Corporate Governance & IC Flashcards
According to SOX Section 407, what does it take to become a financial expert?
(1) an understanding of GAAP and financial statements
(2) experience in (a) preparation of financial statements and (b) application of such principles in connection with the accounting for estimates, accruals, and reserves
(3) experience with internal accounting controls; and
(4) an understanding of audit committee functions
In the COSO “cube” model, which component of internal control enables an organization’s people to identify, process, and exchange the information needed to manage and control operations?
Information and communication.
In the COSO “cube” model, what is not a control objective?
Monitoring.
According to the 17 COSO control principles, risk reduction primarily relates to which fundamental component of internal control?
Control activities.
According to the 17 COSO control principles, what does establishing a whistle-blower hot line contributes to?
Both internal and external organizational communication
According to the 17 COSO control principles, organizational objectives primarily relate to which fundamental component of internal control?
Risk assessment
According to the 17 COSO control principles, change management primarily relates to which fundamental component of internal control
Risk assessment
What can recognizing potential impediments to communication between system user and system designer can be useful in doing?
Managing change in the system of internal control
Which of the following is most useful when risk is being prioritized?
Expected value
In which organization might segregation of duties be easiest to achieve?
A large organization that has implemented SoD software
In a large public corporation, who should be responsible for evaluating internal control procedures?
Internal audit staff who report to the board of directors
According to COSO, the use of ongoing and separate evaluations to identify and address changes in internal control effectiveness can best be accomplished in which stage of the monitoring-for-change continuum?
Change identification
The IIA’s Code of Ethics identifies four “Principles” around which the 12 Rules of Conduct are organized. which key word or phrases is not associated with these Principles?
Continuous Improvement
The IIA’s International Professional Practices Framework does not include among its “mandatory” guidance
Practice Guides
What term identifies the type of internal auditing standards used to describe the characteristics associated with organizations and individuals who provide internal audit services?
Attribute Standards