Section 1 B&C Flashcards by Adam Herron

What are the three COSO ERM (Enterprise Risk Management) frme work that cites esveral trends will continue to have effect on an ERM?

Adapting to the ___ of data
Leveraging ___ __ and automation
Managing the cost of ____ ___
Building stronger ____

Proliferation (internal & external data sources to be structured in new ways)
Art intelligence
Risk Managemnet
Organizations

How well did you know this?

Not at all

Perfectly

The updated COSO Enterprise Risk Management (ERM) framework’s Executive Summary lists the following benefits that can be achieved when entities integrate ERM throughout the organization:

Increased range of ____
Improved identifications and managment of ___ entiy-wide
Increased ___ outcomes and reduce ___ surprises
Improve ___ deployment
Enhanced ____ resilience
Reduce ___ Variability

opportunities
risk
positive, negative
resource
enterprise

How well did you know this?

Not at all

Perfectly

COSO issued an update to the enterprise risk management (ERM) framework in 2017, Enterprise Risk Management—Integrating with Strategy and Performance, which addresses the evolution of ERM and the need for entities to what?

improve their approach to managing risk to meet the demands of an evolving business environment.

How well did you know this?

Not at all

Perfectly

Definition: The Committee of Sponsoring Organizations of the Treadway Committee (COSO) issued the Enterprise Risk Management—Integrated Framework in 2004, and defined enterprise risk management (ERM) as follows:

“Enterprise risk management is a process, effected by an entity’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its ____, to provide reasonable assurance regarding the achievement of entity x____.”

risk appetit, risk appetite

How well did you know this?

Not at all

Perfectly

Enterprise risk management (ERM) components help the entity achieve its objectives. These interrelated components need to be both present and functioning effectively (i.e., no material weaknesses) in order to have an effective ERM system. ERM consists of eight components: (CRIMER.IO)

THIS IS THE FRAMEWORK OF ERM

Control Activities
Risk Assessment 
Internal Environment
Monitoring
Event Identification
Risk Response

Information & Communication
Objective Setting

How well did you know this?

Not at all

Perfectly

These are the 8 components of Enterprise Risk Management (ERM)…what are they

Control Activities
Risk Assessment 
Internal Environment
Monitoring
Event Identification
Risk Response

Information & Communication
Objective Setting

Control activties- Management risk response are effectively carried out. Polices are implemented

Risk Assessment - Identified risks are evaluated
Internal Environment - Tone at top
Monitoring -Processes monitored - deficiencies reported
Event ID - Identify positive & negative events to detremine risks/opportunities

Risk Response - Avoid, reduce, share, or accept risks
Information & Communication - Info about ERM components need to be communicated to mgmt

Objective Setting - Mgmt places processes to formulate objectives to help company assess/respond to risks

How well did you know this?

Not at all

Perfectly

The revised COSO Enterprise Risk Management (ERM) framework is designed to assist boards of directors in fulfilling their risk oversight role, which includes the following:

____,, ___, __with management
Approving management ___and remuneration
Participating in __ and __relations

Reviewing, challenging, and concurring
incentives
investor and stakeholder

How well did you know this?

Not at all

Perfectly

The internal auditor who works in ERM sets the risk appetite of the organization

False - this is generally done by the board of directors and/or executive management.

Internal auditors do coordinate ERM activities across the organization, evaluate the risk management process, and give assurance that the risks of the organization are correctly evaluated.

How well did you know this?

Not at all

Perfectly

____do coordinate ERM activities across the organization, evaluate the risk management process, and give assurance that the risks of the organization are correctly evaluated.

Internal auditors

How well did you know this?

Not at all

Perfectly

Who ensures that the organization’s risk responses align with the defined risk appetite.

Internal Auditor

How well did you know this?

Not at all

Perfectly

According to COSO, which of the following components of enterprise risk management addresses an entity’s integrity and ethical values?

Information and communication
Internal environment
Risk assessment
Control activities

Internal Environment

How well did you know this?

Not at all

Perfectly

COSO ERM Framework takes a risk base or control base appraoch?

ERM assists ___in effectively dealing with uncertainty and its related risk and opportunity, thus building stakeholder value in the entity.

The ____, is charged with the responsibility of finding a balance between growth and profit while using resources in an efficient and effective manner.

ERM helps ensure that ___ and ___laws and regulations are met, and assists in protecting the entity’s reputation.

Risk Based

management

chief executive officer

reporting and compliance

How well did you know this?

Not at all

Perfectly

. The objective of the ERM framework is to achieve all the goals of the control framework and help the organization to:

attain reasonable assurance that company objectives and goals are ___,

continuously assess risks and identify the appropriate action to take and the resources to allocate to ___

achieve its ____targets, and

avoid adverse ___and damage to the entity’s reputation.

achieved and problems and surprises are minimized

overcome or mitigate risk,

financial and performance

publicity

How well did you know this?

Not at all

Perfectly

“process effected by an entity’s board of directors, management, and other personnel.” … What is this?

Defintion of COSO - ERM

How well did you know this?

Not at all

Perfectly

COSO ERM Framework consists of 5 interrelated components – what are they?
(GRIPS) - COSO grips ERM

Governance/Culture
Review/Revision
Information/Reporting
Performance
Strategy/Objective Setting

How well did you know this?

Not at all

Perfectly

COSO ERM - GRIPS…What are they (Defintion)

Governance/Culture
Review/Revision
Information/Reporting
Performance
Strategy/Objective Setting

Gov - Sets Tone & upholds ethical values/behaviors

Review - Review performance and analyze ERM component functions

Information - Sharing info from all sources across org
Performance - Risks need to be identified and assesed.

Strategy - ERM & Objective setting works together to establish a risk appetite/objectives

How well did you know this?

Not at all

Perfectly

COSO ERM - GRIPS Have principles dedicated to each.

What are the principles for GOV & Review

GOV

Establish Board risk oversight
Establish operating structure
Define Culture
Commitment to Core Values
Attract/retain capable individuals

REVIEW
Assess Substantial Change
Review Risk/Performance
Pursue Improvement

How well did you know this?

Not at all

Perfectly

COSO ERM - GRIPS Have principles dedicated to each.

List Information, Strategy/Objectives, & Performance(PAIID)

INFO
Leverage Info Systems
Communicate Risk Info
Report Risk/Performance

PERFORMANCE (PAIID)
Identify risk
Assess risk
Prioritize risk
Implemnet Risk Response
Develop Portfolio View

STRATEGY
Analyze Biz context
Define Risk Appetite
Evaluate Alt. Strategies
Formulate(create) Biz Objectives

How well did you know this?

Not at all

Perfectly

_____ is the process used by organizations to manage risk and seize opportunities to achieve the goals of the organization. It provides a framework for risk management, determines response strategy, and monitors the progress

Enterprise risk management (ERM

How well did you know this?

Not at all

Perfectly

ompany management, including the risk officer and financial executives, are responsible for establishing the ____ and implementing ____procedures

internal control system, monitoring

How well did you know this?

Not at all

Perfectly

The COSO ERM (Enterprise Risk Management) framework is designed to help an entity’s management achieve its objectives, grouped into four overlapping categories: (ROCS)

Reporting - reliable reporting
Operations - resources used effectively
Compliance -Compliance w/ laws/reg
Strategic - High lvl goals support entity’s mission

How well did you know this?

Not at all

Perfectly

OBJECTIVE OF COSO ERM
The COSO ERM (Enterprise Risk Management) framework is designed to help an entity’s management achieve its objectives, grouped into four overlapping categories: (ROCS). Define Them

Reporting
Operations
Compliance
Strategic

Reporting - reliable reporting
Operations - resources used effectively
Compliance -Compliance w/ laws/reg
Strategic - High lvl goals support entity’s mission

How well did you know this?

Not at all

Perfectly

According to COSO, which of the following identifies the group directly responsible for the implementation and development of the enterprise risk management framework?

Management

How well did you know this?

Not at all

Perfectly

The return on an individual stock, or a portfolio of stocks, should equal its ___

cost of capital.

You want to have it equal at least the cost of what you put in. You dont want anything less b/c you’ll be negative

How well did you know this?

Not at all

Perfectly

____ is the cornerstone for developing an investment portfolio. ___ is the core beliefs of the investor that may be used to devise an investment strategy.

Investment Philosophy

____involves deciding which assets to include in the portfolio given the goals of the investor and the changing economic conditions within which the portfolio is being managed.

Portfolio management

According to COSO, the position or internal entity that is best suited, as part of the enterprise risk management process, to devise and execute risk procedures for a particular department is the internal auditor.

False - it should be a manager within the department "A manager with the department" is the correct answer choice because a manager within the department has the most detailed knowledge of risks in that department.

Risk Avoidance Risk Reduction Risk Sharing Risk Acceptance

What are the definitons Risk Avoidance Risk Reduction Risk Sharing Risk Acceptance

Risk Avoidance - not to engage Risk Reduction - mitigating control to offset risk Risk Sharing - share risk w/ another org. Can create a Joint Venture this way Risk Acceptance - assume all risk b/c its acceptable

Each of the following is a limitation of enterprise risk management (ERM), except: T/F ERM deals with risk, which relates to the future and is inherently uncertain. ERM operates at different levels with respect to different objectives. ERM can provide absolute assurance with respect to objective categories. ERM is as effective as the people responsible for its functioning.

True True False - Reasonable Assurance, not absolute True

Executive Officers are agents of the corporation and have a fiduciary responsibilities similar to those of the board. T/F President of company is usually known as the ___

True CEO

The Sarbanes-Oxley Act of 2002, Section 302, requires that CEOs and CFOs of a corporation include certifications that: Signing Officers ___ the reports Signing officers are evaluating the internal controls within ___ days and reporting their findings all __in internal controls are being reported. negative impacts on internal controls are being reported and corrected. T/F Stating the financials do not contain untrue statements or material misstatements. the financial statements present fairly the financial condition of the company.

``` review 90 days deficiencies True True True ```

For the Sarbanes Oxley act of 2002, The officers are permitted to reincorporate the activities of a company to attempt to avoid these requirements. T/F They are also not permitted to move the activities outside of the United States to attempt to avoid these requirements. T/F Senior staff is responsible for the specific internal control functions employed in the various areas. T/F Without properly implemented internal controls, members of management have the ability to __ necessary controls, enabling potential dishonest dealings or recording of transactions.

False - They are NOT permitted True True override

Who is required to make special certification statements regarding the establishment of internal control systems on Form 10-K?

Both the principal executive officer and the principal financial officer

The purpose of the ___ is for the company to analyze the internal controls currently in place and to assess the effectiveness of those controls to avoid material misstatement in the firm's financial reporting. A top-down risk assessment (TDRA) is done in order for a company to be in compliance with ___

TDRA (Top Down Risk Assessment) SOX 404.

Two important definitions related to the internal control process are those for control precision and control sufficiency. Define Them

Control Precision - alignment between risk & Control activity designed to mitigate the risk. Control Sufficiency - Grp of controls to achieve a control objective.

Section ___of the Sarbanes-Oxley Act of 2002 (SOX) requires that all publicly traded firms establish internal controls related to financial reporting that are documented, tested, and maintained.

404

In order to be in compliance with SOX 404, a company needs to: (3)

Document existing controls and list procedures associated w/ financial reporting Test effectiveness of documented controls Provide details of any deficiencies in controls

Each financial report that contains financial statements prepared in accordance with GAAP must reflect all material ___that have been identified by the external auditors. Pro forma financial information cannot contain an untrue statement of a material fact or omit to state a material fact necessary in order to make the pro forma financial information not misleading. T/F Annual and quarterly financial reports should disclose all material off-balance sheet transactions, arrangements, obligations (including contingent obligations), and other relationships of the issuer with unconsolidated entities or other persons, that may have a material current or future effect on financial condition, Tf

correcting adjustments True True

The BOD has a fiduciary duty to act in the best interests of the corporation. As fiduciaries, board members are held to a higher standard of care than would be exercised in discharge of those people's personal affairs. Directors may not put themselves in a position where their interests and duties conflict with the duties that they owe to the company. T/F Fiduciary duties fall within three categories:

True Duty of Care -Act in good faith. Belief their decisions is whats best for the entity Duty of Loyalty - undivided loyalty. Put interests of shareholders above their own Duty of Due Diligence - Refers to the care a reasonable person should make before entering an agreement/transaction. This is a way to prevent harm.

Which of the following organizations was established by the Sarbanes-Oxley Act of 2002 to control the auditing profession?

PCAOB

The financial statements are required to be audited by an independent CPA firm that is certified by the ___to perform audits of corporations under the jurisdiction of the SEC. The independent auditor is hired by and interacts directly with the board of directors'____ This committee should include independent directors, including stockholders & officers, and should be chaired by someone with significant financial reporting qualifications and experience.

PCAOB audit committee. False - (not stockholders or officers)

According to the Sarbanes-Oxley Act of 2002, a chief executive officer or chief financial officer who misrepresents the company's finances may be penalized by being: fined, but not imprisoned. imprisoned, but not fined. removed from the corporate office and fined. fined and imprisoned.

Fine & imprisoned - can be fined, imprisoned for not more than 20 years, or both. . Penalties include fines of not more than $1,000,000, imprisonment for not more than 10 years, or both for certification violations; and fines of not more than $5,000,000, imprisonment for not more than 20 years, or both for willful certification violations.

The Sarbanes-Oxley Act has the authority to remove individuals from corporate office. T/F

False - That is a responsibility of the corporate board of directors or the stockholders.

. Penalties include fines of not more than $1,000,000, imprisonment for not more than 10 years, or both for ___violations; and fines of not more than $5,000,000, imprisonment for not more than 20 years, or both for ___

certification willful certification violations.

Audit committee members of issuers are required, under the Sarbanes-Oxley Act of 2002, to maintain which of the following traits? Integrity Diligence Independence Proficiency

Independence

____oversee the financial reporting process; monitor the choice of accounting policies and principles; monitor the internal control process; appoint, compensate, and oversee the external auditors; and receive communications and audit reports directly from the external auditors. ___ is when individuals who alter, destroy, mutilate, or conceal records, documents, etc., with the intent to impair objectivity or availability of use, or otherwise obstruct, influence, or impede any official proceeding, will be fined, imprisoned for not more than 20 years, or both.

audit committees Tampering

In any cease-and-desist proceeding, the Securities and Exchange Commission (SEC) can issue an order to prohibit any person who has violated certain security laws, rules, and regulations, from serving as ___

an officer or director of the issuer.

The Sarbanes-Oxley Act (SOX) was enacted to enhance the transparency of a company and hold its officers more accountable. Which of the following is not part of SOX Title XI, "Corporate Fraud Accountability"? Tampering Certification violations Retaliation against informants Prohibiting persons from serving as officers

Certification violations

SOX Title XI "Corporate Fraud Accountability" Consists of 3 components

Tampering Retailiation Against Informations Prohibiting Persons from serving as officers

A top-down risk assessment (TDRA) is used to identify and assess: (4) __

Identify financial reporting items, transaction level controls, & entity level controls risks related to financial reporting. internal control procedures to limit the identified risks. Analyze NTE of evidence

According to the Sarbanes-Oxley Act of 2002, when an issuer's board of directors selects members to be on the company's audit committee, the board of directors must select individuals who: receive consulting fees, but not advisory fees, from the company. are members of the company's board of directors. are employed by the company in a financial management role. are affiliated persons of the company's subsidiary.

are members of the company's board of directors. Each member of the audit committee must be a member of the board of directors and must otherwise be independent. Audit committee members may not accept any consulting, advisory, or other compensation from the issuer or be an affiliated person of the issuer.

The audit committee should contain at least one ___

financial expert ---------If an issuer does not have an audit committee financial expert, that issuer must disclose the reason why the role is not filled Financial expertise includes an understanding of generally accepted accounting principles and financial statements, experience in the preparation or auditing of financial statements of generally comparable issuers, experience with internal accounting controls, and understanding of audit committee functions.

The Sarbanes-Oxley Act requires financial issuers to publish what kind of information? The immaterial condition of the company Internal control performance relative to industry best practice benchmarks Only positive impacts on internal controls The scope and capabilities of the internal control structure

The scope and capabilities of the internal control structure Issuers must include the scope and capabilities of the internal control system and include procedures for financial reporting in their annual reports.

The Sarbanes-Oxley Act changed the way financial reports are treated. What section of the act requires the CEO to review the financial statements?

302 Section 302 of the Sarbanes-Oxley Act requires that CEOs and CFOs certify the accuracy of the financial statements and the reliability of internal controls prior to the statements being signed.

The treasurer makes disbursements by check and reconciles the monthly bank statements to accounting records. Which of the following best describes the control impact of this arrangement? Internal control will be enhanced since these are duties that the treasurer should perform. The treasurer will be in a position to make and conceal unauthorized payments. The treasurer will be able to make unauthorized adjustments to the cash account. Controls will be enhanced because the treasurer will have two opportunities to discover inappropriate disbursements.

The treasurer will be in a position to make and conceal unauthorized payments. Having the treasurer in a position to make and conceal unauthorized payments is an example of inadequate segregation of functions. The functions of disbursing funds and reconciling the related cash account should be assigned to different personnel.

The Enterprise Risk Management—Integrated Framework of the Committee of Sponsoring Organizations (COSO) is best defined as a: process that takes a control-based approach to an organization. process effected by an entity’s board of directors, management, and other personnel. process that replaces the COSO internal control framework. serial process in which one component affects only the next component.

process effected by an entity’s board of directors, management, and other personnel. "A process effected by an entity’s board of directors, management, and other personnel" is correct because the board of directors has overall responsibility for managing enterprise risk and can delegate parts of the process to entity personnel.

COSO issued an update to the ERM (enterprise risk management) framework in 2017, Enterprise Risk Management—Integrating with Strategy and Performance. The revised ERM framework is designed to assist boards of directors (BOD) in fulfilling their risk oversight role, which includes all of the following except: reviewing, challenging, and concurring with management on various topics. approving management incentives and remuneration. participating in investor and stakeholder relations. improving resource deployment.

improving resource deployment.

According to COSO's enterprise risk management framework, which of the following is an essential element of the internal environment? Ethical values Risk assessment Control activities Event identification

Ethical values

___:, management plans, organizes, leads, and controls the organization's activities in order to minimize risks and cut back on costs.

enterprise risk management

Risk response. Management can choose to avoid, reduce, share, or accept risks after careful analysis. Risk avoidance. Choosing not to engage in an activity Risk reduction. Implementing some compensating or mitigating control to offset the risk of an activity Risk sharing. Sharing the risk with another organization such as establishing a joint venture R isk acceptance. Assuming all of the risk because it is deemed acceptable

Avoid ReductionS Share Accept

A financial institution looking to assess its investment portfolio's exposure to price changes most likely would use which of the following techniques? Market value at risk analysis Cash flow at risk analysis Back testing analysis Earnings at risk analysis

Market value at risk analysis

COSO issued an update to the 2004 ERM framework in 2017, Enterprise Risk Management—Integrating with Strategy and Performance. Which of the following is not one of the five interrelated components of the framework? Governance and culture Strategy and objective-setting Performance Monitoring

Monitoring Monitoring is from the original 2004 ERM (enterprise risk management) framework. The 2017 ERM framework itself consists of five interrelated components (which are supported by a set of 20 principles). The components are governance and culture; strategy and objective-setting; performance; review and revision; and information, communication, and reporting

COSO’s 2017 updated ERM framework, Enterprise Risk Management—Integrating with Strategy and Performance, includes several trends that should be monitored by entities. Which of the following is not one of those trends? Expand customer service to include texts and chatbots Adapt to the proliferation of data Manage the cost of risk management Leverage artificial intelligence and automation

Expand customer service to include texts and chatbots

Which of the following is not one of the five interrelated components of COSO’s 2017 updated ERM framework, Enterprise Risk Management—Integrating with Strategy and Performance? Governance and Culture Internal Control Strategy and Objective-Setting Performance

Internal Control

According to COSO, which of the following provides oversight of an entity's enterprise risk management? The risk officer Financial executives The board of directors Management

The board of directors

Management has several options as to how they wish to respond to risk. Which of the following is not an option? Risk sharing Risk rejection Risk avoidance Risk reduction

Risk rejection

COSO issued an update to the ERM (enterprise risk management) framework in 2017, Enterprise Risk Management—Integrating with Strategy and Performance. The updated framework focuses on the importance of considering risk in both the strategy-setting process and in driving performance. Which of the following in not addressed by the update? Achieve its financial and performance target Accommodate expectations for governance and oversight Expand reporting for greater stakeholder transparency Recognize the globalization of markets and the need to apply a common approach across geographies

Achieve its financial and performance target

Which of the following is not a 2004 enterprise risk management framework component? Risk assessment Control activities External environment Objective setting

External environment

A manufacturing firm identified that it would have difficulty sourcing raw materials locally, so it decided to relocate its production facilities. According to COSO, this decision represents which of the following responses to the risk? Risk acceptance Risk reduction Prospect theory Risk sharing

Risk reduction

The 2004 ERM (enterprise risk management) framework lists a number of components, one of which is event identification. Which of the following is not used by managers for event identification? Perform data mining and analysis Use comprehensive lists of potential events Perform an internal analysis Perform an external analysis

Perform an external analysis

According to COSO, the four categories of entity objectives in the enterprise risk management framework include each of the following, except: implementation of internal controls. reliability of reporting. compliance with applicable laws and regulations. effective and efficient use of the entity's resources.

implementation of internal controls.

Which of the following items is one of the eight components of COSO's enterprise risk management framework? Operations Reporting Monitoring Compliance

Monitoring

COSO's enterprise risk management framework encompasses each of the following, except: seizing opportunities. improving deployment of capital. enhancing risk response decisions. decreasing inherent risk appetite.

decreasing inherent risk appetite.

COSO issued an update to the 2004 ERM framework in 2017, Enterprise Risk Management—Integrating with Strategy and Performance, which is designed to assist the board of directors (BOD) in fulfilling their risk oversight role. Which of the following is not one of the BOD’s obligations in terms of ERM? Revising reporting options to improve stakeholder transparency Approving management incentives and remuneration Reviewing and challenging management of proposed strategy and risk appetite Participating in investor and stakeholder relations

Revising reporting options to improve stakeholder transparency

The Sarbanes-Oxley Act requires financial issuers to publish what kind of information? Only positive impacts on internal controls Internal control performance relative to industry best practice benchmarks The scope and capabilities of the internal control structure The immaterial condition of the company

The scope and capabilities of the internal control structure

Pursuant to the Sarbanes-Oxley Act of 2002, an accountant who destroys documents to impede an investigation by a U.S. agency can be: temporarily or permanently limited on the activities, functions, or operations conducted on behalf of a registered public accounting firm. fined and/or imprisoned not more than 10 years. suspended or barred from being associated with a registered public accounting firm or be required to end such association. fined and/or imprisoned not more than 20 years.

fined and/or imprisoned not more than 20 years.

The Sarbanes-Oxley Act of 2002 (SOX) requires that all publicly traded firms establish internal controls related to financial reporting that are documented, tested, and maintained for the purpose of preventing fraud. Per SOX, a company needs to do all of the following except: develop documentation of existing internal controls and procedures associated with financial reporting. test the effectiveness of the existing internal controls and procedures. provide information on deficiencies in the controls and/or documentation of those controls. include all areas of potential risk to the misstatement of the financial statements in this documentation, testing, and reporting process.

include all areas of potential risk to the misstatement of the financial statements in this documentation, testing, and reporting process.

Regarding the requirements of the Sarbanes-Oxley Act, officers of a company are not permitted to: keep the organization transparent. move the activities of the organization outside of the United States to avoid complying with the Sarbanes-Oxley Act. report material misstatements. report deficiencies of internal controls.

move the activities of the organization outside of the United States to avoid complying with the Sarbanes-Oxley Act.

In relation to the internal control process, control sufficiency is: the alignment between a risk and the control activity designed to mitigate that risk. the testing of the effectiveness of a control procedure. the group of controls with a variety of degrees of precision necessary to achieve a control objective. the measurement of the effectiveness of a specific control in alleviating the defined risk.

the group of controls with a variety of degrees of precision necessary to achieve a control objective

A top-down risk assessment (TDRA) is done in order for a company to be compliance with SOX 404. The purpose of a TDRA is to do all of the following except: identify and assess the risks related to the financial reporting elements. identify acts of fraud and embezzlement and assess the effect these items have had on company performance. identify and assess financial reporting elements. identify and assess the internal control procedures meant to limit the identified risks.

identify acts of fraud and embezzlement and assess the effect these items have had on company performance.

Audit committee members of issuers are required, under the Sarbanes-Oxley Act of 2002, to maintain which of the following traits? Integrity Independence Diligence Proficiency

Independence

Which of the following statements is correct regarding the requirements of the Sarbanes-Oxley Act of 2002 for an issuer's board of directors? The majority of members of the board of directors must be independent from management influence. The board of directors must have an audit committee entirely composed of members who are independent from management influence. The board of directors must have a compensation committee, a nominating committee, and an audit committee, each of which is entirely composed of independent members. Each member of the board of directors must be independent from management influence, based on the member's prior and current activities, economic and family relationships, and other factors.

The board of directors must have an audit committee entirely composed of members who are independent from management influence.

As part of the TDRA, management will develop a list related to a particular account that would have a reasonable likelihood of ___, focusing on problems that have been encountered in the past and the solutions that were developed to avoid such errors in the future.

material misstatement

According to the Sarbanes-Oxley Act of 2002, anyone who knowingly alters, destroys, covers up, or makes a false entry in any record or document with the intent to obstruct or influence the investigation of any matter within the jurisdiction of any department or agency of the United States may be fined and/or imprisoned for up to:

20 years.

According to the Sarbanes-Oxley Act of 2002, a chief executive officer or chief financial officer who misrepresents the company's finances may be penalized by being: removed from the corporate office and fined. fined, but not imprisoned. fined and imprisoned. imprisoned, but not fined.

fine and imprison

According to the Sarbanes-Oxley Act of 2002, when an issuer's board of directors selects members to be on the company's audit committee, the board of directors must select individuals who: are affiliated persons of the company's subsidiary. receive consulting fees, but not advisory fees, from the company. are employed by the company in a financial management role. are members of the company's board of directors.

are members of the company's board of directors.