Flashcards in B1: Corporate Governance and Operations Management Deck (29)
Relationships and Referrals
Use of Internet
Interaction-Based Relationship Marketing
Repeat Business/Loyalty Discounts
Lowest Price, Single Sale
Cause-and-Effect Diagram "Fishbone"
Trace "Defect" back to source using
Pareto Diagram "Histogram"
Most to Least Frequent. Uses output/total for cumulative percentages
Determine "zero" defects. Also known as goalpost performance to ensure deviations are within an acceptable range
Partial Productivity Ratios
Output / Specific Quantity
Total Factor Productivity Ratios
Output / Total Costs
3 Objectives of COSO Framework "ORC"
1. Operations Objectives: Effectiveness & Efficiency
2.Reporting Objectives: External & Internal, Reliable and Transparent
3. Compliance Objectives: Adhere to laws & regulations
Components of Internal Control "CRIME"
1. Control Environment: Tone at the Top
2. Risk Assessment: Financial Statement misstatement or fraud?
3. Information & Communication: Fair, Accurate, Complete, & Timely = FACT
4. Monitoring: Efficiency of Internal Control, Report Deficiencies
5. Existing Control Activities: Policies/Procedures to mitigate risks
Control Environment "EBOCA"
Ethics & Integrity
Board Independence and Oversight
Commitment to Competence = Hire, Develop, Retain
Risk Assessment "EAR"
Respond to Risk
Information & Communication "FACT"
Internal: Internal Audit, Audit Committee, Management
External: CPA Firm
Report and Correct Deficiencies
Existing Control Activies
Develop IT and Deploy Policies
Effective Internal Control Requirements
1. Present: Included as Designed
2. Functioning: Operating as Designed
Ineffective Internal Control
Enterprise Risk Management Objectives "SORC"
1. Strategic: High-level goals designed to achieve the mission
2. Operations: Efficient & Effective Use of Resources
3. Reporting: Consistent Reporting
4. Compliance: With Laws and Regulations
Components of Enterprise Risk Management "IS EAR AIM"
Internal Environment = (C)RIME
Setting Objectives = "SORC"
Event Identification \
Assessment of Risk | -> C(R)IME
Risk Response /
(Existing Control) Activities = CRIM(E)
Information & Communication = CR(I)ME
Monitoring = CRI(M)E
Internal Environment = Tone at the Top "EBOCA HR"
Commitment to Competence
Human Resources & Risk Appetite
Setting Objectives "SORC"
Risks (negative) and Opportunities (positive)
External = PESTN
Internal = TIPP
Assessment of Risk
Inherent = What's the risk is Management takes NO action
Residual = What's the risk AFTER Management takes action
Must align with the organizations overall risk appetite
Avoidance = Discontinue
Reduction = Invest
Sharing = Buy Insurance
Acceptance = No action
Existing Control Activities
Policies and Procedures
Variance Analysis = Budget vs. Actual
Activity Management = Performance Reports
Performance Indicators = Ratio Analysis = Red Flags
Information and Communication "FACT"
Internal = Personnel External = Supplier and Customer