M1

Question 1

COSO Frame Work

Answer 1

• started in 1992 by a private group
• It offers guidance for the internal reporting
• Summarizes the best practice

Question 2

4 COSO guidance

Answer 2

• Creating
• Implementary
• Using
• Assessing (Reaction)

Question 3

How many objectives does COSO have for internal control?

Answer 3

It has 3 objectives (ORC)

• Operating
• Reporting
• Compliance

Question 4

Operating Objective

Answer 4

Operations are efficient and effective

assets are been safeguarded

Question 5

Reporting Objective

Answer 5

Reporting financial (reliable, timeless, transparency)

Question 6

Compliance Objective

Answer 6

Compliance with laws & regulations

Question 7

How many components does COSO have?

Answer 7

It has 5 components (CRIME pneumatic)

• Control enviroment
• Risk Assesment
• Information & Communication
• Monotoring activities
• Existing control activities

Question 8

Control environment component

Answer 8

Tone at the top ( Ethics)

Question 9

Risk assessment component

Answer 9

See if the Finacial statement are been misleading

• Operations are not been effective
• Breaking law

Question 10

Information and Communication

Answer 10

“FACT” is been informed

• Fair
• Accurate
• Complete
• Timely

Question 11

Monitoring Component

Answer 11

The effectiveness of control and report deficient

Question 12

Exiting Control & Activities Component

Answer 12

Policies/procedures to mitigate risk

Question 13

How many principles does CRIME have?

Answer 13

It has 17 principles

• E-B-O-C-A (5)
• S-A-F-R (4)
• O-I-E (3)
• SO-D(2)
• CA-T-P(3)

Question 14

Pneumatic for Control Environment

Answer 14

E-B-O-C-A

Question 15

E from E-B-O-C-A

Answer 15

Ethics-Code of conduct

Question 16

B from E-B-O-C-A

Answer 16

Board Independence- Board must be independent, objective and be knowledgeable of the business

Question 17

O from E-B-O-C-A

Answer 17

Organization-Segregation of duties. Can’t be centralized or decentralized. (Flexible and tailor to the organization)

Question 18

C from E-B-O-C-A

Answer 18

Commitment to Competence- Commitment to hire, train, develope and retain competent employees

Question 19

A from E-B-O-C-A

Answer 19

Accountability-People are held responsible for their internal control responsibilities. (Performance measurement, rewards and evaluating)

Question 20

Pneumatic for the Risk Assesment component?

Answer 20

S-A-F-R

Question 21

S in S-A-F-R?

Answer 21

Specify objectives- organization allows for identification & assessment

Question 22

A in S-A-F-R?

Answer 22

Identify & assess change- Find changes in the environment, a leadership model that can affect risk. Good or Bad

Question 23

F in S-A-F-R?

Answer 23

Consider potential fraud- Considers the potential for fraud in assessing risk. ( ex: Incentives & pressure)

Question 24

R in S-A-F-R?

Answer 24

Identify and analyze risk- Company looks for risk and sees how to respond

Question 25

Pneumatic for Information & comunication component?

Answer 25

O-I-E

Question 26

O in O-I-E

Answer 26

Obtain & use information - Obtain/generate and use information for fuction of internal control

Question 27

I in O-I-E

Answer 27

Internal communication- Internal audit connunication among the organization.

Question 28

E in O-I-E

Answer 28

Communication with external parties. Communication with an accounting firm

Question 29

Pneumatic for Monitoring Activities?

Answer 29

SO-D

Question 30

SO in SO-D

Answer 30

Separate Evaluation and Ongoing- Confirm internal controls are present and functional. (frequency of testing depends on risk)

Question 31

D in SO-D

Answer 31

Communication of deficiencies- communicate internal control deficiencie and correct it.

Question 32

Pneumatic for Existing control activities?

Answer 32

CA-T-P | find existing policies & procedures to mitigate risk

Question 33

CA in CA-T-P

Answer 33

Select & develop control activities - help mitigate risk

Question 34

T in CA-T-P

Answer 34

Select & develop technology controls- obtain information to achieve our objectives

Question 35

P in CA-T-P

Answer 35

Policies and procedures

Question 36

Key components in M1

Answer 36

Not all 17 principles must be present All 5 components must be present GASS uses "significant deficiency" & "material weakness " COSO uses major "deficiency"