Submitted by: Submitted by stouth
Views: 196
Words: 1708
Pages: 7
Category: Business and Industry
Date Submitted: 11/04/2012 07:49 AM
Chapter 7 – Introduction to Internal Control
1. ERM – how to manage risk
8 components of the framework
Internal environment: Encompasses the tone of the organization & sets the basis for how risk is viewed & addressed by an entity’s people.
Objective setting: Ensures that MGMT has a process in place to set objectives and that the chosen objectives support and align with the entity’s mission & are consistent with its risk appetite.
Event identification: Internal and external events must be identified to distinguish between risks & opportunities.
Risk assessment: Risks are analyzed, considering likelihood and impact, as a basis for determining how they should be managed.
Risk response: Avoiding, accepting, reducing, or sharing risk
Control activities: Policies & procedures are established to ensure risk responses are carried out.
Information & communication: Relevant info is identified, captured, & communicated in a form & time frame to help them carry out their responsibilities.
Monitoring: Ongoing MGMT activities.
2. Discussion of Internal Control
SOX: Created a new accounting oversight board (the PCAOB),strengthened auditor independence rules, increased accountability of company officers & directors, mandated upper MGMT to take responsibility for the co.’s internal control structure, enhanced the quality of financial stmts, & built up crime penalties.
o Section 404 mandates the annual filing of an internal control report regarding evaluation of the design, gathering & evaluation of evidence, presentation of a written assessment, & testing of the system.
COSO Framework = CRIME: Control activities, risk assessment, information & communication, monitoring, & internal environment
o Internal control is a process designed to provide reasonable assurance regarding the achievement of objectives – effectiveness & efficiency of op., reliability of financial reporting, & compliance.
Fraud & Internal Control: An organization’s...