Chap 6 Internal Control Flashcards Preview

Internal Audit > Chap 6 Internal Control > Flashcards

Flashcards in Chap 6 Internal Control Deck (26):
0

Framework

The body of guiding principles that from a template against which organization can evaluate a multitude of business practices.

1

ICFR

Internal Control of Financial Reporting

2

COSO

Committee of Sponsoring Organization of the Treedway Commission, a voluntary private sector organization dedicated to improving the quality of financial reporting through business ethics, effective internal controls, and corporate governance

3

Supplemental publications to COSO's Internal Control - Integrated Framework

- internal Control Over Financial Reporting -Guidance for Smaller Public Companies
- Guidance in Monitoring Internal Control Systems
- internal Control Over External Financial Reporting: a Compendium of Appeoaches and Examplea

4

The COSO, CoCo and Turnbull frameworks

Are used by an increasing number of organizations to evaluate the entire system of internal controls, not just internal controls over financial reporting

5

Internal Control (COSO's definition)

A process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the ache comment of objectives relating to operations, reporting and compliance

6

The components of internal control

Control Environment
Risk Assessment
Control Activities
Information and Communication
Monitoring Activities

7

Critical Success Factors

Success that much be accomplished for objectives to be achieved

8

Segregation of Duties

Diving control activities among different people to reduce the risk of error or inappropriate actions taken by any single individual

9

Actions Speak Louder Than Words

In addition to hardcopy, electronic and oral communication formats, management's actions powerfully communicate what is important to the organization

10

Deficiency (COSO's definition)

"A condition within an internal control system worthy of attention" that may represent a perceived potential, or a real short-coming, or opportunity to strengthen the internal control system to provide a greater likelihood that the entity's objectives will be achieved

11

Tone at the Top

The entity-wide attitude of integrity and control consciousness, as exhibited be the most senior executives of an organization

12

Reasonable Assurance

A level of assurance that is supported by generally accepted auditing procedures and judgements

13

Inherent Limitations if Internal Control

The confines that relate to the limits if the human judgement, resource constraints, and the need to consider the cost of controls in the relation to expected benefits, the reality that breakdowns can occur, and the possibility of collusion or management override

14


Inherent Risk

The combination I'd internal and external risk factors in there pure uncontrollable state, or the gross risk that exists assuming that there are no internal controls in place

15

Risk Appetite

The amount of risk, on a broad level, an organization is willing to accept in the pursuit of its business objectives.

16

Risk Tolerance

The acceptable levels of risk size and variation relative to the achievement of objectives, which must align with the organization's risk appetite

17

Controllable Risk

The portion of inherent risk that management can reduce through day-to-day operations and management activities

18

Residual Risk

The portion if the inherent risk that remains after management execute its risk responses (sometimes referred to as net risk)

19

Entry-Level Control

A control that operates across an entire entity and as such is not bond by or associated with individual processes.

20

Process-Level Control

An activity that operates within a specific process for the purpose of achieving process-level objectives

21

Transactional-level Control

An activity that reduces risk relative to a group or variety of operations-level tasks or transactions within an organization

22

Key Control

An activity designed to reduce risk associated with a critical business objective.

23

Secondary Control

an activity designed to either reduce the risk associated with business objectives that are not critical to the organizations survival or success or serve as a backup to a key control

24

Compensating Control

An activity that if key controls do not fully operate effectively, may help to reduce the related risk. A compensating control will not by itself reduce risk to an acceptable level

25

PCAOB

The U.S. Company Accounting Oversight Board