Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
53 Cards in this Set
- Front
- Back
|
Why do we need corporate governance |
to overcome agency problem
|
|
|
Who has marjor control over mgmt?
|
External auditors
Internal auditors Credit rating agency SEC IRS attorneys Internal control system security analyst creditors |
|
|
Objective of Internal control
|
1. Financial information reliability
2. Operating efficiency and effectiveness 3. compliance with law |
|
|
Components of Internal Control (5)
|
1. control environment
2. assessment of risk 3. control activities 4. information and communication 4. monitoring |
|
|
Limitations of internal control
|
1. Mgmt can override
2. segeration can be circumvented by collusion 3. can breakdown due to bad judgement 4. can can not excced benefit |
|
|
What does Enterprise Risk Mgmt do?
|
A process designed to identify potential events that may affect the organization and manage risk to be within it's risk appetite and provide resonable assurance regarding achieving objectives
|
|
|
What is Risk Appetite
|
the amount of risk an organization will accpet to acheive it's objectives
|
|
|
What are the 8 componentes of Risk Mgmt
|
1. Control environment
2. Objective setting 3. Risk identification 4. Risk assessment 5. Risk respone 6. Control activities 7. Information and communication 8. Monitoring |
|
|
Evaluator
|
Individual that monitors internal control within an organization
Must be competent and objective |
|
|
Inherent Risk
|
Risk to the organization if managment does nothing to alter it's likelihood or impact
|
|
|
Risidual Risk
|
The risk of the event after considering mgmt resonse
|
|
|
Risk tolerance
|
the acceptable variation with respect to achieving a particular objective
|
|
|
Articles of incorporation includes (6)
|
1. Name and initial address
2. Purpose 3. Power 4. name of registered agent 5. Name and address of incorporators 6. # of authorized shares and types of stocks |
|
|
By laws includes
|
1. How are officers elected
2. HOw meetings are conducted 3. Types and duties of officers 4. required meetings 5. process of bylaw amendment |
|
|
Monitoring devices for mgmt behavior
|
1. board of directors
2. external auditors 3. internal auditors 4. credit analyst and agencies 5. attorneys 6. IRS 7. SESC |
|
|
Board of directors are responsible for (10)
|
1. Mission of the company
2. Selection and removal of CEO 3. Amending by laws 4. Mgmt compensation 5. Declaration and payment of dividend 6. acquisition and cap structure 7. Advising mgmt 8. governance oversight and assisst auditors 9. accurate financial reporting 10. Risk managment |
|
|
Board of directors must be:
|
Competent
Majority independent not part of mgmt Dont receive significant benefits other than compensation Adequetely trained have no power to bind the compnay |
|
|
Business Judgement Rule
|
Corporate directors may not be held liable for errors in judgement providing the director acted in good faith, loyalty and due care
|
|
|
what is duty of loyalty
|
puttling corporate interest before personal when offered any opportunities
|
|
|
Who is an Inside directors
|
If a director also is an employee or a major shareholder
|
|
|
Dodd-Frank act of 2010 says:
|
Must disclose why chairman of the board of not CEO
All members of compensation committee and audit committee must be independent |
|
|
Committees of the board
|
Corporate governance
Audit Committee Compensation Committee |
|
|
The nominating/Corp. governance committee does what?
|
1. Oversees boards organization including assignments
2. Determines director qualification training 3. Develops corp. governance principals 4. Oversee CEO succession |
|
|
Function of Audit Committee
|
1. appointment, compensation and ovesight of external auditor
2. resolution of disagreement between auditor and management |
|
|
Financial expert must do:
|
1. Understand GAAP and Fin Statement
2. Experienced in preparing and analysing and evaluation of Fin Statement 3. Understand Internal Control 4. Understand procerdue of Fin. Reporting 5. understand audit committee function |
|
|
Per Section 302 of SOX: Financial Officer responsible for
|
1. Maintain internal control
2. Disclose all significant interal control deficiencies to the compnay's auditor and audit committee |
|
|
Compensation Commitee
|
1. All members must be independant
2. Review adn aprpove CEO compensation 3. Makes recommendation to board with respect to incentive and equity based compensation 4. attempt to align incentive with shareholder objective and risk appetite |
|
|
Director are not independant if:
|
1. has been an employee in the last 5 years (3 years for NASDAQ)
2. If family memnber is an officer in the last 5 eyars 3. If were external auditor in the last 5 eyars 4. Receives >$120K 5. Receives significant revenue from the corporation |
|
|
Types of Internal audit services
|
1. Assurance
2. Consulting |
|
|
Types of Internal Audit Standards
|
1. Attribute Standards - related to characteristics of audit
2. Performance Standards - Quality of Internal Audit activities |
|
|
External Auditors duties includes
|
Audit in accordance of PCAOB
Assures Fin Stmt are accurate Mgmt not engaging in fraud |
|
|
Mgmt Responsibilities per SOX 404
|
1. Establish adequest internal control over financial reporting
2. Assessment over effectiveness of Internal Control 3. External auditors to attests to mgmt's report |
|
|
What are significant audit finding
|
1. Auditors view on qualitative aspect of significant accounting practices
2. Significant difficulties encountered during audit 3. disagreement with management 4. Other finding that are significant and relevent 5. uncorrected material misstatements |
|
|
What are the SEC divisions?
|
1. Division of cor finance
2. Division of enforcement 3. Office of the chief accountant |
|
|
SEC division of Cor Finance does what?
|
1. Review document filed by companies
2. Checks to see if compnaies are meeting disclosure requirements 3. Seeks to improve quality of disclusures |
|
|
SOX 906 requirement of Corp govornance
|
Requires CEO and CFO to clarify accurance and thuthfullness of periodic financial reports filed with SEC
|
|
|
Common Shareholder's Right
|
1. Right to vote in election of directors
2. Right to vote in decision to disolve the corporation 3. Other fundamental changes in corporation 4. Right to inspect books and records |
|
|
What are the 7 control environment components (ICHAMBO)
|
1. Integrity and Eithcal values
2. Committments to competance 3. Human resource policies 4. Assignment of responsibilities 5. Management philosophay and style 6. Board of director or audit committee 7. Organizational structure |
|
|
Control Activities include
|
1. Performance Review
2. Information processing control a. General control b. application control i. Input control ii. Processign control iii. output control c. Physical control d. Segregation of duty |
|
|
What is application control?
|
1. Input control
2. Porcessing control 3. Output control |
|
|
Segregation of Duty
|
Different people are responsible for:
1. authorizing transaction 2. Recording transaction 3. Maintaining custody of assets |
|
|
Effective information and communication must be
|
1. identify and record all valid transactions
2. describe trans. timely 3. measure value of transaction 4. Record in the proper period 5. Properly present and disclose 6. comminicate responsibilities to employees |
|
|
Internal Controls fail because
|
1. not designed or implemented properly
2. change in environment make it ineffective 3. the way control operates may change |
|
|
Interal control change control continuum
|
1. Control baseline
2. change identification 3. change management 4. congtrol revalidation/update |
|
|
Interal Control change management
|
1. Change request
2. Change analysis 3. Chagne decision 4. Change planning, implementation and tracking |
|
|
Characteristics of key controsl
|
1. the failure could materially effect areas objective other controsl would not be expected to detect failure timely
2. their operating may prevent or detect other failure b/f they hadn and opportunity to become material to organization's objectives |
|
|
SOS 404 requirements around Internal Control
|
1. Statements of mgmt's responsiblity of establishing Internal Control
2. Framework used by mgmt to assess effectiveness of Interal Control 3. Internal Control over Financial Statements 4. Auditors attestation on mgmt's report |
|
|
What does ERM (enterprise risk management) do?
|
1. align risk appetite with strategy
2. enhance risk response 3. Reduces operational surpises and losses 4. Identifies and manages cross enterprise risk 5. Provide integrated response to multiple risk 6. help seize opportuntiy 7. Improve deployment of capital |
|
|
Risk/Event identification techniques
|
1. Event inventory
2. Internal analysis 3. Escalation of threshold trigger 4. Facilitated workshop 5. process flow analysis 6. Leading event indicator 7. Loss events data methodologies |
|
|
Risk assesment methods
|
Probabilistic model: range and events and their resulting impact with the likelihood of those events base of certain assumption. i.e. Value at risk, Cash flow risk, earnings risk
|
|
|
Nonprobabilistic Model
|
uses subjective assumptions in estimating ther impact of event without quantifying an assoicated likelihood
1. sensivitiy mesaure 2. stress test 3. scenarios ananlysis |
|
|
4 types of Risk Responses
|
1. Avoidance - exit activity
2. Recuction - reduce impact 3. Sharing - hedging, outsourcing 4. Acceptance - doing nothing |
|
|
Limitations of ERM
|
1. Risk relates to uncertain future
2. Provides risk related to objectives but cant' assure that objectives will be achieved 3. cant' assure about objective categoreis 4. Subject to mgmt's override |
