
A. The organization structure is shown as a third dimension
The successful and profitable launch of a new product line by an entity represent: A. Value creation B. Value erosion C. Value presentation D. Value realization
A. Value creation
As a control activity, variance analysis will likely be used by management to do all the following, except comparing: A. Year-over-year asset locations to inventory records B. Operating results to reestablished standards C. Budged finaical performance to actuals D. Actual performance year over year
A. Year-over-year asset locations to inventory records
What does the S in ARTS stand for?
Accept (Self-insurance)
What does the A in EBOCA stand for?
Accountability
What is the risk for accounts payable during transaction exposure?
Accounts payable denominated in a foreign currency represents a potential transaction exposure to exchange rate risk in the event that the domestic currency weakens in relation to foreign currency. Should the domestic currency weaken relative to the foreign currency, more domestic currency will be required to purchase the foreign currency, thereby increasing the company's cost of settling a liability. If management does not hedge this liability exposure, the company will incur a foreign exchange transaction loss
What is the risk for accounts receivable during transaction exposure?
Accounts receivable denominated in a foreign currency represent a potential transaction exposure to exchange rate risk in the event that the domestic currency strengthens in relation to the foreign currency. Should the domestic currency strengthen, less domestic currency can be purchased with the foreign currency received. An exchange loss will result
How can a forward contract mitigate transaction exposure for accounts receivable?
Accounts receivable denominated in a foreign currency represent a potential transaction exposure to exchange rate risk in the event that the domestic currency strengthens. A forward hedge contract to sell the foreign currency received in satisfaction of the receivables at a specific price at the time the accounts receivable are due or on the monthly cycle of particular subsidiary will mitigate the risk of a strengthening domestic currency
What is the definition of "pursue"?
Action is taken that accepts increased risk to achieve improved performance. Pursuit of risk is appropriate when management understands the nature and extend of any changes required to achieve desired performance while not exceeding the boundaries of acceptable tolerance
What is the definition of "reduce"? (aRts)
Action is taken to reduce the severity of the risk. Management designs risk mitigation techniques to reduce risk to an amount of severity aligned with the target risk profile and risk appetite (hedge)
What is the definition of "share"? (artS)
Action is taken to reduce the severity of the risk. Sharing risk with such techniques as outsourcing and insurance to lower residual risk in alignment with risk appetite. (insurance)
What is the definition of "avoid"? (Arts)
Action is taken to remove the risk (leaving a line of business). Avoidance is appropriate when an entity cannot devise a risk response that will mitigate the risk to objectives
What is the definition of risk inventory?
All risk that could impact an entity (economic, societal, demographic, legal)
What is the Sarbanes-Oxley Act?
An act passed into law by Congress in 2002 on financial reporting requirements of public companies. In particular, there are numerous provisions for expanded disclosures by corporations and specific representations required by officers of public companies that must accompany published financial statements. - Corporate responsibility - Enhanced disclosures - Fraud
What is whistle-blower protection section of the Sarbanes-Oxley Act?
An employee who lawfully provides evidence of fraud may not be discharged, demoted, suspended, threatened, harassed, or in any other matter discriminated against for providing such information. An employee who alleges discharge or other discrimination for providing evidence of fraud may file a complaint with the Secretary of Labor and may be provided with compensatory damages
What happens penalty enhancements did the Sarbanes-Oxley Act include for white-collar crimes attempt and conspiracy?
An individual who attempts to commit any white-collar crime offense will be subject to the same penalties as those who commit the offense, as predetermined by the U.S. Sentencing Commission.
What are the criminal penalties for securities fraud?
An individual who knowingly executes, or attempts to execute, securities fraud will defined, and imprisoned not more than 25 years or both
What does the A in SOAR stand for?
Analyze business context
What is the effective annual percentage rate?
Annual percentage rate with compounding on loans that are for a fraction of a year
What is the effect of currency appreciation?
As a domestic currency appreciates in value or becomes stronger, it becomes more expensive in terms of a foreign currency. As a currency appreciates, the volume of outflows (exports/AR) tend to decline as domestic exports become more expensive. However, the volume of inflows (AP/imports) tend to increase as foreign imports become less expensive
What are the effects of currency depreciation?
As a domestic currency depreciates in value or becomes weaker, it becomes less expensive in terms of foreign currency. As a currency depreciates, the volume of the outflows (AR/exports) tends to rise as domestic exports become less expensive. However the volume of inflows (AP/imports) tends to decline as foreign imports become more expensive
What is the trade factor relative to income levels?
As income increases in one country relative to another, exchange rates change as a result of increased demand of foreign currencies in the country in which income is increasing
What does the A in VAPIR stand for?
Assess severity of risk
What does the S in SIR stand for?
Assess substantial changes
What is a financial expert?
At least one member of the audit committee should be a financial expert. Financial reports of the issuer must disclose the existence of a financial expert on the committee or the reasons why the committee does not have a member who is a financial expert
What does the E in DOVES stand for?
Attracts, develops, and retains capable employees
What does the A in ARTS stand for?
Avoid
What are the four techniques to risk responses?
Avoid, reduce, share (transfer), accept (self-insurance)
Management has carefully evaluated the likelihood and impact of events on its foreign operations. In the vent for a 3 percent variation in exchange rate, the impact is estimated at $10 million without any action taken by management and $4 million if the company purchases a hedge instrument. The impact of the residual risk of changes in foreign currency on achieving the company's business objective is: A. $6 million B. $4 million C. $10 million D. $14 million
B. $4 million
Due to the extremely high costs of insurance premiums for hurricanes coverage, a South Florida company chooses to "self- insure". This is an example of risk: A. Reduction B. Acceptance C. Sharing D. Negligence
B. Acceptance
Each of the following principles relates to the risk assessment component of the internal control-integrated framework, except: A. Specifications of objectives B. Accountability for internal control responsibilities C. Consideration for the potential for fraud D. Change identification and assessment
B. Accountability for internal control responsibilities
The strategy and objective-setting component of COSO's Enterprise Risk Management framework is supported by which of the following principles? A. Assesses substantial change B. Analyze business context C. Pursues improvement in enterprise risk management D. Prioritizes risk
B. Analyze business context
The governance and culture component of COSO's ERM framework is supported by all of the following principles except: A. Commitment to core values B. Analyzes business context C. Defines desired culture D. Exercises board oversight
B. Analyzes business context
Able Corporation owns numerous businesses along the coast of Florida. The company's management has identified business interruption events as a potential risk resulting from storm damage caused by hurricanes. Management is so fearful for the possibility of storm damages that it elects to divest the company of virtually all properties on the Florida coast. Able's response to potential risks is known as: A. Sharing B. Avoidance C. Acceptance D. Reduction
B. Avoidance
Which of the following employees if an issuer is required to certify the company's financial reports filed with the SEC? A. Neither the CEO nor the CFO B. Both the CEO and the CFO C. The CFO, but not the CEO D. The CEO, but not the CFO
B. Both the CEO and the CFO
Who is required to make special certification statements regarding the establishment of internal control systems on the Form 10-k? A. Neither the CFO or the CEO B. Both the CEO and the CFO C. The CEO, but not the CFO D. The CFO, but not the CEO
B. Both the CEO and the CFO
The COSO Cube is used to illustrate the relationship between: A. The five components of internal control, the three objectives, and the 17 principles B. Categories of objectives, internal control components, and entity organizational levels C. Internal controls, enterprise risk management, and Sarbanes-Oxley requirements D. Risk management strategies, internal control components, and the elements of the Audit framework
B. Categories of objectives, internal control components, and entity organizational levels
According to COSO's ERM framework, which of the following is essential of the governance and culture? A. Information, communication, and reporting B. Commitment to core values C. Performance D. Strategy and objective-setting
B. Commitment to core values
Which of the following elements is unique to the governance and culture component within the ERM Framework and not a part of the control environment within the internal control integrated framework? A. Commitment to competence B. Definition of the desired culture C. Commitment to ethics and integrity D. Oversight by the board of directors
B. Definition of the desired culture
As part of the information and communication component of the Integrated Framework, a company must: A. Identify and assess the effect of entity changes on internal controls B. Ensure that external auditors are aware of significant internal control issues C. Deploy policies and procedures in a timely manner D. Communicate internal control deficiencies to responsible parties who have the ability to correct them
B. Ensure that external auditors are aware of significant internal control issues
An exporter enters into a contract to supply goods to a foreign buyer. The contract requires the payment in foreign currency 120 days after the delivery. Recently the foreign currency has experienced many fluctuations. The exporter may incur a loss on this contract at the time payment is received due to fluctuations. Which of the following actions should the exporter take to avoid such loss? A. Invest the foreign currency in the buyer's country to avoid short-term fluctuations B. Enter into a forward contract with a bank C. Cancel the export contract D. Wait for the settlement date to see if the foreign currency actually fluctuates
B. Enter into a forward contract with a bank
The ERM Integrated Framework states that an organization must identify events, both positive and negative, as part of its risk management program. Which of the following is true with regard to events? A. ERM is entirely focused on risks and ignores opportunities B. Event identification occurs after development of objectives C. Event identification occurs prior to development of objectives D. Events serve as the basis for establishing objectives and thus occur simultaneously with development of objectives
B. Event identification occurs after development of objectives
Which of the following positions best describes the nature of the Board of Directors of XYZ Co.'s relationship to the company? A. Executive B. Fiduciary C. Agent D. Representative
B. Fiduciary
All of the following fundamental concepts are reflected in the definition of internal control, except that controls are: A. Established to provide reasonable (not absolute) assurance B. Geared toward achieving strategic, operations, and compliance objectives C. Adaptable to the structure of the entity D. Affected by people and their actions
B. Geared toward achieving strategic, operations, and compliance objectives
Hedgehodge International has numerous foreign exchange transactions. Management has elected to hedge transactions as a means of mitigation transaction exposure to exchange rate risk. What is the most effective means that Hedgehodge can use to avoid overheding? A. Hedgehodge should acquire the maximum amount required to hedge known and projected transactions B. Hedgehodge should acquire the minimum amount required to hedge known transactions C. Hedgehodge should enter into a cross hedging agreement D. Hedgehodge should acquire parallel loans to provide a means for liquidating needed hedge securities
B. Hedgehodge should acquire the minimum amount required to hedge known transactions
Hedgehog international has a receivable valued at 500,000 local currency units from its foreign customer due in 90 days. The current spot rate of the local currency unit if $.60. Hedgehog purchases a put option to sell the local currency unit in 90 days for $.61 for a premium of $.005. The exchange rate for the local currency increases to $.63 in 90 days. What will Hedgehog do on the receivable's settlement date? A. Hedgehog will be indifferent as to whether it exercise the option or not B. Hedgehog will not exercise the option and sell local currency units collected from its receivable at the spot rate C. Hedgehog will exercise its option and sell the proceeds of its account receivable collection under the provisions of the option at a gain D. Hedgehog will sell the option at the settlement date and combine its proceeds along with the local currency units purchased at the spot rate to maximize its revenue
B. Hedgehog will not exercise the option and sell local currency units collected from its receivable at the spot rate
An importing partnership has experienced a dramatic surge in its exporting business and is looking for ways to minimize its risks from foreign currency fluctuations. The partnership's imports and exports to European Union countries are at similar levels. Which of the following methods most effectively minimizes risk? A. Purchase futures of the currency in which the payables will be paid B. Hold payables and receivables due in the same currency and amount C. Conduct all foreign transactions in U.S. dollars D. Enter into an interest rate swap to mitigate the effects of exchange rate fluctuations
B. Hold payables and receivables due in the same currency and amount
All of the following factors will increase world trade relative to GDP except: A. IT experts in foreign countries who are available on call for technical support B. Increased regulation of international financial markets C. Transportation efficiencies have increased over the last twenty years D. Improvements in globalization due to flexibility in international operations
B. Increased regulation of international financial markets
Which of the following statement is most accurate regarding the Internal Control- Integrated Framework? A. There has been a recent effort to move to a more rules-based approach B. Inherent limitations can exist even in an effective internal control system C. The risk assessment component contains the most principles D. The information and communication component contains the fewest principles
B. Inherent limitations can exist even in an effective internal control system
When purchasing temporary investments, which one of the following best describes the risk associated with the ability to sell the investment in a short period of time without significant price concessions? A. Financial risk B. Liquidity risk C. Interest rate risk D. Purchasing power risk
B. Liquidity risk
The event identification component of enterprise risk management most closely aligns with which component of the ERM- Integrated Framework? A. Review and revision B. Performance C. Governance and culture D. Information, communication, and reporting
B. Performance
In order to be effective, information must be all of the following except: A. Readily available to those who need it B. Provided equally across all levels of the organization C. Provided in a timely manner D. Relevant to the appropriate user
B. Provided equally across all levels of the organization
Company management completes event identification and analyzes risks. The company wishes to assess its risk after management's response to the risk. According to COSO, which of the following types of risk does this situation represent: A. Detection risk B. Residual risk C. Event risk D. Inherent risk
B. Residual risk
A manufacturing firm identifies it would have difficulty sourcing raw materials, so it relocates its production facilities. According to COSO, this decision represents which of the following responses to the risk? A. Prospect theory B. Risk reduction C. Risk acceptance D. Risk sharing
B. Risk reduction
As an organization defines its risk appetite, it is supporting which of the following components of COSO's Enterprise Risk Management framework? A. Governance and culture B. Strategy and objective-setting C. Performance D. Review and revision
B. Strategy and objective-setting
Arnold Astor, CPA, is a local tax practitioner who has been asked to sit on the Board of BigLarge Corporation, a multinational issuer. Astor has never had any involvement either as an employee or as an auditor with publicly traded companies but does teach an accounting principles class at the community college. Under the provisions of Sarbanes-Oxley Act of 2002: A. Astor qualifies as a financial expert based on achievement of a CPA certificate B. The Board of Directors would likely evaluate Astor's qualifications to serve on the audit committee an d be designed as a financial expert based on mix of knowledge and experience C. The audit committee would immediately certify Astor's qualifications as a financial expert based on his CPA license and academic experience with GAAP and experience with internal control D. Astor must petition the SEC for a waiver of prior experience requirements to be considered a financial expert
B. The Board of Directors would likely evaluate Astor's qualifications to serve on the audit committee an d be designed as a financial expert based on mix of knowledge and experience
Which of the following statements is correct regarding the requirements of Sarbanes-Oxley Act of 2002 for an issuer's board of directors? A. The majority of members of the board of directors must be independent from management influence B. The board of directors must have an audit committee entirely composed of members who are independent from management influence C. The board of directors must have a compensation committee, a nominating committee, and an audit committee, each of which is entirely composed of independent members D. Each member of the board of directors must be independent from management influence, based on the members prior and current activities, economic and family relationally, and other factors
B. The board of directors must have an audit committee entirely composed of members who are independent from management influence
Each of the following statements is correct regarding the existence and implementation of of codes of conduct, except: A. The codes of conduct are periodically acknowledged by all employees B. The codes of conduct must be in writing and displayed in public areas, such as break room C. The codes of conduct are comprehensive, addressing conflicts of interest, illegal or other improper payments, anticompetitive guidelines, and insider trading D. Employees understand what behavior is acceptable or unacceptable and know what to do if they encounter improper behavior
B. The codes of conduct must be in writing and displayed in public areas, such as break room
Each of the following component is part of enterprise risk management, except for: A. Strategy and objective-setting B. The control environment C. Information, communication, and reporting D. Performance
B. The control environment
The control environment component of the Internal Control- Integrated Framework includes which of the following principles? A. The appropriate communication of internal control deficiencies B. The independence and oversight responsibilities of the board of directors C. The appropriate communication of internal control deficiencies D. The identification and analysis of risks
B. The independence and oversight responsibilities of the board of directors
Internal controls are likely to fail for any of the following reasons, except: A. They are not designed and implemented properly at the outset B. They are designed and implemented properly, and their design changes as processes change C. They are designed and implemented properly as static controls, but the environment in which they operate changes D. They are designed and implemented properly, but their operations changes in some way
B. They are designed and implemented properly, and their design changes as processes change
The Committee of Sponsoring Organizations prepared the Internal Control Integrated Framework: A. As part of the Congressional task force known as the Treadway Commission B. To help businesses assess internal control C. To compliment the overarching concepts of the enterprise risk management framework D. To respond to the internal control assessment requirements of the Sarbanes-Oxley Act of 2002
B. To help businesses assess internal control
What is the definition of "formulate business objectives"? (sOar)
Business objectives are the measurable steps that an organization makes to achieve its strategy. The alignment of business objectives to strategy supports the entity in achieving its mission and vision - Business objectives are developed that are specific, measurable, or observable, attainable, and revenant (to the achievement of strategy) - Business objectives may relation to financial performance, customer aspirations, operational efficiency, compliance obligations, or innovation
What types of hedges can be used to mitigate the risk on transaction exposure?
Buy call option (AP), buy put option, futures contract, forward contracts, money market hedge, currency swaps, leading & lagging, cross-hedging, currency diversification
What is the definition of "review and revision"? (gopRo)
By reviewing ERM capabilities and practices, and the entity's performance relative to its targets, an organization can consider how well the enterprise risk management capabilities and practices have increased value over time and will continue to drive value in light of substantial changes
One euro will buy U.S. $1.48 and a British pound will buy U.S. $2.06. What is the cross rate of euros per pound? A. 1.48 B. .72 C. 1.39 D. 2.06
C. 1.39
Able Corporation owns numerous businesses along the coast of Florida. The company's management has identified business interruption events as a potential risk resulting from storm damage caused by hurricanes. The company elect to treat the potential damage from hurricanes as part of its business model. Able's response to potential risks is known as: A. Sharing B. Avoidance C. Acceptance D. Reduction
C. Acceptance
According to COSO, the difference between inherent risk and residual risk arises because of management's A. Inability to reduce the inherent risk B. Actions to reduce the residual risk C. Actions to reduce the inherent risk D. Inability to share the residual risk
C. Actions to reduce the inherent risk
Under Title IV of the Sarbanes-Oxley Act, disclosures found in an issuer's annual financial statements will likely include all of the following, except; A. The usage of SPE B. Reconciliation of pro forma financials with GAAP basis financial statements C. All corresponding adjustments identified by external auditors D. Relationships with subsidiary entities that are not consolidated in the parent's financials
C. All corresponding adjustments identified by external auditors
In reporting on internal controls, the Sarbanes-Oxley Act requires that the CEO and CFO who sign the report assert that they disclosed: A. Any fraud by any employee to both the audit committee and the issuer's auditors B. Material fraud by management to the issuer's auditors only C. All significant internal control deficiencies to both the audit committee and the issues auditors D. All significant internal control deficiencies to the issuers auditors only
C. All significant internal control deficiencies to both the audit committee and the issues auditors
According to Sarbanes-Oxley Act, the assertions on financial reports that the CEO and the CFO must make regarding internal controls include all of the following, except: A. The assurance that the controls were set up to ensure that material information is available B. The controls have been evaluated for effectiveness within 90 days prior to the report issuance C. Any identified internal control weaknesses will be rectified within 60 days after the report is issued D. Conclusions as to the effectiveness of controls per their evaluation
C. Any identified internal control weaknesses will be rectified within 60 days after the report is issued
According to COSO, each of the following is an example of an appropriate ongoing monitoring activity, except: A. Periodic analysis of variances between expectations and actual results B. Follow-up of customer and vendor complaints regarding amounts due and owed C. Approval of high-dollar transactions by supervisors D. Comparisons of information from various sources within the company
C. Approval of high-dollar transactions by supervisors
An American importer expects to pay a British supplier 500,000 British pounds in three months. Which of the following hedges is best for the importer to fix the price in dollars? A. Selling British pound put options B. Buying British British pound put options C. Buying British pound call options D. Selling British pound call options
C. Buying British pound call options
Management of a company has a lack of segregation of duties within the application environment, with programmers having access to development and production. The programmers have the ability to implement application code changes into production without monitoring or a quality assurance function. This is considered a deficiency in which of the following areas? A. Computer operations B. Data integrity C. Change control D. Management override
C. Change control
What is CPER?
C. Creation P. Preservation E. Erosion R. Realization
What does the term CCPIS stand for?
C. Culture C. Capabilities P. Practices IS. Integration with Strategy-setting and performance
What does CCPIS stand for?
C. Culture (core values- how) C. Capabilities (competitive advantage) P. Practices IS. Integration with Strategy-setting and performance (mission & vision)
According to the COSO, the presence of a written code of conduct provides for a control environment that can: A. Ensure that competent evaluators are implementing and monitoring internal controls B. Verify that information systems are providing persuasive evidence of the effectiveness of internal controls C. Encourage teamwork in the pursuit of an entity's objectives D. Override and entity's history and culture
C. Encourage teamwork in the pursuit of an entity's objectives
Platinum Co. has a receivable due in 30 days for 30,000 euros. The treasurer is concerned that the value of the euro is relative to the dollar will drop before the payment is received. What should Platinum do to reduce the risk? A. Platinum cannot effectively reduce this risk B. Buy 30,000 euros now C. Enter into a forward contract to sell 30,000 euros in 30 days D. Enter into an interest rate swap contract in 30 days
C. Enter into a forward contract to sell 30,000 euros in 30 days
For a public company's annual report under Title IV of the Sarbanes Oxley Act, disclosures related to the conformance of pro forma financial statement require all of the following except: A. Reconciliation with GAAP basis financial statements B. No statements contained in the pro forma financials are untrue C. Estimates must be reconciled to actual data within three months after year end D. No material information has been omitted
C. Estimates must be reconciled to actual data within three months after year end
Which of the following is necessary to be an audit committee financial expert, according to the criteria specified in the Sarbanes-Oxley Act of 2002? A. A limited understanding of generally accepted auditing standards B. Education and experience as a financial planner C. Experience with internal accounting controls D. Experience in the preparation of tax returns
C. Experience with internal accounting controls
Pursuant to the Sarbanes-Oxley Act of 2002, an accountant who destroys documents to impede an investigation by a U.S. agency can be: A. Fined and/or imprisoned not more than 10 years B. Suspended or barred from being associated with a registered public accounting firm, or be required to end such association C. Fined and/or imprisoned not more than 20 years D. Temporarily or permanently limited on the activities, functions, operations conducted on behalf of a registered public accounting firm
C. Fined and/or imprisoned not more than 20 years
Hedgehog international has a payable valued at 500,000 local currency units from its foreign customer due in 90 days .The current spot rate of the local currency unit if $.60. Hedgehog purchases a put option to sell the local currency unit in 90 days for $.61 for a premium of $.005. The exchange rate for the local currency increases to $.63 in 90 days. What will Hedgehog do on the receivable's settlement date? A. Hedgehog will be indifferent as to whether it exercise the option or not B. Hedgehog will not exercise the option and sell local currency units collected from its receivable at the spot rate C. Hedgehog will exercise its option and sell the proceeds of its account payable collection under the provisions of the option at a gain D. Hedgehog will sell the option at the settlement date and combine its proceeds along with the local currency units purchased at the spot rate to maximize its revenue
C. Hedgehog will exercise its option and sell the proceeds of its account payable collection under the provisions of the option at a gain
The Internal Control- Integrated Framework contains objectives that cover each of the following, except: A. Ensuring all applicable laws and regulations are followed B. The transparency of internal and external financial reporting C. High-level goals established by leadership to develop the entity's mission D. The safeguarding of the entity's assets against potential losses
C. High-level goals established by leadership to develop the entity's mission
A company has several long-term floating rate bones outstanding. The company's cash flows have stabilized, and the company is considering hedging interest rate risk. Which of the following derivative instruments is recommended for this purpose? A. Futures contract on a stock B. Forward contract on a commodity C. Interest rate swap agreement D. Structured short-term note
C. Interest rate swap agreement
A U.S. based company decides to invest capital in an emerging market operation that has a lower expected return compared to the expected return for an alternative domestic operation. Which of the following statements correctly supports this decision? A. Management expects inflation to decrease in the U.S. compared to the foreign location's inflation rate B. Management expects inflation to increase in the emerging market compared to the U.S. inflation C. Management expects the U.S. dollar to decline in value relative to the foreign location's currency D. Management expects the U.S. dollar to strengthen in value relative to the foreign location's currency
C. Management expects the U.S. dollar to decline in value relative to the foreign location's currency
In which of the following situations should a U.S. based company consider hedging its transaction because it is in a short position? A. One exporting products to Denmark and receiving 500,000 krone in 90 days B. One inheriting stock in a New Zealand company worth 90,000 New Zealand dollars wot distribution in 180 days C. One receiving shipments from Japan and owing 800,000,000 yen in 60 days D. One selling its Brazilian mine and receiving 10,000,000 reals in 30 days
C. One receiving shipments from Japan and owing 800,000,000 yen in 60 days
Which of the following items is one of the five components of COSO's enterprise risk management framework? A. Commitment to core values B. Risk inventory C. Performance D. Analyze business context
C. Performance
A code of ethics established by an issuer for its senior officers should establish standards that promote all of the following except: A. Ethical handling of any conflicts of interest B. Timely disclosures of financial information C. Performance based cash compensation for all senior officer levels D. Compliance with applicable laws and regulations
C. Performance based cash compensation for all senior officer levels
All of the following professional associations are part of the Committee of Sponsoring Organizations (COSO), except for: A. American Institute of Certified Public Accountants (AICPA) B. Institute of Management Accountants (IMA) C. Professional Accounting Society of America (PASA) D. Institute of Internal Auditors (IIA)
C. Professional Accounting Society of America (PASA)
All of the following are techniques for mitigating exchange rate risk for long-term foreign transactions except for: A. Currency swaps B. Long-term forward contracts C. Put options D. Parallel loans
C. Put options
In regard to managing employee complaints on accounting, audit, or internal control issues, a public company audit committee must establish procedures that address all of the following, except: A. Retention of records of employee complaints B. Maintenance of the anonymity of the employee raising the complaint C. Quick resolution of any issues prior to the issuance of the annual financial statement D. Having a means of addressing any complaints brought forth by employees
C. Quick resolution of any issues prior to the issuance of the annual financial statement
Conflicts-of-interest provisions of the Sarbanes-Oxley Act of 2002 generally prohibit the director or executive officers of an issuer from: A. Owning more than 10% of common stock B. Owning more than 10% of any form of equity C. Receiving a personal loan from the issuer not in the ordinary course of business D. Receiving perquisite compensation
C. Receiving a personal loan from the issuer not in the ordinary course of business
Managers that anticipate greater return for greater risk are referred to as having what attitude toward risk? A. Risk indifferent B. Risk seeking C. Risk averse D. Cautious
C. Risk averse
If an investor's certainty equivalent is greater than the expected value of an investment alternative, the investor is said to be? A. Risk indifferent B. Risk averse C. Risk seeking D. Cautious
C. Risk seeking
Able Corporation owns numerous businesses along the coast of Florida. The company's management has identified business interruption events as a potential risk resulting from storm damage caused by hurricanes. The company elects to not only insure its properties but to "buy down" standard deductible with additional premium. Able's response to potential risk is known as: A. Avoidance B. Reduction C. Sharing D. Acceptance
C. Sharing
Due to 50 percent store growth year after year, monitoring internal controls at a national retail chain has come under tremendous pressure. According to COSO, which of the following responses would be appropriate under the circumstances to help restore effective monitoring? A. Decreasing the size the corporate internal audit activities B. Having all the managers sign the corporate compliance policy on an annual basis C. Shifting most of the monitoring responsibility to store managers and district managers D. Consolidating the data in the operational reports reviewed by the chief internal auditor
C. Shifting most of the monitoring responsibility to store managers and district managers
In order to have an effective system of internal controls, the Integrated Framework requires that each of the following exists, except that: A. The components and associated principles are "present" in the system B. The components operate together as an integrated system C. Strategic objectives are supported by operating, reporting, and compliance objectives D. The components and associated principles are "functioning" as designed
C. Strategic objectives are supported by operating, reporting, and compliance objectives
As a matter of policy, all correspondence to or from regulatory authorities received by the management of the Barclay Corporation is provided to the Barclay Corporation audit committee and the corporations full board as needed. In assessing entity wide controls, management might conclude: A. Management's philosophy and operating style support achieving effective internal control over financial reporting B. The company's organization structure supports effective internal control over financial reporting and related internal control C. The Board of Directors understands and exercises responsibility related to financial reporting and related internal control D. Management and employees are assigned appropriate levels of authority and responsibility to facilitate effective internal control over financial reporting
C. The Board of Directors understands and exercises responsibility related to financial reporting and related internal control
All of the following management activities of the Falco Insurance Group, Inc are evidence of the ongoing monitoring of internal controls built into the company's system, except: A. The CFO reviews changes in liability reserves in excess of a specified threshold B. The CEO and CFO are required to formally verify that all major disbursements such as for claims and reinsurance premiums fully comply with the planned program of insurance C. The CFO updated the audit committee on status of internal control D. The CEO and CFO review monthly disaggregated gross margin and operating margin data by line of coverage
C. The CFO updated the audit committee on status of internal control
An effective internal control system may be compromised by all of the following, except: A. Inevitable human errors that result in a major internal control deficiency B. External events that cannot be controlled by the entity C. The application of fewer than 20 principles D. Management collusion and subsequent override of established controls
C. The application of fewer than 20 principles
For an investor who has a 20% ownership stake in the sole class of equity for a company, all of the following statements regarding the filing statement disclosure (per SOX) are correct, except: A. Disclosures are required for both direct and indirect equity ownership B. A filing statement is required upon registration C. The disclosure requirement is applicable once the investor reaches a 5% ownership level D. A filing statement is needed when ownership changes
C. The disclosure requirement is applicable once the investor reaches a 5% ownership level
What is the effect when a foreign competitor's currency becomes weaker compared with the U.S. dollar? A. The fluctuations in the foreign currency's exchange rate has no effect on the U.S. company's sales or cost of goods sold B. The foreign company will be disadvantaged in the U.S. market C. The foreign company will have an advantage in the U.S. market D. It is better for the U.S. company when the value of the U.S. dollar strengthens
C. The foreign company will have an advantage in the U.S. market
According to the Sarbanes Oxley Act of 2002, an issuer must disclose whether or not it has adopted a code of ethics for which of the following? A. All employees of the issuer B. The audit committee C. The issuer's senior financial officers, but not other employees of the issuer D. Audit staff
C. The issuer's senior financial officers, but not other employees of the issuer
According to the COSO- ERM framework, uncertainty in enterprise risk management refers to: A. The boundaries of acceptable variation in performance related to achieving business objectives B. The possibility that events will occur and affect the achievement of objectives C. The state of not knowing how or if potential events may manifest D. The impact of events of the time it would take to recover
C. The state of not knowing how or if potential events may manifest
A company's ability to maintain market share with high customer satisfaction and sustained profitability is an example of: A. Value erosion B. Value creation C. Value preservation D. Value realization
C. Value preservation
What does the second C in CCPIS stand for?
Capabilities
What is the definition of "attracts, develops, and retains capable individuals (employees)"? (dovEs)
Commitment to building human capital in alignment with the strategy and business objectives is a principle of the governance and culture component. The ultimate accountability for development and retention of capable individuals starts with the board and its selection of executive leadership. The selection of team members is typically delegated to appropriate levels of management. The ongoing process of attracting, developing, and retaining individuals includes attracting or seeking out competent individuals and training them, then mentoring them, evaluating, and ultimately retaining them with appropriate incentives and rewards.
What does the I in TIP stand for?
Communicates risk Information
What is the definition of "information, communication, and reporting (ongoing)"? (goprO)
Communication is the continual, iterative process of obtaining information and sharing it throughout the entity. - Management uses relevant information from both internal and external sources to support ERM - The organization leverages information systems to capture, process, and manage data and information. By using information that applies to all components , the organization reports on risk, culture, and performance
What is the definition of "capabilities"? (cCpis)
Competitive advantage produces value for an entity. Exploitation of competitive advantage and adaption to change are skills embedded within ERM
What does the F in SAFR stand for?
Consider potential for fraud
What is the definition of "analyze business context"? (soAr)
Consideration of the potential effects of business context on risk profile is a principle supporting the strategy and objective setting component. Business context may be dynamic, complex, and even unpredictable. Business context usually considers both external and internal environments.
What is identifying the net transaction exposure?
Consolidated entities consider their net transaction exposure prior to considering hedge strategies. Net transaction exposure considers the effect of transaction exposure on the entity taken as a whole rather than on individual subsidiaries. Although the exchange rate issues might adversely affect one subsidiary, they might have favorably affect another.
The term EBOCA belongs to what component?
Control Environment
What is a company's core values?
Core values represent an organization's beliefs and ideals about what is good or bad, acceptable and unacceptable, and they influence the behavior of the organization.
What is the corporate responsibility section of the Sarbanes-Oxley Act regarding corporate officials?
Corporate officials, typically the CEO and CFO must sign certain representations regarding annual and quarterly reports, including the assertion that: -They have reviewed the report -The report does not contain untrue statement or omit material information -The finical statements fairly present in all material respects the financial condition and results of operation of the issuer - Responsibility for internal controls -Disclosures
The currency with the higher interest rate has what happen to their foreign currency?
Countries with higher interest rates attract investments thus demand goes up and value goes up
How does management obtain value? (CPER)
Create, preserve, erosion, and realization
What is the C in CPER stand for?
Creation
What are the six types of risk exposure?
Credit risk Interest rate risk Market risk Price risk Default risk Liquidity risk
What is credit risk?
Credit risk affects borrowers. Exposure to credit risk includes a company's inability to secure financing, or secure favorable credit terms as a result of poor credit ratings. As credit ratings decline, the interest rate demanded by lenders increases, collateral may be required, and other terms are generally less favorable to the borrower. ( credit rating goes down, cost of borrowing goes up)
What does core values correlate with?
Culture
What does the C in CCPIS stand for?
Culture
What is the definition of "culture"? (Ccpis)
Culture represents the collective thinking go people within an organization. Individuals have unique points of reference that influence how they identify, assess , and respond to risk. Culture plays an important role in shaping decisions regarding risk.
A company considers investing $20 million in a foreign company whose local currency is under pressure. The company suspects that the exchange rate may fluctuate soon. The exchange rate at the time of the investment is 2.57 to $1.00. After the investment, the exchange rate changes to 3.15 to $1.00. What is the change in the value of the company's investment in U.S. dollars? A. 18.4 % decrease B. 22.6% increase C. 22.6% decrease D. 18.4% increase
D. 18.4% increase
According to COSO, which of the following activities provides an example of a top-level review as a control activity? A. Reconciliations are made of daily wire transfers with positions reported centrally B. Verification of status on a medical claim determines whether the charge is appropriate for the policy holder C. Computers owned by the entity are secured and periodically compared with the number of computers shown in the records D. A comprehensive marketing plan is implemented, and management reviews actual performance to determine the extent to which benchmarks were achieved
D. A comprehensive marketing plan is implemented, and management reviews actual performance to determine the extent to which benchmarks were achieved
The Sarbanes-Oxley Act of 2002 requires that the management report on internal control includes all of the following, except: A. A statement of management's responsibilities for establishing and maintaining adequate internal controls B. A conclusion about the effectiveness of the company's internal controls C. A statement that the auditor has attested and reported on management's evaluation of internal controls D. A statement that there are no disagreements between management and the auditor as to the effectiveness of internal controls
D. A statement that there are no disagreements between management and the auditor as to the effectiveness of internal controls
The COSO Cube is used to most effectively illustrate that: A. The entity level is held most accountable for the five components B. The most relevant objectives for the various organizational structure levels are the compliance objectives C. Monitoring activities are secondary to other components D. All categories of objectives and components are applicable across all organizational levels
D. All categories of objectives and components are applicable across all organizational levels
Which of the following is a violation of segregation of duties in internal control? A. An employee matches invoices to purchase orders and receiving reports, and applies coding of account distributions B. An employee receives goods from vendors and signs off on deliveries C. An employee adds vendors and makes changes to a vendor master file D. An employee enters and approves purchase orders
D. An employee enters and approves purchase orders
In evaluating the impact of the relative inflation rates on the demand for a foreign currency, which of the following is true? A. As inflation associated with a foreign economy decreases in relation to a domestic economy, demand for the foreign currency falls B. As inflation associated with a foreign economy increases in relation to a domestic economy, the demand for the foreign currency increases C. Inflation is irrelevant to currency demand D. As inflation associated with a foreign economy increases in relation to a domestic economy, demand for the foreign currency falls
D. As inflation associated with a foreign economy increases in relation to a domestic economy, demand for the foreign currency falls
Which of the following is not a goal of an enterprise risk management framework? A. Provide reasonable expectation that company objectives and goals are achieved and problems and surprises are minimized B. Assess risks continuously and identify the steps to take and resources to allocate to overcome or mitigate risk C. Achieve financial and performance targets D. Avoid adverse publicity and damage to entity's reputation
D. Avoid adverse publicity and damage to entity's reputation
An employee obtains a blank check, makes it payable to a fictitious company, and then cashes it. Each of the following internal control procedures should prevent this threat to the expenditure cycle, except: A. Restricted access to blank checks B. Positive pay with the bank C. Requiring electronic funds transfer transactions D. Bank reconciliations
D. Bank reconciliations
Which of the following factors is inherent in a firm's operation if it utilizes only equity financing? A. Financial risk B. Marginal risk C. Interest rate risk D. Business risk
D. Business risk
When selecting a population of disclosures to review, the SEC will likely place the lowest priority on an issuer that has: A. A relatively volatile stock price B. Recently reissued its financial statements C. A large impact on the banking sector of the economy D. Common stock that is considered small cap
D. Common stock that is considered small cap
COSO's enterprise risk management framework encompasses each of the following, except: A. Seizing opportunities B. Improving deployment of capital C. Enhancing risk response decisions D. Decreasing inherent risk appetite
D. Decreasing inherent risk appetite
What are the fives principles of the governance and control component?
D. Define Desired culture O. Exercise board Oversight V. Demonstrates commitment to core Values E. Attracts, develops, and retains capable Employees S. Establishes operating Structure
What does DOVES stand for?
D. Defines Desired culture O. Exercises board Oversight V. Demonstrates commitment to core Values E. Attracts, develops, and retains capable employees S. Establishes operating Structure
What does DUNS stand for?
D. Diversifiable U. Unsystematic N. Nondiversifiable S. Systematic
According to the Sarbanes-Oxley Act of 2002, a chief executive officer or chief financial officer who misrepresents the company's finances may be penalized by being: A. Removed from the corporate office and fined B. Imprisoned, but not fined C. Fined, but not imprisoned D. Fined and imprisoned
D. Fined and imprisoned
As an organization commits to attracting, developing, and retaining capable individuals, it is supporting which of the following components of COSO's Enterprise Risk Management framework? A. Review and revision B. Performance C. Strategy and objective-setting D. Governance and culture
D. Governance and culture
The Daphne Corporation evaluates employees with responsibilities for financial reporting for fulfillment of those responsibilities for compensation and promotion purposes. The company's policies support the idea that: A. The company's organization structure supports effective internal control over financial reporting B. Management's philosophy and operating style support achieving effective internal control over financial reporting C. Management and employees are assigned appropriates levels of authority and responsibility to facilitate effective internal control over financial reporting D. Human resources practices should be designed to facilitate effective internal control over financial reporting
D. Human resources practices should be designed to facilitate effective internal control over financial reporting
According to COSO, an effective approach to monitoring internal control involves each of the following steps, except: A. Establishing a foundation for monitoring B. Assessing and reporting the results, including the following up on corrective action where necessary C. Designing and executing monitoring procedures that are prioritized based on risks to achieve organizational objectives D. Increasing the reliability of financial reporting and compliance with applicable laws and regulations
D. Increasing the reliability of financial reporting and compliance with applicable laws and regulations
Audit committee members of issuers are required, under the Sarbanes-Oxley Act of 2002, to maintain which of the following traits? A. Integrity B. Proficiency C. Diligence D. Independence
D. Independence
Which of the following types of risks can be reduced by diversification? A. Recessions B. High interest rates C. Inflation D. Labor strikes
D. Labor strikes
The Gotham Corporation regularly produces budget vs. actual data for its managers. The company is particularly sensitive to personnel costs, and division variances of greater than five percent for any period are promptly investigated to determine if budgeted positions have not been filled or if there has been extraordinary overtime. Timely exception resolution of this character illustrates the information and communication principles typically associated with: A. Internal communication B. Financial reporting information C. External communication D. Obtain and use information
D. Obtain and use information
A country which engages in both importing and exporting will be exposed to exchange rate risks from transaction exposure. Which of the following transaction exposures poses the biggest risk in the country? A. Receivables denominated in a foreign currency when the domestic currency falls B. Receivables denominated in a foreign currency when the foreign currency rises C. Payables denominated in a foreign currency when the foreign currency falls D. Payables denominated in a foreign currency when the domestic currency falls
D. Payables denominated in a foreign currency when the domestic currency falls
Which of the following statements is most accurate regarding principles and components within the internal control- integrated framework? A. Communication of deficiencies falls within information and communication B. Specifying objectives falls under control environment C. Identifying and assessing changes falls within monitoring activities D. Policy and procedure deployment falls within (existing) control activities
D. Policy and procedure deployment falls within (existing) control activities
The Treadway Commission was established to study factors that lead to fraudulent financial reporting. The Treadway Commission was established by: A. Sarbanes-Oxely Act of 2002 B. Treadway Foundation C. Securities and Exchange Commission D. Private sponsoring organizations
D. Private sponsoring organizations
The principle of attracting, developing, and retaining capable individuals in support of the governance and culture component within the Enterprise Risk Management Framework will likely include all of the following, except: A. Developing appropriate incentives and rewards B. Evaluating job performance C. Training and mentoring individuals D. Promotional opportunities within the first year of hire
D. Promotional opportunities within the first year of hire
Which of the following organizations was established by the Sarbanes-Oxley Act of 2002 to control the auditing profession? A. Committee of Sponsoring Organization (COSO) B. IT Governance Institute (ITGI) C. Information Systems Audit and Control Foundation (ISACF) D. Public Company Accounting Oversight Board (PCAOB)
D. Public Company Accounting Oversight Board (PCAOB)
Able Corporation owns numerous businesses along the coast of Florida. The company's management has identified business interruption events as a potential risk resulting from storm damage caused by hurricanes. The company elects to balance its portfolio of risk with property investments on the coasts of other states and in Florida's interior. Able's response to potential risks is known as: A. Sharing B. Avoidance C. Acceptance D. Reduction
D. Reduction
According to the Committee of Sponsoring Organizations (COSO) of the Treadway Commission, which of the following components of the internal control integrated framework addresses an entity's financial reporting objectives? A. Control environment B. Information and communication C. Control activities D. Risk assessment
D. Risk assessment
Which of the following statements is most accurate regarding the existing control activities component of the integrated framework? A. Policies are used to put procedures into action B. Preventive control activities require automated processes C. A detective control activity is designed to identify risks before they occur D. Segregation of duties is a critical preventive control activity
D. Segregation of duties is a critical preventive control activity
A put is an option that gives its owner the right to do which of the following? A. Sell a specific security at a fixed price for an indefinite time period B. Buy a specific security at a fixed price for an indefinite time period C. Buy a specific security at a fixed conditions of price and time D. Sell a specific security at fixed conditions of price and time
D. Sell a specific security at fixed conditions of price and time
Each of the following themes is covered by the Enterprise Risk Management Framework, except for: A. Evaluating business context in the development of strategy and business objectives B. Developing a portfolio view of risk C. Managing risk with a reasonable expectation of achieving strategy and business objectives D. Setting up internal control procedures to mitigate the risk of fraud
D. Setting up internal control procedures to mitigate the risk of fraud
The mission and vision of an organization most closely correlate with an entity's A. Culture B. Practices C. Capabilities D. Strategy
D. Strategy
Investment managers develop portfolios of different investments to combine, offset, and thereby reduce overall risk. Not all risks can be eliminated by development of a portfolio. Risks that cannot be eliminated through a portfolio are called? A. Unsystematic risks B. Firm-specific risks C. Non-market risks D. Systematic risks
D. Systematic risks
Which of the following statement is most accurate regarding public company audit committees? A. Audit committee members cannot serve as members of the board of directors B. Resolving disputes between management and external auditors is outside of audit committee scope C. The auditor reports directly to the company's CEO and indirectly to the audit committee D. The audit committee is charged with overseeing the work of the external auditor hired by the issuer
D. The audit committee is charged with overseeing the work of the external auditor hired by the issuer
If the dollar price of the euro rises, which of the following will occur? A. The euro will buy fewer European goods B. The euro depreciates against the dollar C. The euro will buy fewer U.S. goods D. The dollar depreciates against the euro
D. The dollar depreciates against the euro
Generally, an organization will not operate beyond the limits of its risk appetite. Risk appetite has generally been exceeded when: A. The likelihood and impact of positive events are significantly below residual risk B. The likelihood and impact of negative events exceeds residual risks C. The likelihood and impact of positive events are within residual risk D. The likelihood and impact of negative events significantly exceed residual risks
D. The likelihood and impact of negative events significantly exceed residual risks
A company's purchasing department creates purchase orders based on electronic requests sent by operations. These requests are approved by operations, and no further approvals are required to place a purchasing order. Purchasing clerks key the order information, including vendor names and prices, into the purchasing system based on the electronic requests. Which of the following is the best control to ensure that orders are entered accurately? A. Approvals from management in operations are sent to clerks along with the order requests, which then are filled B. Clerks use preformatted screens, which show the clerk the type of information expected, but do not restrict input C. A hash total of the total quantity of all items entered by purchasing clerks each day is compared to the total quantity of all items originated by operations personnel D. The purchasing system compares vendor information and prices entered by the clerks to master vendor and pricing data and rejects variances
D. The purchasing system compares vendor information and prices entered by the clerks to master vendor and pricing data and rejects variances
The COSO- established definition for enterprise risk management covers all of the following elements , except: A. Providing reasonable expectation regarding the achievement of objectives B. Managing risk to be within the entity's risk appetite C. Application across the entire enterprise D. The sole responsibility of the board of directors to establish the process
D. The sole responsibility of the board of directors to establish the process
Freely fluctuating exchange rates perform which of the following functions? A. They eliminate the need for foreign currency hedging B. They make imports cheaper and exports more expensive C. They impose constraints on the domestic economy D. They automatically correct a lack of equilibrium in the balance of payments
D. They automatically correct a lack of equilibrium in the balance of payments
Universal Industries limits its operation to exports to foreign countries. What can be said about Universal's exposures to exchange rate risk? A. Universal is subject to potential transaction, economic and translation exposures to exchange rate risk B. Universal is subject to economic and translation exposures to exchange rate risk C. Universal is subject to transaction and translation exposures to exchange rate risk D. Universal is subject to potential transaction and economic exposures to exchange rate risk
D. Universal is subject to potential transaction and economic exposures to exchange rate risk
According to COSO Enterprise risk management- integrated framework, each of the following is considered by management as part of a risk assessment, except: A. Inherent risk B. Target residual risk C. Actual residual risk D. Unknown risk
D. Unknown risk
Arbor Fashions launched a line of accessories to accompany its successful line of blouses and slacks. The company's accessory line was unsuccessful and was discontinued six months after launch. The failure of Arbor's new product line represents: A. Value realization B. Value creation C. Value preservation D. Value erosion
D. Value erosion
`Baker Corp. paid a dividend to its shareholders following the achievement of record products. Dividend distributions represent: A. Value erosion B. Value creation C. Value preservation D. Value realization
D. Value realization
What is structured information?
Databases, files
What are long-term forward contracts?
Deal with the same issues as any other forward contract. Long-term contracts are set up to stabilize transaction exposure over long periods. Long-term purchase contracts may be hedged with long term forward contracts.
What is default risk?
Default risk affects lenders. Creditors are exposed to default risk to the extent that it is possible that its debtors may not repay the principal or interest due on their indebtedness on a timely basis
What does the D in DOVES stand for?
Defines Desired culture
What does the R in SOAR stand for?
Defines Risk appetite
What does the V in DOVES stand for?
Demonstrates commitment to core Values
What does the P in CATP stand for?
Deployment of policies and procedures
The framework requires judgement in what?
Designing, implementing, and conducting internal control and in assessing the effectiveness of internal control
What type of control identifies risks as they occur?
Detective
What does the V in VAPIR stand for?
Develop portfolio view
What are the financial factors that can influence exchange rate?
Differences in interest rates and restrictions in capital movements between companies
Who does the external auditor report to?
Directly to the audit committee
What disclosures must be made for transactions involving management and principal stockholders?
Disclosures are required for persons who generally have direct or indirect ownership of 10% of any class of most any equity security. Disclosures are made by a filing statement
What is unsystematic/firm-specific/diversifiable risk?
Diversifiable risk represents the portion of a firm's or industry's risk that is associated with random causes and can be eliminated through diversification. Diversifiable risks attributable to firm-specific or industry-specific events (strikes, lawsuits, regulatory actions, or the loss of a key account)
What are some unsystematic risks?
Diversifiable risks attributable to firm-specific or industry-specific events (strikes, lawsuits, regulatory actions, or the loss of a key account)
What is the formula for effective annual interest rate?
EAPR= [1+(i/p)^p-1
What is the definition of "practices"? (ccPis)
ERM is an organizational practice continually applied to the entire scope of activities of the business. It is part of management decisions at all levels of the entity. It is neither static nor is it an adjunct or add-on to the business
What is the definition of "strategy and objective-setting"? (sOar)
ERM is integrated into the entity's strategic plan through the process of setting strategy and business objectives that consider both internal and external factors and their effect on risk framed by business context. - An organization sets its risk appetite in conjunction with strategy-setting - The business objectives allow strategy to be put into practice and shape the entity's day-to-day operations and priorities
How do you assess economic exposure?
Economic exposure is defined by the degree to which cash flows of the business can be affected by fluctuations in exchange rates (PV)
What are the techniques for economic exposure mitigation?
Economic exposures typically relate to the organization wide issues and can usually only be mitigated with organization-wide approaches that involve restructuring the sources of income and expense to the consolidated entity
What does the E in CPER stand for?
Erosion
What does the S in DOVES stand for?
Establishes operating Structure
What does the S in SOAR stand for?
Evaluate alternative Strategies
What is the definition of "evaluates alternative strategies"? (Soar)
Evaluation of alternative strategies and the potential effect on risk profile is a principle supporting the strategy and objective-setting component. Strategy is evaluated from two perspectives: (more equity less debt) - The possibility that the strategy does not align with the mission, vision, and core values of the entity - The implications from the chosen strategy
What does the O in DOVES stand for?
Exercises board Oversight
What does the term FACT stand for?
Fair, accurate, complete, and timely
Default risk can also be called?
Finance risk
What are money market hedge for payables using borrowed funds?
Firms that do not have excess cash follow the same basic procedure for a money market hedge on payables, except that they first borrow the funds domestically and invest them internationally to satisfy the payable denominated in a foreign currency
What are money market hedges for payables with excess cash?
Firms with excess cash use money market hedges to lock in the exchange rate associated with the foreign currency needed to satisfy payables when they come due. Money market hedges for payables satisfaction include the following steps: 1. Determine the amount of the payable 2. Determine the amount of interest that can be earned prior to settling the payable 3. Discount the amount of payable to the net investment required 4. Purchase the amount of foreign currency equal to the net investment required and deposit the proceeds in the appropriate money market vehicle
What does the O in SOAR stand for?
Formulate business Objectives
What does tolerance correlate with?
Formulating business objectives in the strategy and objective-setting component. Tolerance is the range of acceptable outcomes related to achieving a business objective within risk appetite. Tolerance is also referred to as the acceptable variance in performance
What are the two ways to mitigate long term transaction exposure?
Forward contracts & currency swaps
Mission, vision, and core values is connected to what component the most?
G. Governance and culture
What are the five components of enterprise risk management?
G. Governance and culture O. Strategy and Objective-setting P. Performance R. Review & revision O. Information, communication, and reporting (ongoing)
What does GOPRO stand for?
G. Governance and culture O. Strategy and Objective-setting P. Performance R. Review & revision O. Information, communication, and reporting (ongoing)
What does the G in GOPRO stand for?
Governance & culture
What is the definition of the governance and culture component? (Gopro)
Governance sets the entity's tone at the top, serves to endorse the importance of enterprise risk management, and establishes oversight responsibilities to ERM. Culture is reflected in decision making.
Is a company's core values the why, what, or how?
How
What is the definition of "performance"? (goPro)
Identification and assessment of risks that may affect an entity's ability to achieve its strategy and business objectives represent the performance component. (similar to risk assessment) -Organizations identify and assess risks that may affect the achievement of strategy and business objectives - Risk is prioritized according to severity and in consideration of the entity's risk appetite - The organization then selects risk responses and monitors performance for change - The resulting portfolio view describes the amount of risk the entity has assumed in the pursuit of its strategy and entity-level business objective
What does the I in VAPIR stand for?
Identifies risks (events)
What does the R in SAFR stand for?
Identify and analyze risks
What does the A in SAFR stand for?
Identify and assess changes
What is a temporary freeze authority from the SEC?
If the SEC determines it is likely that the issuer will be required to make penalty payments , the SEC may petition a federal district court to require the issuer to escrow the payments in an interest bearing account for 45 days
What does the R in VAPIR stand for?
Implement risk responses (using ART)
What is the Internal Control- Integrated Framework?
In 1992, COSO issued Internal Control- Integrated Framework to assist organizations in developing comprehensive assessments of internal control effectiveness.
What is Enterprise Risk Management (ERM)?
In 2004, COSO issued Enterprise Risk Management (ERM)- Integrated Framework to assist organization in developing a comprehensive response to risk management.
What is the definition of "Accountability"? (ebocA)
Individuals are held accountable for their internal control responsibilities. Point of focus include establishing performance measures, incentives, and rewards, and evaluating those for ongoing relevance while considering excessive pressures.
What are the criminal penalties for altering documents?
Individuals who alter, destroy, mutilate, conceal, cover up, falsify, or make false entry in any record, document, or tangible object with the intent to impede, obstruct, or influence an investigation will be fined, imprisoned for not more than 20 years, or both. Auditors of issuers should retain all audit and review work papers for a period of seven years from the end of the fiscal period in which the audit or review was conducted. Failure to do so will result in a fine, imprisonment for not more than 10 years, or both
What are the trade factors that can influence exchange rate?
Inflation, income, and government regulation
What is the information and communication component of the internal controls integrated framework? (crIme)
Information and communication systems support the identification, capture, and exchange of information in a timely and useful manner.
What does the second O in GORPO stand for?
Information, communication, and reporting (ongoing)
What are the three types of risks that's severity can be assessed?
Inherent risk, target residual risk, and actual residual risk
What do mission and vision correlate with from CCPIS?
Integrated with Strategy-setting and performance
What does the IS stand for in CCPIS?
Integrated with strategy-setting and performance
What is the financial factors relative interest rates and capital flows?
Interest rates create demand for currencies by motivating either domestic or foreign investments. The forces of supply and demand create changes in the exchange rate as investors seek fixed returns. The effect of interest rates is directly affected by the volume of capital that is allowed between countries
What's an example of internally communicating information? (oIe)
Internal audit committee, management
How can you mitigate interest rate risk (3)?
Investing in floating rate debt securities, forward rate agreements, or interest rate swaps
What is the annual percentage rate?
Is the annual rate that is charged for borrowing (or made by investing), expressed as a single percentage number that represents the actual yearly cost of funds over the term of a loan.
What are the conflicts of interest provision section of the Sarbanes-Oxley Act?
Issuers are generally prohibited from making personal loans to directors or executive officers - Exceptions apply if the consumer credit loans are made in the ordinary course of business by the issuer - No preferential treatment
What is a futures hedge?
It entitles its holders to either purchase or sell a particular number of currency units of an identified currency at a negotiated price on a stated date. Futures hedges are denominated in standard amounts and tend to be used for smaller transactions
What is selective hedging?
It is a financial risk management technique in which an organization, seeking to mitigate the risk of fluctuations in value, acquires a financial instrument that behaves in the opposite manner from the hedged item. In effect, hedging is the process of reducing the uncertainty of the future value of a transaction or position by actively engaging in various derivative investments (forwards, futures, options, swaps)
What is target residual risk?
It is the amount of risk that an entity prefers to assume in pursuit of its strategy and business objectives knowing that management will implement or has implemented direct or focused action to alter severity of risk
What is the definition enterprise risk management?
It is the culture, capabilities, and practices, integrated with strategy-setting and performance, that organizations rely on to manage risk in creating, preserving, and realizing value
What is actual residual risk?
It is the risk remaining after management has taken action
What is translation exposure?
It is the risk that assets, liabilities, equity, or income of a consolidated organization that includes foreign subsidiaries will change as a result of changes in exchange rates. Translation exposure is generally defined by the degree of foreign involvement, to the effect on the organization's earnings or comprehensive income
What is inherent risk?
It is the risk to an entity in the absence of any direct or focused actions by management to alter its severity (cyclical/demographics)
What does currency appreciation and depreciation refer to?
It refers to the strengthening and weakening of a currency in relation to other currencies
What is risk appetite?
It represents the types and amounts of risk, on a broad level, that an organization is willing to accept in pursuit of value. Risk appetite is a range rather than a specific limit and provides guidance on the practices an organization is encouraged to pursue or not purse. 1. Risk appetite is expressed first in mission & vision 2. Risk appetite varies between products, business units, or over time in line with changing capabilities for managing risk and must be flexible enough to adapt to changing business conditions without approvals
How does a futures hedge to buy the foreign currency at a specific price benefit the company?
It will mitigate the risk of a weakening domestic currency when the accounts payable is due.
What is succession?
Its apart of the governance & culture component, and integral to attracting, developing, retaining capable individuals. It is a process that may involve identifying more than one person who could fill a crucial role
What are alternative hedging techniques used to mitigate transaction exposure?
Leading & lagging, cross hedging, and currency diversification
What does the T in TIP stand for?
Leverages information and technology
What is liquidity risk?
Liquidity risk affects lenders (investors). Lenders or investors are exposed to liquidity risk when they desire to sell their security, but cannot do so in a timely manner or when material price concessions have to be made to do so (not publicly traded, real estate is illiquid)
What are the ways to mitigate market risk?
Market risk cannot be mitigated through diversification. One way to control market risk is to invest in derivatives that provide gains to investors when the market declines. Short selling (selling an investment in the hopes of buying it back at a lower price later) is another strategy that provides return when the market declines) Use profit to make up for reduction value in asset
What is the definition of risk?
May be defined as the chance of financial loss. More formally, the term "risk" may be used interchangeably with the term "uncertainty" to refer to the variability of returns associated with a given asset
What is the definition of return?
May be defined as the total gain or loss experienced on behalf of the owner of an asset over a given period. Typically, greater risk yields greater returns. The seller of financial securities compensates the buyer of financial securities with increased opportunity of profit by offering a higher rate of return.
What is the translation exposure factor locations of foreign investments?
Measurements of financial results of foreign investments frequently occur in the foreign currency in which the investee company operates. The exposure of the parent company to translation risk is affected by the stability of the foreign currency in comparison to the parents domestic currency. The more stable the exchange rate, the lower the translation risk. The more volatile the exchange rate, the higher the translation risk
What is a company's mission?
Mission represents the core purpose of the entity. This mission represents why the company exists and what it hopes to accomplish (objective)
What is a money market hedge?
Money market hedge uses international money markets to plan to meet future currency requirements. A money market hedge uses domestic currency to purchase a foreign currency at current spot rates and invest them in securities timed to mature at the same time as related payables are due
What is measuring the specific transaction exposure?
Net foreign accounts receivable with the accounts payable to find out whether you have a net asset risk or a net liability risk
What is the definition of "accept"? (artS)
No action is taken to change the severity of risk. Acceptable is most appropriate as a risk response when risk to strategy and business objectives is within the entity's risk appetite (Self-insurance)
What is the statue of limitations on securities fraud?
No later than the earlier of two years after the discovery of the facts constituting the violation, or five years after the violation
What are the penalties for mail and wire fraud?
No more than 20 years
What are improper influences on the conduct of audits?
No office or director, or any person acting under the direction thereof, may take any action that would fraudulently influence , coerce, mislead, or manipulate the auditor in a manner that would make the finical statements materially misleading
What does term nominal dollars mean?
Nominal dollars are equal to the inflation rate applied to real dollars
What are some examples of market risk?
Nondiversifiable risk is attributable to factors such as war, inflation, international incidents, and political events
Risk appetite is ultimately expressed in what context?
Objectives
What does the O in OIE stand for?
Obtain and use information
What are the off-balance sheet transactions required in the disclosure?
Operating leases, contingent obligations, relationships with unconsolidated subsidiaries, use of special purpose entities
What is the definition of "operating structure"? (doveS)
Operating structures are established to pursue strategy and business objectives. Operating objectives describe how an entity organizes and carries out its day-to-day operations and contributes to the alignment of risk management practices with core values (centralized/decentralized, DOL)
What is the definition of "Identifies"? (vapIr)
Organizations identify risks that affect their performance in achieving strategy and business objectives. New and emerging risks are identified, and currently assessed risks are reevaluated using various techniques.
What information supports review and revision related practices?
Organizations may need information on emerging trends in ERM
What information supports performance-related practices?
Organizations may need information on their competitors to assess changes in the amount of risk
Business objective formulation is connected to what component the most?
Performance
What does the P in GOPRO stand for?
Performance
What does the P in CCPIS stand for?
Practices
What does the P in CPER stand for?
Preservation
What type of control identifies risks before they occur?
Preventive
What is price risk?
Price risk represents the exposure that investors have to a decline in the value of their individual securities or portfolios. Factors unique to individual investments and/or portfolios contribute to price risk, which becomes an even greater concern with increased market volatility. Price risk is related to diversifiable (unsystematic) risk
What is the definition of "prioritize risk"? (vaPir)
Prioritization of risk as a basis for determine risk response is a principle underlying the performance component. Risks that result in the entity approaching the risk appetite for specific business objective are typically given higher priority (interest rate risk, currency risk, competition)
What does the P in VAPIR stand for?
Prioritize risk
What kind of procedures must the audit committee create?
Procedures to accept reports of complaints regarding audit, accounting, or internal control issues (whistle-blower hotlines) -Procedures must accommodate confidential, anonymous reports by employees of the issuer -Procedures must accommodate receipt and retention of complaints as well as a method to address those complaints
What does the I in SIR stand for?
Pursue improvements to ERM
What are procedures used for?
Putting policies into action
What does the R in CPER stand for?
Realization
What does the R in ARTS stand for?
Reduce
What is the definition of a risk-indifferent preference?
Reflects an attitude toward risk in which an increase in the level of risk does not result in an increase in management's required return (Seeks highest possible return)
What is risk-seeking behavior?
Reflects an attitude toward risk in which an increase in the level of risk results i na decrease in management's required rate of return. Risk-seeking managers are willing to settle for lower expected returns as the level of risk increases
What is the definition of a risk-averse preference?
Reflects an attitude toward risk in which an increase in the level of risk results in an increase in management's required rate of return. Risk-averse managers require higher expected returns to compensate for greater risk. Most managers are risk averse
What is the definition of "reports on risks, culture, and Performance"? (tiP)
Reporting may be qualitative or quantitative and be made to a wide range of users, including management, risk owners, assurance providers, external stakeholders, and others. - Portfolio view of risk (outlining the severity of risk at the entity level) - Profile view of risk (outlining the severity of risk at different levels within the entity, division, etc)
What does the P in TIP stand for?
Reports on risk, culture, and Performance
What is leading and lagging?
Represent transactions between subsidiaries or a subsidiary and a parent. The entity that is owed may bill in advance if the exchange rate warrants (leading) or the possibility wait until the exchange rate is favorable before settling (lagging)
Implementation and performance is connected to what component the most?
Review and revision
What does the R stand for in GOPRO?
Review and revision
What does the R in SIR stand for?
Reviews risk and performance
What is the definition of risk?
Risk is the possibility that events will occur and affect the achievement of strategy and business objectives
What is exchange rate risk?
Risk that the value of your investment may be devalued by the exchange rate of foreign currencies. This risk exists because of the relationship between domestic and foreign currencies may be subject to volatility
The acceptable level of variation relative to the achievement of objectives refers to?
Risk tolerance
What does SIR stand for?
S. Assess substantial changes I. Pursue Improvements in ERM R. Review risks and performance
What are the three principles of the review and revision component?
S. Assesses Substantial changes I. Pursue Improvement in ERM R. Review risk and performance
What are the three principles of review and revision?
S. Assesses Substantial changes I. Pursues Improvements in ERM R. Reviews risk and performance
What does SIR stand for?
S. Assesses Substantial changes I. Pursues Improvements in ERM R. Reviews risk and performance
What does SOAR stand for?
S. Evaluate alternative Strategies O. Formulate business objectives A. Analyze business context R. Define Risk appetite
What are the four principles for the strategy and objective-setting component?
S. Evaluates alternative Strategies O. Formulate business objectives A. Analyze business context R. Defines risk appetite
What are the penalties against retaliation against informants?
Shall be fined and imprisoned for no more than 10 years
What does the T in ARTS stand for?
Share (Transfer)
What is a currency option for receivables?
Similar to a futures contract or a forward contract, the business plans to sell a foreign currency at a higher rate, in anticipation of the foreign currency weakening in comparison to the domestic value, to ensure that it cane capitalize on receivable collections at a stable or predicted value
Strategy development is connected to what component the most?
Strategy and Objective-setting
What does the O in GOPRO stand for?
Strategy and Objective-setting
What is the definition of "integration with strategy-setting and performance"? (ccpIS)
Strategy is set in a manner that aligns with mission and vision. Business objectives flow from strategy. Business objectives drive the activities of all business units and functions
What is the breakeven point for a put option?
Strike price minus premium
What is the breakeven formula for a call option:?
Strike price plus the premium
What is another name for currency contracts?
Swap borrowings
What are the three principles of information, communication, and reporting (ongoing)?
T. Leverages information & Technology I. Communicates risk Information P. Reports on risk, culture, and Performance
What does TIP stand for?
T. Leverages information & Technology I. Communicates risk Information P. Reports on risk, culture, and Performance
What does TIP stand for?
T. Leverages information and Technology I. Communications risk information P. Reports on risk, culture, and performance
What are the three principles of the information, communication, and reporting component?
T. Leverages information and Technology I. Communicates risk Information P. Reports on risk, culture, and performance
Who does an enhanced review of periodic disclosures by issuers?
The SEC is required to review disclosures made by issuers, including those in Form 10-k, on a regular and systematic basis for the protection of investors. (SEC checks for completeness when auditor checks for accuracy) When scheduling reviews, the SEC considers; - Issuers that have issued material restatements of financial results - Issuers that experience significantly volatility in their stock prices when compared to other issuers - Issuers with the largest market capitalization - Emerging companies with disparities in price-to-earning ratios - Issuers whose operations significantly affect any material sector of the economy (too big to fail)
What is the definition of organization sustainability?
The ability of an entity to withstand the impact of large-scale events (are we diversified)
What is the definition of reasonable expectation?
The amount of risk of having strategy and business objectives that is appropriate for an entity, recognizing that no one can predict risk with precision
What is the effective interest rate?
The annual interest rate implicit in the contract / net proceeds from a loan
What is a section 404?
The assessment of internal controls. Each report should include: - A statement that management is responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting - An assessment, as of the end of the most recent fiscal year of the issuer, of the effectiveness of the internal control structure and procedures for financial reporting - The auditors must attest to management's assessment of internal control
Who establishes procedures regarding complaints about audit, accounting, or internal control issues?
The audit committee
Who resolves disputes between the external auditor and management?
The audit committee
What is the definition of "exercise board oversight"? (dOves)
The board of directors provides oversight for an entity's strategy and carries out governance responsibilities to support management in achieving strategy and business objectives. The board is expected to have the skills, experience, and business knowledge to understand the entity's strategy; stay informed on relevant issues; and maintain an active and accountable role that is independent and conscious of potential bias
How can purchasing a call option help protect a company from transaction exposure when they have outstanding accounts payable?
The business has the option (not the obligation) to purchase the security at the option (strike or exercise) price. The business evaluates the relationship between the option price and the exchange rare at the settlement dat. Generally, if the option price is less than the exchange rate at the time of the settlement, the business will exercise its option. If the option price is more than the exchange rate at the time of settlement, the business will allow the option to expire. Although option premiums are used to compute any net savings associated with option transaction, they are a sunk cost and are irrelevant to the decision to exercise
What is one hedge that an international company can do without using a complex instrument?
The company could time the payment for imports with the collection from exports
The currency with higher inflation has what happen?
The currency loses value and the demand for foreign currency increases and increases the foreign currencies value
What is the definition of "assesses substantial changes"? (Sir)
The entity identifies and assesses changes that may substantially affect strategy and business objectives; it is a principle supporting the review and revision component. Assessments may include identifying internal (change in officers) and external (threat of substitute product) environment changes related to the business context as well as changes in culture
What is market/systematic/non-diversifiable risk?
The exposure of a security or firm to fluctuations in value as a result of operating within an economy is referred to as market risk. Market risk is sometimes referred to as nondiversifiable risk because it is a risk inherent in operating within the economy. Nondiversifiable risk is attributable to factors such as war, inflation, international incidents, and political events
A futures contract to sell a foreign currency will improve accounts receivable transaction exposure because?
The foreign currency received in satisfaction of the receivable at a specific price at the time the accounts receivable is due will mitigate the risk of strengthening domestic currency
What is a form 8-k?
The form filed with SEC to report any changes or waivers from the code of ethics for senior officers
What is the definition of risk capacity?
The maximum amount of risk that an entity is able to absorb in the pursuit of strategy and business objectives (suitable tolerance)
What is the definition of performance management?
The measurement of efforts to achieve or exceed the strategy and business objectives (stress test / can measure quantitative or qualitative features)
What is the definition of "defines risk appetite"? (soaR)
The organization defines risk appetite in the context of creating, preserving, and realizing value. Entities consider risk appetite in qualitative terms (goals based), while others may be quantitative (standard deviation). The best approach for an entity is one that aligns with the analyses used to assess risk in general, whether that is qualitative or quantitive. - General terms such as "low appetite" or "high appetite" are sufficient expressions of risk appetite. Referencing "targets", "ranges", "ceilings", or "floors" may also be used.
What is the definition of "defines desired culture"? (Doves)
The organization defines the desired behaviors that characterize the entity's desired culture. An entity's culture influences how the organization identifies risk, what types of risk it accepts, and how it manages risk. Culture is a spectrum that it progresses from risk averse to risk neutral and extends to risk aggressive. (How conservative or aggressive does the entity want to be)
What is the definition of "demonstrates commitment to core values"? (doVes)
The organization demonstrates a commitment to the entity's core values. Without support from the top of the organization, risk awareness can be undermined and risk-inspired decisions may be inconsistent with those values (adopt code of conduct)
What is the definition of "develops portfolio view"? (Vapir)
The organization develops and evaluates a portfolio/entity-wide view of risk (parent view). A portfolio view allows management and the board to consider the type, severity, and interdependencies of risks and how they may affect performance and align with the overall risk appetite.
What is the definition of "Communication of deficiencies"? (so-D)
The organization evaluates and communicates internal control deficiencies in a timely manner to parties responsible for taking corrective action. One point of focus is monitoring corrective actions.
What is the definition of "leverages information and technology"? (Tip)
The organization leverages the entity's information and technology systems to support the organization with relevant information. Relevant information helps the organization to be more agile in its decision making and provides a competitive advantage
What information supports strategy and objective-setting related practices?
The organization may need information on stakeholder expectations about risk appetite
What information supports governance and culture related practices?
The organization may need information on the standards of conduct and individual performance in relation to those standards
What is he definition of "pursues improvement in enterprise risk management"? (sIr)
The organization pursues improvement of ERM. Opportunities to revise and improve efficiency and usefulness may occur in any area.
What is the definition of "reviews risk and performance"? (siR)
The organization reviews entity performance and considers risk, including the capabilities and practices of the organization. Evaluations may relate to potentially incorrect assumptions, poorly implemented practices, entity capability, or cultural factors. (Was the hedge effective)
What is the definition of "select and develop control activities"? (CAtp)
The organization selects and develops control activities that contribute to mitigation of risks to acceptable levels. Points of focus include integrating with risk assessment when selecting activities and considering entity-specific factors.
What is the definition of "Ongoing and separate evaluations"? (SO-d)
The organization selects, develops, and performs ongoing and/or separate evaluations to ascertain whether the components of internal control are present and functioning. One point of focus is to consider establishing baseline understandings. The frequency of the testing is dictated by the risk.
What is the definition of "communicates risk information"? (tIp)
The organization uses communication channels to support ERM. Communications are made to internal and external stakeholders and with the board of directors. Communication techniques vary widely. Communication methods must be evaluated for effectiveness. (Management discussion analysis/ MDA)
What is transaction exposure?
The potential that an organization could suffer economic loss or experience economic gain upon settlement of individual transactions as a result of changes in the exchange rates. Transaction exposure is generally measured in relation to currency variability or currency correlation
What is economic exposure?
The potential that the present value of an organizations cash flows could increase or decrease as a result of changes in the exchange rates. Economic exposure is generally defined through local currency appreciation and depreciation
What is the nominal rate of return?
The risk-free rate and the inflation premium
What is the definition of "assesses severity of risks"? (vApir)
The severity of risk is evaluated after it has been identified. Resources and capabilities are deployed to keep the risk within the entity's risk appetite based on the assessment. The severity of risk is assessed at multiple levels (across divisions, functions, and operating units) in line with the business objectives it may affect. Risks deemed severe at the operating level may be less of a concern at the division or entity level (well diversified) . Risk assessment includes the concepts of inherent risk, target residual risk, and actual residual risk.
What is currency diversification?
The simplest hedge for long-term transactions is to diversify foreign currency holdings over time. A substantial decline in the value of one currency would not affect the overall holder value of the firm if the currency represented only one of many foreign currencies
What is cross-hedging?
The technique known as cross-hedging involves hedging one instrument's risk with a different instrument by taking a position in a related derivatives contract. This is often done when there is no derivatives contract for the instrument being hedged, or when a suitable derivative contract exists but the market is highly illiquid
What is the definition of functioning (operating effectively)?
The term "functioning" demonstrates that the components and relevant principles are currently operating as designed in the internal control system.
What is the definition of present (design)?
The term "present" means that the components and relevant principles are included in the design and implementation of the internal control system.
What is simple interest?
The total amount of interest over the life of a loan without compounding. The total interest formula is = P(i)(n)
What is the definition of business context?
The trends, events, relationships, and other factors, that may influence, clarify, or change an entity's current and future strategy and business objectives (cyclical/industry)
As demand for a currency goes up?
The value goes up
What is the definition of "Commitment to competence"? (eboCa)
There is a commitment to hire, develop, and retain competent employees. Other points of focus include evaluating competence and addressing shortcomings in addition to succession planning.
What are the responsibilities of the audit committee?
They are responsible for appointment, compensation, and oversight of the work the public accounting firm employed by that public company (issuer)
What is the corporate responsibility section of the Sarbanes-Oxley Act regarding the audit committee?
This section relates to the establishment of an audit committee and the representations made by key corporate officers, typically the chief financial officer (CFO) and the chief executive officer (CEO)
What is the COSO Cube?
Three dimensional including the three objectives ( operating, reporting, and compliance), five components ( control environment, risk assessment, information and communication, monitoring, and existing control activities), and the organizational structure (entity level, division, operating unit, and function).
What is compound interest amount?
Total interest paid with compounding. The formula is Fun = P (1 +i)^n
What are the two main factors influencing exchange rates?
Trade & financial
What are the three risk exposure categories for exchange rate risks?
Transaction, economic, and translation
What is the translation exposure factor degree of foreign involvement?
Translation exposure increases as the proportion of foreign involvement by subsidiaries increases
What are currency swaps with parallel loans?
Two firms may mitigate their exposure to long term exchange rate loss any agreeing to re-exchange or repurchase their domestic currency at a later date
What are currency swaps with two firms?
Two firms with consolidated needs for international currencies may agree to swap currencies collected in a future period at a specified exchange rate. The two entities essentially swap their currencies in an exchange negotiation completed years in advance of their receipt of the currencies
What are the three types of currency swaps?
Two firms, financial intermediaries, parallel loan
What are currency swaps with financial intermediaries?
Typically, financial intermediaries are contacted to broker or to match firms with currency needs
Historically, who has the lowest default risk?
U.S. treasury securities (risk-free rate)
What is a currency options hedge?
Use the same principles as forward hedge contracts and money market hedge transactions. However, instead of requiring a commitment to a transaction, the currency option hedge gives the business the option of executing the option contract or purely settling its originally negotiated transaction without the benefit of the hedge, depending on which result is most favorable
What are the five principles of the performance component?
V. Develop portfolio View A. Assess severity of risk P. Prioritize risk I. Identifies risk (events) R. Implement Risk response (using art)
What does VAPIR stand for?
V. Develop portfolio view A. Assess severity of risk P. Prioritize risk I. Identifies risks (events) R. Implement Risk Response (using art)
What is value creation? (Cper)
Value is created when benefits of value exceed the cost of resources used. Resources may include people, financial capital, technology, process and brand (market presence)
What is value erosion? (cpEr)
Value is eroded when faulty strategy and inefficient/ineffective operations cause value to decline
What is value presentation? (cPer)
Value is preserved when ongoing operations efficiently and effectively sustain created benefits. High customer satisfaction with profitable product lines is evidence of value preservation.
What is value realization? (cpeR)
Value is realized when benefits created by the organization are received by stakeholders in either monetary or non monetary form
What is value for for-profit commercial entities?
Value is usually shaped by strategies that balance market opportunities against the risks for pursuing those opportunities
What is value for not-for-profit and governmental entities?
Value may be shaped by delivering goods and services that balance e the opportunity to serve the boarder community against any associated risk
What is the trade factor government controls?
Various trade and exchange barriers that artificially suppress the natural forces of supply and demand affect exchange rates
What is a company's vision?
Vision represents the aspirations of the entity and what it hopes to achieve over time (strategy)
What is unstructured information?
Volumes of e-mails, photos
Is a company's vision the why, what, or how?
What
When is there transaction risk for accounts receivable?
When domestic currency strengthens/foreign currency weakens
What is the trade factor relative to inflation rates?
When domestic inflation exceeds foreign inflation, holders of domestic currency are motivated to purchase foreign currency to maintain purchasing power of their money. The increase in demand for foreign currency forces the value of the foreign currency to rise in relation to the domestic currency, thereby changing the rate of exchange between the domestic and foreign currency
What is a put option?
When the business has the option (not obligation) to sell the collected amount of the foreign currency from the receivable at the option (strike or exercise) price. The business evaluates the relationship between the option price and the exchange rate at the settlement date. Generally, if the option price is more than the exchange rate at the time of settlement then the business will exercise its put option. If the option price is less than the exchange rate at the time of settlement, the business will allow the put option to expire. Although premiums are used to compute any net preserved value associated with option transactions, they are a sunk cost and irrelevant to the decision to exercise the option
When is there transaction risks for accounts payable?
When the foreign currency strengthens/domestic currency weakens
When is it appropriate to use the avoid risk response?
When the likelihood/frequency of the event occurring is high and the severity/impact is high (leaving a line of business)
When is it appropriate to use the reduce risk response?
When the likelihood/frequency of the event occurring is high, but the severity/impact is low
When is it appropriate to us the accept risk response?
When the likelihood/frequency of the event occurring is low and the severity/impact is low (self-insurance)
When is it appropriate to use the share (transfer) risk response?
When the likelihood/frequency of the event occurring is low, but the severity/impact is high (insurance)
When do investors purchase interest rate swaps?
When they believe interest rates are going to increase
Is a company's mission the why, what, or how?
Why
What is interest rate risk (yield risk)?
Yield risk is often used in the context of financial instruments and represents the exposure of the owner of the instrument to fluctuations in the value of the instrument in response to changes in interest rates (when interest rates go up, value of previous fixed income goes down)
What is the definition of internal control?
A process that is designed and implemented by an organization's management, board of directors, and other employees to provide reasonable assurance that the organization will achieve its operating, reporting, and compliance objectives.
Kamp Sporting Goods seeks to establish a code of conduct that will communicate the "tone at the top" to all employees. The contents of the code will likely include all of the following, except: A. Prohibitions against conflicts of interest and self dealing B. Definitions of common sense approaches to software piracy to ensure that the company is competitive C. Descriptions of the organization's commitment to compliance and confidentiality D. Prohibitions or limits on gifts and gravitates or establishes required reporting
B. Definitions of common sense approaches to software piracy to ensure that the company is competitive
What does the C in EBOCA stand for?
Commitment to competence
What are the three principles of the information and communication component?
O. Obtain and use information I. Internally communicate information E. Communicate with External parties
What does OIE stand for?
O. Obtain and use information I. Internally communicate information E. Communicate with External parties
What does ORC stand for?
Operating, Reporting, and Compliance
What does the P in COPS stand for?
Principal evaluation
What is the definition of "principal evaluation"? (coPs)
Principal evaluations serve as the source for isolating and defining internal control deficiencies
How is the internal control framework applied?
The COSO framework may be used to MANAGE the APPLICATION of internal controls, EVALUATE their EFFECTIVENESS, and serve as a basis for management's ASSERTIONS regarding the existence of absence of internal control deficiencies. The COSO framework is intended to reduce assessed risk to acceptable levels.
What is COSO?
The Committee of Sponsoring Organizations, an independent private sector initiative, was initially established in the mid-1980's to study the factors that lead rot fraudulent financial reporting.
What is the definition of "Board independence and oversight"? (eBoca)
The board is independent from management and oversees the development and performance of internal control. Points of focus include establishing oversight responsibilities and providing oversight for the system of internal control.
What are the internal control framework limitations?
- Breakdowns in internal control due to errors or human failure - Faulty or biased judgement used in decision making - Issues relating to the suitability the entity's objectives - External events beyond the control of the entity - Circumvention of controls through collusion - Management override of internal controls
What are some approaches in developing policies and procedures?
- Develop and document policies and procedures - Deploy control activities through the business unit of functional leaders - Conduct regular and ad hoc assessments of control activities
How does the internal controls framework apply to management and the board of directors?
- Effectively applying internal control within the overall organization, on a divisional 9operating) unit level or at a functional level - Determining the requirements of an effective system of internal control by ascertaining whether the components and principles exist and are functioning properly - Allowing judgement and flexibility in the design and implementation of the system of internal control within all operational and functional areas of the organization - Identifying and analyzing risks and then developing acceptable actions to mitigate or minimize these risks to an acceptable level - Eliminating redundant, ineffective, or inefficient controls - Extending internal control application beyond an organizations financial reporting
What are some examples of illegal acts that can have a material impact on the financial statements?
- Existence of investigations - Reports of regulatory examiners - Payments for unspecified services - Delinquent tax returns
What considerations does management take in when selecting, developing, and deploying controls?
- Laws, rules, regulations and standards that apply to the entity - The nature of the entity's business and the markets in which it operates - Scope and nature of the operating model - Competence of personnel - Use and dependence on technology
What are some common risks identified using COSO Framework that are fraud (intentional)?
- Management bias in exercising judgement - The degree of estimates and judgements underlying accounting and reporting - Incentives for fraud (bonuses) - Attitudes and rationalizations by individuals - Unusual transactions - Vulnerability to management override
What are some common risks identified using the COSO Framework that are material omissions/misstatements (unintentional)?
- Multiple industries, markets, and geographic areas - Multiple regulatory environments with different standards - Transactional environments with numerous contracts - An active merger, acquisition, and divestiture environment - A dynamic technological environment - A high executive turnover environment
What are some approaches used to select and develop controls?
- Use workshops or control activity inventories to map risks to controls - Implement control activities over outsourced functions - Consider the types of control activities - Consider alternative control to segregation of duties - Identify incompatible functions
What are the five components of internal control (CRIME)?
1. Control Environment 2. Risk Assessment 3. Information and Communication 5. Monitoring 6. Existing control activities
What does CRIME stand for?
1. Control Environment 2. Risk Assessment 3. Information and Communication 5. Monitoring 6. Existing control activities
What does EBOCA mean?
1. Control Environment 2. Risk Assessment 3. Information and Communication 5. Monitoring 6. Existing control activities
For the internal framework to be effective it must be what two characteristics?
1. Present (design) 2. Functioning (operating effectively)
What are the five sponsoring organizations of COSO?
1. the American Accounting Association (AAA) 2. the American Institute of Certified Public Accountants (AICPA) 3. the Financial Executive Institute (FEI) 4. the Institute of Internal Auditors (IIA) 5. the Institute of Management Accounting (IMA)
According to COSO, establishing, maintaining, and monitoring an effective internal control system can do each of the following, except: A. Ensure an entity's financial survival B. Promote an entity's compliance with laws and regulations C. Provide protection for an entity's resources D. Help an entity achieve performance targets
A. Ensure an entity's financial survival
A company that retains a CPA with the appropriate knowledge, skills, and abilities to prepare timely and effective financial reporting is applying the ideas from which principle of effective internal control over financial reporting? A. Management philosophy and operating lifestyle B. Financial reporting competencies C. Accountability D. Integrity and ethical values
B. Financial reporting competencies
In a large public corporation, evaluating internal control procedures should be the responsibility of: A. Operations management staff who report to the chief operations officer B. Internal audit staff who reports to the board of directors C. Security management staff who report to the chief facilities officer D. Accounting management staff who report to the CFO
B. Internal audit staff who reports to the board of directors
What does the B in EBOCA stand for?
Board indépendance & oversight
How does management document the internal control assessment? (COPS)
C. Component evaluation O. Overall assessment P. Principal evaluation S. Summary of internal control deficiencies (if any)
What does COPS stand for?
C. Component evaluation O. Overall assessment P. Principal evaluation S. Summary of internal control deficiencies (if any)
The external auditors for the Horace Company assess the achievement of internal control objectives each year and communicate the assessment to management and the board. Communication by the external auditor illustrates which principle of the information and communication component of the Committee of Sponsoring Organization's Integrated Framework? A. Financial reporting information B. Internal control information C. External communication D. Internal communication
C. External information
In a small public company that has few levels of management with wide spans of control, each of the following mitigates management override of controls, except: A. Establishing a corporate culture in which integrity and ethical values are highly appreciated B. Having an effective internal auditor function C. Having two officers who significantly influence management and operations D. Establishing an effective and anonymous whistle-blower program which which employees can feel comfortable reporting any irregularities
C. Having two officers who significantly influence management and operations
What are the three principles of the existing control activities component?
CA. Select and develop Control Activities T. Select and develop Technology controls P. Deployment of Policies and procedures
What does the term CATP stand for?
CA. Select and develop Control Activities T. Select and develop Technology controls P. Deployment of Policies and procedures
What's an example of external communication? (oiE)
CPA firms and consultants
What does the E in EBOCA stand for?
Commitment to ethics & integrity
What does the D in SOD stand for?
Communicate deficiencies
What does the E in OIE stand for?
Communicate with external parties
Who uses the Integrated Framework?
Company management, board of directors, and external stakeholders.
What is the definition of the compliance objective of the internal controls integrated framework?
Compliance objectives are established to ensure the entity is adhering to all applicable laws and regulations.
What does the C in COPS stand for?
Component evaluation
What is the definition of "component evaluations"? (Cops)
Component evaluations are supported by principal evaluations
What is the definition of the existing control activities component? (crimE)
Control activities are set forth by an entity's policies and procedures to ensure that the directives initiated by management to mitigate risks are performed. Control activities may be detective or preventive in nature and may include automated and manual activities (approvals, reconciliations, verifications). Segregation of duties is usually part of the control activities developed by an organization, and when not practical, management should develop alternative controls.
What is the definition of "summary of internal control deficiencies (if any)"? (copS)
Internal control deficiencies are summarized and impact the overall assessment
What does the I in OIE stand for?
Internally communicate information
What does the O in EBOCA stand for?
Organizational structure
What does the O in COPS stand for?
Overall assessment
What is the definition of "overall assessment"? (cOps)
Overall assessments are support by component evaluations
What is the definition of the operating objective of the internal controls integrated framework?
Relates to the effectiveness and efficiency of an entity's operations. This category includes financial and operational performance goals as well as ensuring that the assets of the organization are adequately safeguarded against potential losses.
What is the definition of the reporting objective of the internal controls integrated framework?
Reporting objectives pertain to the reliability, timeliness, and transparency of an entity's external and internal financial and non financial reporting as established by regulators, accounting standard setters, or the firm's internal policies.
What is the definition of the risk assessment component? (cRime)
Risk assessment is an entity's identification and analysis of risks to the achievement of its objectives.
What is the control environment component definition? (Crime)
The control environment includes the processes, structures, and standards that provide the foundation for an entity to establish a system of internal control. The importance of internal control and expected standards of conduct is established through "tone at the top" approach taken by the senior management and board of directors of an entity.
What is the definition of "Communicate with external parties"? (oiE)
The organization communicates with external parties regarding matters that affect the functioning of internal control. Points of focus include management having open, two-way external communication channels using a variety of methods and channels.
What is the definition of "Consider potential for fraud"?(saFr)
The organization considers the potential for fraud in assessing risks. Points of focus include assessing incentives and pressures, opportunities and attitudes, and rationalizations.
What is the definition of "Specify objectives"? (Safr)
The organization creates o objective that allow for identification and assessment of the risk related to those objectives. Point of focus include identifying objectives that reflect management's choice while complying with applicable accounting standards, laws, and regulations.
What is the definition of "Identify and assess changes"? (sAfr)
The organization identifies and assesses changes that could significantly affect the system of internal control. Points of focus include assessing changes in the external environment, business model, and leadership.
What is the definition of "Identify and analyze risks"?(safR)
The organization identifies risks across the entity and analyzes the risks in order to determine how the risks should be managed. Points of focus include analyzing internal and external factors, involving appropriate levels of management and determining how to respond to risks.
What is the definition of "Internally communicate information"? (oIe)
The organization internally communicates information necessary to support the functioning of internal controls, including relevant objectives and responsibilities. Points of focus include the flow of information up, down, and across the organization using a variety of methods and channels.
What is the definition of "obtain and use information"? (Oie)
The organization obtains or generates and uses relevant, high-quality information to support the functioning of internal control. Points of focus include management identifying and defining information requirements within the internal control component level.
What is the definition of "Select and develop technology controls"? (caTp)
The organization selects and develops general control activities over technology to support the achievement of objectives. Points of focus include determining dependencies between use of technology in business processes and establishing relevant technology infrastructure control activities.
What is the definition of "Organization structure"? (ebOca)
Management establishes an organizational structure. Points of focus include establishing reporting lines, as well as defining, assigning, and limiting authorities and responsibilities that are appropriate to the organization's objectives.
What is management override?
Management override refers to actions taken by management in an attempt to override controls for personal gain. Management override of controls can lead to fraud.
What is the definition of the monitoring component? (criMe)
Monitoring is the process of assess the quality of internal control performance over time by assessing the design and operation of controls on a timely basis and taking the necessary corrective actions.
What is a major deficiency?
A major deficiency represents a material internal control deficiency, or combination of deficiencies, that significantly reduces the likelihood that an organization can achieve its objectives.
What makes an effective system of internal controls?
An effective system of internal control requires more than adherence to policies and procedures by management, the board of directors, and the internal auditors. It requires the use of judgement in determining the sufficiency of controls, in applying the proper controls, and in assessing the effectiveness of the system of internal controls. The principles based approach of the framework supports the emphasis on the importance of management judgement.
Within the COSO Internal Control - Integrated Framework, which of the following components is designed to ensure that internal controls continue to operate effectively? A. Control environment B. Risk assessment C. Information and communication D. Monitoring
D. Monitoring
A company that maintains a strong internal audit function that reports directly to the Board of Directors is applying the ideas from which principle of effective internal control over financial reporting? A. Authority and responsibility B. Human resources C. Board of Directors D. Organizational structure
D. Organizational structure
What are the five principles of the control environment component?
E. Commitment to ethics and integrity B. Board independence & oversight O. Organizational structure C. Commitment to competence A. Accountability
What are the four principles of the risk assessment component (SAFR)?
S. Specify objectives A. Assess and identify changes F. Consider potential for Fraud R. Identify and analyze Risks
What does SAFR stand for?
S. Specify objectives A. Assess and identify changes F. Consider potential for Fraud R. Identify and analyze Risks
What are the three principles of the monitoring component? (SO-D)
SO. Ongoing and Separate evaluations D. Communication of Deficiencies
What does the term SO-D stand for?
SO. Ongoing and Separate evaluations D. Communication of Deficiencies
What does the CA in CATP stand for?
Select and develop controls activities
What does the T in CATP stand for?
Select and develop technology activities
What does the SO in SOD stand for?
Separate and ongoing evaluations
How many principles are there in the internal controls integrated framework?
Seventeen
What does the S in SAFR stand for?
Specify objectives
What does the S in COPS stand for?
Summary of internal control deficiencies (if any)
What is the definition of "commitment to ethics and integrity"? (Eboca)
There is a commitment to ethical values and overall integrity throughout the organization. Points of focus include setting the tone at the top, establishing standards of conduct, evaluating adherence to standards of conduct, and addressing deviations in a timely manner.