Corporate Governance & Internal Control Flashcards
According to COSO, what are the stages in the monitoring-for-change continuum?
Maybe: Control Baseline Change Identification Change Management Control Revalidation/Update
According to COSO, what are the components of internal control?
Control Environment Control Activities Risk Assessment Monitoring Information/Communication
What did the Dodd-Frank Act of 2010 do for Whistleblower’s rights?
Extended OSHA complaint filing time for 90 to 180 days
Extended the right to sue to whistleblowing employees of private subsidiaries controlled by public companies
Extended whistleblowers the right to a jury trial in retaliation cases properly filed in federal court
Why do internal controls need to be monitored?
Machines fail People forget People get lazy People quit their jobs Technology advances
What is COSO and it’s guidance?
The Committee of Sponsoring Organizations of the Treadway Commission developed the Internal Control Intergrated Framework
What is the IIA and it’s guidance?
The Institute of Internal Auditors developed the International Professionals Practice Framework?
How often are external assessments required for internal auditors?
At least once every 5 years
What is the best method for prioritizing risk?
Expected value:
Probability * amount
According to the IIA, what are some of the organizational objectives that should be improved by internal auditing?
Control
Governance
Risk Management
According to the IIA, explain the key parts of the definition of internal auditing.
Internal auditing helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.
What are the internal auditing standards?
Maybe:
Attribute
Implementation
Performance
What must a company’s CFO and CEO certify?
They reviewed the company’s 10-K
The 10-K does not contain any material misstatements
They are responsible for the company’s internal controls
What did the Dodd-Frank Act of 2010 require of compensation committees of the board of directors?
All members must be independent
According to SOX of 2002, what is required to be an audit committee financial expect?
Section 407 explains that the person should have through education and experience 1) an understanding of GAAP and financial statements 2) experience in preparation of financial statements and application of principles relating to accounting for estimates, accruals, and reserves 3) experience with internal accounting controls, and 4) an understanding of audit committee functions.
According to COSO, why do control systems fail?
Improper design or implementation
Environmental changes that make controls ineffective
Operations have changed which make them ineffective
According to COSO, what are the risk responses?
Risk Acceptance
Risk Avoidance
Risk Reduction
Risk Sharing
What are the components of COSO ERM?
Control Environment Control Activities Risk Assessment Monitoring Information/Communication
Operations Objectives
Reporting Objectives
Compliance Objectives
What standard distinguishes between requirements for assurance and consulting services?
Implementation Standards
What are the advantages of using an ERM system?
Helps organizations seize opportunities
Improves the use of capital
Reduces operational surprises
What are the limitations of an ERM system?
Collusion
Management override
Risk relates to the future which is uncertain
According to the IIA’s Framework, what elements of their guidance is considered mandatory?
Code of Ethics Core Principles International Standards Definition of Internal Auditing (PIED)
According to the IIA’s Framework, what elements of their guidance is considered recommended?
Implementation Guidance
Supplemental Guidance
What must a company’s CFO and CEO certify?
They reviewed the company’s 10-K
The 10-K does not contain any material misstatements
They are responsible for the company’s internal controls
What did the Dodd-Frank Act of 2010 require of compensation committees of the board of directors?
All members must be independent