Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
13 Cards in this Set
- Front
- Back
1. preventive
2. detective 3. corrective |
three important control functions
|
|
1. general controls
2. application controls |
two categories of internal controls
|
|
1. belief system
2. boundary system 3. diagnostic control system 4. interactive control system |
four levels of control to help management reconcile the conflict between creativity and controls
|
|
1. COBIT framework
2. COSO's internal control framework 3. COSO's enterprise risk management framework |
3 frameworks used to develop internal control systems
|
|
1. business objectives
2. IT resources 3. IT processes |
3 vantage points addressed by the COBIT framework
|
|
1. strategic objectives
2. operations objectives 3. reporting objectives 4. compliance objectives |
4 types of ERM objectives
|
|
1. reduce
2. accept 3. share 4. avoid |
4 ways management can respond to risk
|
|
1. AAA
2. AICPA 3. Institute of Internal Auditors 4. Institute of Management Accountants 5. Financial Executives Institute |
5 institutes that make up COSO
|
|
1. authorization
2. custody 3. recording |
3 accounting functions
|
|
1. control environment
2. control activities 3. risk assessment 4. information and communication 5. monitoring |
COSO's five interrelated components of internal control
|
|
1. internal environment
2. objective setting 3. event identification 4. risk assessment 5. risk response 6. control activities 7. information and communication 8. monitoring |
8 components of ERM
|
|
1. proper authorization
2. segregation of duties 3. project development and acquisition controls 4. change management controls 5. design and use of documents and records 6. safeguarding assets, records, and data 7. independent checks on performance |
7 categories of control procedures
|
|
1. systems admin.
2. network mgt. 3. security mgt. 4. change mgt. 5. users 6. systems analysts 7. programming 8. computer operations 9. information system library 10. data control |
10 functions that authority and responsibility should be divided among
|