Flashcards in Corporate Governance Deck (44):
Framework Objectives of COSO -ORC
-Reporting Objectives- Focus of COSO
Components of Internal Control
Control Environment- Tone at the top
Risk Assessment-F/S misstated or Fraud?
Control Activities-Policies/Procedures to mitigate risk
Information & Communication-Fair, Accurate, Complete, Timely
Monitoring- Efficiencies of Internal Control and report deficiencies
Enterprise Risk Management Framework
IS EAR AIM
-Assessment of Risk
-Information & Communication
-Gets to decide whether or not the Corp pays dividends
BOD has a Fiduciary Duties
-Must always act in the best interests of the corp. Ethically
a) Right to Rely-Part of due diligence.
Liability for Unlawful Distributions/Dividends
-Directors may be held liable for authorizing a distribution in violation of law
BOD -duty of loyalty
-Cannot compete serve on board of coke and pepsi.
-You could have conflicts of interests.
BOD conflict of Interest
a) Full Disclosure
b) Abstain from voting.
Corporate Opportunity Doctrine- A director is presented with a business opportunity that is of interest to his corporation
His duty prohibits him to take the opportunity for himself. He Must preset the opportunity to the corporation, and can take the opportunity for himself only if the corp decides not to take it.
Officers are individual agents
Agents have 2 types of authrities
Apparent- "Title" CEO CFO President..
If they enter into contracts and act on behalf of the corporation in the ordinary course of business.
Majority of the board of directors being independent shows
that there is good corporate gov.
An Agent when it comes to shareholders
-Are not required to be shareholders
SOX Act of 2002 addresses
-Enhanced Financial Disclosure
-We look At Audit Comm
-And certain representations that the CEO pr CFO makes
Audit Committeee- Public Company
1) Auditor reports directly to the audit committee
2) Audit Comm. is responsible for resolving disputes between the auditor and management.
Audit Comm. Members
-Must be independent ant not part of the day to day operations..
-Must establish procedures to accept reports of complaints regarding audit, accounting, or internal control issues.
Corp Resp. For Financial Reports
CFO & CEO must sign reps regarding annual and quarterly reports
a) They have reviewed the reports
b) The report does not contain untrue statements or omit material information
The CEO and CFO signing the report have assumed resp for internal controls including the assertion that controls have been evaluated for effectiveness as of a date within 90 days prior to the report(eCOSO)
Significate deficiencies in Internal Control
The CEO and CFO must make disclosures in regards to any sig. def in Internal control to the auditors and the audit committee
If There is an accounting restatement due to material noncompliance an agent may lose their
Enhanced Financial Disclosure
May make them quarterly and annually
-Disclosures are intended to ensure that the application of GAAP reflects the economics of the transactions included in the report and that those transactions are transparent to the reader.
The assessment of Internal controls
-Management is resp. for establishing & maintaining an adequate of the internal controls.
Code of Ethics for Senior Officers
Code of Conduct AKA tone at the top
1) Honest & Ethical Conduct
2) Full, Fair, accurate , adn timely disclosures
3) Compliance with laws.
Disclosures of Audit Commitee "Financial Expert"
-To resolve disputes between management and auditor.
-If you don't have one then why not
Enhanced Review Disclosures by Issuers SEC
SEC is required to review disclosures made by issuers including those in form 10-K
Statue of Limitations for Securities Fraud
2 and 5
2 years after the discovery of the facts
5 years after the violation
Avoid Financial Reporting CRIME.
COSO tells us how to establish good controls
Definition of Internal Control
Process that is designed and implemented by an organization's management.
To provide reasonable assurance that it will achieve its compliance, operating and reporting objectives.
COSO applies to
COSO Issued ERM
Enterprise Risk Management Framework
-To assist organizations in developing a comprehensive response to risk management.
Intent of ERM
-To allow management to effectively deal with uncertainty, evaluate risk. while determining how much uncertainty to accept
ERM framework encompasses the following themes
1) Aligning Risk Appetite & Strategy
2) Enhancing Risk Response Decisions
3) Reducing Operational Surprises & Losses
4) Identifying & Managing Multiple & Cross-Enterprise Risks
5) Seizing Opportunities
6) Improving Deployment of Capital
ERM Objectives- 4 Categories
Objective Settings in the ERM
1) Strategic-Mission of the company
Event Categories-External & Internal
b) Natural Environment
The risk to an organization that exists if management takes no action to change the likelihood or impact of an adverse event
The risk to an organization that exists after management takes action to mitigate the adverse impact of the event
2) Probabilistic Models
3) Non-Probabilistic Models
Use of common data from organizations with similar characteristics
Statistical Data- More subjective "historical"
Use of a range of events and impacts with likelihood estimated using assumptions
Opinion-Outcome of lawsuit
Use of subjective assumptions to estimate event impact without estimating likelihood
Types of Control Activities
1)Top-level Reviews-Variance Analysis
2) Direct function or activity management -Performance Reports
3) Information Processing
4) Physical Controls- Assets are kept physically sec. locations
5) Performance Indicators-"red flags" material variances
6) Segregation of Duties
7) Information & communication-AIM
Information and Communication
1) Strategic & Integrated Systems
2) Integration with Operations
3) Depth & Timeliness of Information
a) Ongoing Monitoring Activities- Dictated by Risks
Verify the effective operation of controls
b) Separate Evaluations
we want multiples checks and controls. Internal & external audit
c) Reporting Deficiencies.
Report via normal chain of command and correct it.