• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/13

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

13 Cards in this Set

  • Front
  • Back
Descriptions of risk
Appetite - risk co wishes to take
Capacity - max risk exposure acceptable without threatening stability
Tolerance - amount co able to suffer but survive - numerical terms usually
Business risks
CLERFS

Competition (rival action)
Liquidity (to settle liabilities)
Environment (business - PEST)
Reputational (customer loyalty) eg Toyota
Financial (condition, rates) eg Nestlé 1/2 milk on fixed contract
Strategic (decisions re exposure) eg Citigroup CDOs
Risk management system (poss carried out by internal audit)
Identification
Evaluation (probability, size)
Management measures (avoid, insure, training, limit exposure)
Control + review
Turnbull categories of risk
Financial (error/fraud in accounting system, misreporting - SPAMSOAP)
Operational (failed internal processes/systems, external events)
Compliance (non-compliance with regs)
Internal control systems - financial areas
SPAMSOAP

Segregation of duties
Physical control over assets
Authorisation (approval)
Management controls (monitoring)
Supervision
Organisation (lines of reporting)
Arithmetical/accounting controls
Personnel
COSO Framework (Committee of Sponsoring Organisations - Treadway)
System to give reasonable assurance in FOC areas (s404 SOX)

CIIIM

Control environment (culture)
Identification/assessment
Internal controls
Information/communication
Monitoring (audit + review)
Turnbull guidance
Board set policies (consider extent, type, likelihood, impact, cost)
Mngt implements it + communicates to co so that it is embedded in bus (part of culture)
Mngt monitors and gives feedback to board through reports, auditors, tests - reasonable assurance of effectiveness
Board does annual review (clearness, env, monitoring)
Shareholders informed - report req'd (system in place, reg reviewed, ack resp)
Turnbull - requirements for effective ICS
CREME

Controls themselves effective
Reassessment continual as sig risks change/develop
Effective communication of risks/controls
Monitoring must be done effectively
Environment of control suitable
Turnbull - policies and proecdures should do what
FEC

Facilitate effective/efficient operations
Ensure quality of external reporting
Compliance with laws/regs must be ensured
Internal audit function investigations
RISC

Risk assessment
ICS robustness
Special investigations
Circumventing possible
Audit committee responsibilities
Financial statements integrity
ICS and RMS (unless separate committee)
Internal audit function
External auditor (app, rem, terms)
Independence of external auditor
Non-audit services by auditor
WB
Audit committee areas of review
FISC

Frequency if reporting by management
Incidence of any sig failings/control weaknesses
Scope/quality of monitoring
Changes in sig risks
Whistleblowing procedures

(BSI WB Arrangements Code of Practice - need confidence of employees)
VERIDIC

Victimisation protected against but disciplinary action if false
Examples of misconduct applicable
Reporting procedure clear, to who and external option
Investigation and procedure made clear
Documented and say take it seriously/committed, be clear
Informed of outcome
Confidential