BEC 1 Flashcards
Internal Control
What are the 3 components of the COSO CUBE of internal controls?
O
R
C
Operations
Reporting
Compliance
ERM
The 4 objectives of Enterprise Risk Management (ERM)
SORC
Strategic
Operations
Reporting
Compliance
ERM
The 8 components of Enterprise Risk Management (ERM)
IS
EAR
AIM
Internal environment (Control environment) = (EBOCA) Setting objectives = S+ORC Event Identification (SAFR) Assess risk (SAFR) Risk response (SAFR) control Activities (CATP) Information & Communication (OIE) Monitoring (SOD)
ERM
e-A-r
Assessment of Risk
&
Assessment Technique
1) Likelihood
2 )Severity (Impact)
1) Benchmarking
2) Prob models - Statistics
3) Non-prob - Opinions
ERM
e-a-R
Risk response
ARSA
Avoid/terminate
Reduce - invest
Share - buy insurance
Accept
Event Inventory
When management uses listings of potential events common to a specific industry as a means of identifying risks or opportunities
Residual risk
The risk that remains after management responds to the risk
The risk that an organization incurs after management takes whatever actions are needed to mitigate the adverse impact of a given event
The 4 stages of the change continuum
- Control Baseline
- Change Identification
- Change Management
- Control Validation/Update
Internal Controls
5 internal control components
CRIME C R I M E
C - Control environment (EBOCA) R - Risk assessment (SAFR) I - Information & Communication (OIE) M - Monitoring (SOD) E - Existing control activities (CATP)
EBOCA (Control Environment)
E - Ethical values B - Board independence & oversight O - Organizational structure C - Commitment to competence A - Accountability
SOD (Monitoring)
Separate & Ongoing evaluations
Deficiencies
OIE (Information & Communication)
O -Obtain and use information
I - Internal communication
E - External communication
SAFR (Risk Assessment)
S - Specify objectives
A - Asses changes
F - Fraud
R - Risk assessment
CATP (Control Activities)
C - Control Activities
A
T - Technology
P - Policies & procedures
Interest Rate goes up = Value of fixed income goes down
Fixed coupon / (1+r) = Value
Market Risk (systematic / nondiversifiable)
fluctuation in value as a result of operating within an economy (war, inflation, international incidents, political events)
Diversifiable risk (Unsystematic / Firm-Specific)
the portion of a firm’s or industry’s risk that is associated with random causes and can be eliminated through diversification (Strikes, lawsuits, regulatory actions, loss of a key account)
2 Broad categories of risk
- D - Diversifiable risk
U - Unsystematic risk - N - Nondiversifiable risk
S - Systematic risk
Credit Risk (affects borrowers)
Credit risk goes up = cost of borrowing goes up