Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
62 Cards in this Set
- Front
- Back
Analysis |
A means of understanding a whole by studying its parts and their relationships to each other and to the whole |
|
Synthesis |
Involves developing standards and generalizations for a situation, set of circumstances, or a process. It is a means of combining individual components or parts to produce a whole |
|
Evaluation |
Relating a situation, set of circumstances, or process to predetermined or synthesized standards |
|
Define: Control |
Any action taken by mgmt, board, and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. Management plans, organizes, and directs the performance of sufficient actions to provide reasonable assurance that both objectives and goals will be reached |
|
Define: Control Processes |
The policies, procedures (both manual and automated), and activities that are part of a control framework, designed and operated to ensure that risks are contained within the level that an organization is willing to accept |
|
What does the control process include |
1. Establishing standards
2. Measure performance against standards
3. Examining and analyzing deviations
4. Taking corrective action
5. Reappraising the standards based on experience |
|
What are the 4 Primary Controls |
Preventative
Detective
Corrective
Directive |
|
What do preventative controls do |
Deter the occurrence of unwanted events |
|
What do detective controls do |
Alert the proper people after an unwanted evetq |
|
What do corrective controls do |
Correct the negative effects of unwanted events |
|
What do directive controls do |
Cause or encourage the occurrence of a desirable event |
|
What do directive controls include |
Policy and procedure manuals
Employee training
Job descriptions |
|
What are the two Secondary Controls |
1. Compensatory (mitigative) controls
2. Complementary controls |
|
What do compensatory controls do |
May reduce risk when the primary controls are ineffective, bu do not, by themselves, reduce risk to an acceptable level |
|
What do complementary controls do |
Work with other controls to reduce risk to an acceptable level. Their synergy is more effective than either control by itself |
|
What are the 3 Application Controls |
1. Input controls
2. Processing controls
3. Output controls |
|
What are application controls |
Primary controls that relate to the business tasks performed by a particular system |
|
Two types of Input Controls |
Batch Input Controls Online Input Contros |
|
What do processing controls do |
Ensure that data are complete and accurate during updating |
|
What to output controls do |
Ensure that processing results are complete, accurate, and properly distributed |
|
3 Time-Based Classification Controls |
Feedback Controls Concurrent Controls Feedforward Controls |
|
Feedback Controls |
Report information about completed. Permit improvement in future performance by learning from past mistakes |
|
Concurrent Controls |
Adjust ongoing processes. Real-time controls that monitor activities in the present to prevent them from deviating too far from standards |
|
Feedforward Controls |
Anticipate and prevent problems. Require a long-term perspective |
|
Financial vs Operating Controls: Financial Controls |
Should be based on relevant established accounting principles. May include proper authorization, appropriate recordkeeping, safeguarding of assets, and compliance with laws |
|
Financial vs Operating Controls: Operating Controls |
Apply to production and support activities. Should be based on management principles and methods, because they may lack established criteria or standards |
|
People-Based vs System-Based Controls: People-based controls |
Dependent on the intervention of humans for their proper operation, for example, regular performance of bank reconciliations, such as checklists |
|
People-Based vs System-Based Controls: System Based Controls |
Executed whenever needed with no human intervention |
|
Control Matrix |
Matches controls with risks in certain circumstances |
|
What do Internal Controls do? |
Reduce the risk of errors and prevent an individual from perpetrating and concealing fraud |
|
What are the three functions that should be segregated in any given transaction |
1. Authorization of transaction 2. Recording of transaction 3. Custody of associated assets |
|
Acronym from functions that should be kept separate for proper segregation of duties |
ARC A - Authorization R - Recordkeeping C - Custody |
|
5 executives of medium-sized or larger organization for adequate segregation of duties |
VP of Operations Chief Accounting Officer (Controller) CFO (Treasurer) VP Administration VP Human Resources |
|
Segregation of Duties - VP Operations |
Sales Purchasing Warehouse Receiving Shipping Production |
|
Segregation of Duties - Chief Accounting Officer |
A/R Billing A/P General Ledger Inventory Control Cost Accounting Payroll |
|
Segregation of Duties - CFO |
Cash Receipts Cash Disbursements Credit |
|
Segregation of Duties - VP Administration |
Mail Room |
|
Segregation of Duties - VP of HR |
Human Resources |
|
5 cycles of the accounting process |
1. Sales to customers on credit and recognition of receivables
2. Collection of cash from customer receivables
3. Purchases on credit and recognition of payables
4. Payment of cash to satisfy trade payables
5. Payment of employees for work performed and allocation of costs |
|
ARC: Sales-Receivables Cycle |
A: Customer, Sales, Credit Billing C: Shipping, Warehouse R: Inventory Control, A/R, General Ledger |
|
ARC: Cash Receipts Cycle |
A: Customer, Bank C: Mail Room, Cash Receipts R: A/R, General Ledger
|
|
ARC: Purchases-Payables Cycles |
A: Inventory Control, Purchasing C: Vendor, Receiving, Warehouse R: A/P, General Ledger
|
|
ARC: Cash Disbursements Cycle |
A: Vendor, Purchasing C: Cash Disbursements R: A/P, General Ledger
|
|
ARC: Payroll Cycle |
A: HR, Production C: Cash Disbursements, Bank R: Time-keeping, Cost Accounting, Payroll, A/P, General Ledger
|
|
Roles and Responsibilities: Management |
CEO establishes the tone at the top |
|
Roles and Responsibilities: Boards |
Commitment to integrity and ethical values reflect in selection of senior mgmt positions
Must be capable of objective judgment, knowledge of industry, willing to ask relevant questions about mgmt decisions
Subcommittees: audit, compensation, finance, risk |
|
Roles and Responsibilities: Internal Auditors |
Important consulting and advisory role
Evaluates the soundness of the system or internal control
Cannot be responsible for selecting and executing controls to remain independent |
|
Imposed Control |
Traditional, mechanical approach
Measures performance against standards
Corrective action through the individual responsible for the function |
|
Drawback of Imposed Control |
Corrective action tends to come after performance. Result may be a response to poor performance rather than its prevention |
|
Self-control |
Evaluates the entire process of management and the functions performed. Attempts to improve the process instead of simply correcting the specific performance of the manager - i.e, management by objectives |
|
Sawyer definition of control |
Employment of all the means devised to promote, direct, restrain, govern, and check upon its activities for the purpose of seeing that objectives are met. Include form of organization, policies, systems, procedures, instructions, standards, committees, charts of accounts, etc |
|
Organization (as a means of control) |
Approved intentional structuring of role assigned to people so that it can achieve its objectives efficiently and economically |
|
Policies |
Stated principle that requires, guides or restricts action |
|
Principles of policies |
Clearly stated in writing
Systematically communicated
Conform with laws and regs
Designed to promote conduct of authorized activities in an effective, efficient, and economical matter
Periodically reviewed |
|
Procedures |
Methods employed to carry out activities in conformity with prescribed policies |
|
Additional principles of procedures (in addition to those of policies) |
One employee's work is automatically checked by another to reduce possibility of fraud
For nonmechanical ops, procedures should not be so detailed as to stifle use of judgment
As simple and inexpensive as possible
Should not be overlapping, conflicting, or duplicative
Periodically reviewed and improved as necessary |
|
Best form of control over performance of individuals |
Supervision |
|
Practices to improve control over personnel |
New employees should be investigated as to honesty and reliability
Give training that provides the opportunity for improvement and keeps them informed of new policies/procedures
Give information on duties and responsibilities of the other segments of the org to better understand how and where their jobs fit into the org as a whole
Performance should be reviewed periodically to see whether all essential requirements of the job is being met |
|
Accounting |
Indispensable means of financial control over activities and resources
Financial scorekeeper of the organization |
|
Basic principles of accounting systems |
Fit the needs of managers for rational decision making rather than the dictates of a text book
Should be based on lines on responsibility
Financial reports of operating results should parallel organization units responsible for carrying out operations
Accounting should permit controllable costs to be identified |
|
Budgeting |
Statement of expected results expressed in numerical terms.
Sets a standard for input of resources and what should be achieved as output and outcomes |
|
Principles of internal reporting systems |
Reports should be made in accordance with assigned responsibilities
Individuals/units report only on what they are responsible for
Costs should be weighed against benefits
Should be simple and consistent with nature of the subject matter
Performance reports should show comparisons with predetermined standards
If performance cannot be quantified, report should be designed to emphasize exceptions or other matters requiring attention
Should be timely
Recipients should be polled periodically to see whether they still need the reports they are receiving or if the reports could be improved |