Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
10 Cards in this Set
- Front
- Back
|
Internal Control |
a process, effected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: effectiveness and efficiency of operations, reliability of financial reporting and compliance with applicable laws and regulations. |
|
|
Elements of internal controls |
1. it is a process 2. it necessarily involves people in the organization 3. it is designed to provide reasonable assurance 4. it provides reasonable assurance in a few common areas such as operations, financial reporting and human behavior |
|
|
portion of SOX that applies to internal controls |
1. management and the external auditors must assess internal controls on an annual basis 2. management must acknowledge that they are responsible for internal controls, must disclose any changes, must certify that they have informed auditors and board of directors of any significant problems/weaknesses |
|
|
Brown's taxonomy of risk (1) |
1. financial risks are related to monetary activities a. market risk refers to changes in a company's stock prices, investment values, and interest rates b. credit risk is associated with customers' unwillingness or inability to pay amounts owed to the organization c. liquidity risk involves the possibility that a company will not have sufficient cash and near-cash assets available to meet its short term obligations |
|
|
Brown's taxonomy of risk (2) |
2. Operational risks concern the people, assets, and technologies used to create value for the organization's customers a. systems risk relates directly to information technology. As a business becomes more reliant on IT procedures, there is a chance that IT will fail at a crucial moment b. human error risk recognizes the possibility that people in the organization may make mistakes |
|
|
Brown's taxonomy of risk (3) |
Strategic risks relate to the entity's decision making process at the senior management and board of directors level a. legal and regulatory risk is concerned with the chance that those parties might break laws that result in financial, legal, or operation sanctions b. business strategy risk comprises poor decision making related to a company's basis for competing in its markets |
|
|
Brown's taxonomy of risk (4) |
4. hazard risk - directors' and officers' liability. These individuals have a risk of ligation if leading company wrong
|
|
|
Internal control - integrated framework |
control environment, control activities, information and communication, monitoring, risk assessment |
|
|
to develop and sustain a strong control environment, management should: |
1. be committed to integrity and ethical behavior 2. demonstrate commitment to competence in carrying out their role 3. actively seek out participation of board of directors and audit committee in decision regarding internal controls 4. maintain a consistent, appropriate management philosophy and operating cycle 5. structure the organization for efficiency, effectiveness, and reasonable internal control 6. assign authority and responsibility with integrity and the best interest of the company 7. develop and enforce human resource policies and practices that encourage all employees to maintain a sound internal control system |
|
|
Unique challenges for small companies in regards to Internal Controls |
1. resources - obtaining sufficient resources to achieve adequate segregation of duties 2. management domination - management's ability to dominate activities and significant opportunities for improper management override of processes 3. Board expertise - recruiting individuals with the necessary expertise to serve effectively on the board of directors and audit committee 4. financial competence - recruiting individuals with necessary experience and skill in accounting and financial reporting 5. running the business - balance between financial reporting and running the business 6. information technology - controlling IT and maintaining appropriate general and application controls over computer information systems with limited technical resources |
