Chapter 7- AIS

avatar
Created by
Adelaide

Cards (68)

  • Organizational governance
    is a process by which organization select objectives established processes to achieve objectives and monitor performance
  • Objective setting
    includes defining mission, vision, purpose, and strategies to establish relationship.
  • Enterprise risk management
    it is a framework that has been proven to be an effective process for organizational governance
  • Enterprise risk management is a process affected by an entities board of directors management and other personal applied in strategies settings and across the enterprise.
  • Enterprise risk management is designed to identify potential events that may have effect the entity and manage risk to be within its risk appetite to provide reasonable assurance regarding the achievement of entity objectives
  • Enterprise risk management is developed to help management identify assess and manage risk
  • What are the four categories of management objectives:
    • strategic
    • operations
    • reporting
    • compliance
  • Internal environment
    is the first enterprise risk management (ERM) component
  • The eight components that compromise the ERM and framework are
    • internal environment
    • Objective setting
    • event identification
    • risk assessment
    • risk response
    • control activities
    • information and communication
    • monitoring
  • Internal environment encompasses the tone of an organization and sets the basis for how risk is viewed and addressed by this people including risk management philosophy
  • Objective setting objectives must exist before management can identify potential events affecting their achievement
  • Event identification
    internal and external events affecting achievement of an entities objectives must be identified distinguishing between risk and opportunities
  • Risk assessment
    risks are analyzed considering likelihood and impact as a basis of determining how they should be managed
  • Risk response
    management selects risk responses avoiding accepting reducing or sharing risk
  • Control activities
    policies and procedures are established and implemented to help ensure the risk responses and are effectively carried out
  • Information and communication
    relevant information is identified captured and communicated in a form and time frame that enable people to carry out their responsibilities
  • Monitoring
    the entirety of erm is monitored and modifications are made as necessary
  • Risks
    are those events that would have a negative impacts on organization objectives
  • Opportunities
    are events that would have a positive impact on objectives
  • Risk assessment to determine the effect that risk may have an achievement of objectives
  • Likelihood is a possibility of an event will occur
  • Impact is the effect of an events occurrence
  • Residual risk is the risk that remains after one of these responses is chosen
  • Control activities are policies and procedures that help ensure that risk responses are carried up
  • The Sarbanes-oxley act of 2002 (SOX) effects corporate managers independent auditors and other players who are integral to capital formation in the united states
  • Public company accounting oversight board an independent word to oversee public company audits and part of an outline of the Sarbanes-oxley act of 2002
  • Auditor independence prohibits a cpa firm that audits a public company from engaging in certain non-audit services with the same client
  • Corporate responsibility it is an outline of the sarbanes-oxley act of 2002 section 302 requires a company's CEO and CFO to certify quarterly and annual reports
  • Enhance financial disclosure
    section 404 requires each annual report filed with the sec to include an internal control report; it is an outline of the sarbanes-oxley act of 2002
  • Analysts conflicts of interest requires financial analyst to properly disclose in research reports any conflict of interest they might hold with the company's day recommend. It is one of the outline of the sarbanes-oxley act of 2002
  • Commission resource and authority section at 602 authorizes the SEC to censure or deny any person the privilege of appearing or practicing before the SEC that person is deemed to be unqualified have acted in an unethical manner.
  • Studies and reports
    authorizes the government accountability office to study the consultation of public accounting firms since 1989 and offer solutions to any recognized problems. one of the outline of the sarbanes-oxley act of 2002
  • Corporate and criminal fraud accountability
    section 808 makes it a felony to knowingly destroy alter or great records or documents with the intent to impede abstract or influence an ongoing or contemplated federal investigation
  • White-collar crime penalty enhancements
    section 906 requires that CEOs and CFOs certify that information contained in periodic reports fairly presents in all material respects the financial condition and results of the companies operations
  • Corporate tax return
    section 1001 conveys a sense of the senate that the corporate federal income tax returns are signed by the ceo
  • Corporate fraud and accountability section 112 provides for fines and imprisonment of up to 20 years for individuals who correctly alter destroy mutilate or conceal documents with intent to impair the documents integrity
  • Business process management often facilitates the implementation and assessment of a system of internal controls
  • Internal controls
    are implemented to help ensure that risk responses are effectively carried out or the controls themselves are the responses to risk
  • COSO stands for committee of sponsoring organizations of the treadway commission.
  • Internal control by COSO is a process affected by an entities borders management and other personal