Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
33 Cards in this Set
- Front
- Back
What are the 3 methods used when performing a CSA?
|
facilitated team workshop, qustionnaires, management produced analyses
|
|
When are CSA questionnaires preferred against team workshops? |
"- management desires to limit the cost of gathering information
- employees are widely dispersed geograpaphically - organisational culture hinders open and candid discussions |
|
"
On what does the intensity of the monitoring of the IA involved in a CSA by the CAE depend? |
the monitoring intensity carried out by the CAE depends on the SIGNIFICANCE of topics being discussed in the CSA
|
|
When facilitating a CSA, what must the IA not do with regard to the ownership and accountability for the information gathered? |
take over the ownership and accountability from the participating group (e.g. by offering suggestions when the group is struggling)
|
|
In designing a CSA workshop, the most important issue is to ensure that staff and management have a sense of what? |
a sense of ownership to be active process participants
|
|
If a CSA is successful, it will reduce the number of what? |
- reduce the number of errors and failures
|
|
Which CSA method is most suited for gathering information about soft controls such as "tone of the top"? |
face-to-face discussions at CSA workshops with participants from many parts of the organization and various levels
|
|
What are the four centrals of a valid contract?
|
"- mutual consent
- lawful object - mutual consideration - capable parties |
|
"
How is contract considered is one of the four centrals of a contract is missing? |
a void contract as it is considered never to have com into existence due to the lack of the four contract centrals
|
|
What is a voidable contract? |
a void contract in a voidable contract one of the parties has the option to step back from the contract (e.g. contract was closed under duress, involved misrepresentation or fraud)
|
|
When is a contract unenforcable? |
a contract in which neither party may enforce the other's obligation (e.g. contract violates the statute of frauds as it has not been set up in writing)
|
|
Which contract type is best suited when it is not possible at the time of placing the contract to estimate accurately the duration of the work? |
time-and-materials contract
|
|
Which contract type is best suited when the requirements are well-defined, uncertainties can be identified and costs estimated, and there is adequate competition? |
fixed-price contract
|
|
Which contract type is best suited when the requirements are complex and costs cannot be easily identified and estimated? |
cost-reimbursement contract
|
|
Which contract type is best suited when the supplies and/or services of future deliveries are not known at the time of contract award? |
indefinite delivery aka. Open contract
|
|
Which contract type is best suited in circumstances of unusual and compelling urgency as it represents a preliminary intstrument that permits a contractor to begin work when all of the contract terms and conditions have not been agreed upon? |
letter contracts
|
|
How often at least should a contractual activity be monitored so that the monitoring may be considered timely? |
at least monthly
|
|
Which COSO ERM Component does encompass the tone of an organization and set the basis how risk is viewed and addressed by an entity's people?
|
internal environment
|
|
Which COSO ERM Component does encompass the setting of objectives that support and align with the entity's mission and are consistent with its risk appetite? |
objectives setting
|
|
In which COSO ERM Component are identified events distinguished between risks and opportunities? |
event identification
|
|
In which COSO ERM Component are risks to the achievement of objectives analyzed and are assessed on an inherent and a residual basis? |
risk assessment
|
|
In which COSO ERM Component does management develop a set of actions to align risks with the entity's risk tolerance and risk appetite? |
risk response
|
|
In which COSO ERM Component are policies and procedures established and implemented to help ensure that the risk responses are effectively carried out? |
control activities
|
|
In which COSO ERM Component is relevant information identified, captured, and communicated in a form and time frame that enables people to carry out their responsibilities? |
information and communication
|
|
In which COSO ERM Component is the entirety of ERM observed and modified as necessary? |
monitoring
|
|
In the COSO model, which components influences other components? |
any component can influence the others
|
|
Which factors are considered in a risk assessment? |
the probability of risk and its impact
|
|
As what can the extent of management judgements and accounting estimatea serve in identifying the areas to be examined? |
as risk factors
|
|
In assessing organizational risk in a manufacturing environement, which risk factor has the most long-range impact on the organization? |
product quality
|
|
What does a risk control matrix cover in the assessment of risks?(3) |
"- business objectives
- risks associated with each objective - controls mitigating the risks |
|
"
In what does the risk control matrix IAs and clients assist with regard to how to handle risks? |
assist in prioritizing risks based on probability (likelihood) and significance (impact)
|
|
What is the major disadvantage in setting up a risk control matrix? |
filling it out requires a significant time invesment
|
|
A risk control matrix not incorporate an analysis of which costs? |
an analysis of exact economic costs of each risk
|