Accounting Information Systems & Internal Controls

These flashcards cover key concepts and terms related to Accounting Information Systems and Internal Controls discussed in the lecture.

Code of Ethics

A set of guiding principles that dictate the ethical standards and behavior expected of professionals.

COSO

Committee of Sponsoring Organizations, an organization that provides a widely accepted framework for evaluating internal controls.

Sarbanes Oxley Act (SOX)

A U.S. law enacted in 2002 requiring public companies to improve the accuracy and reliability of financial reporting.

Internal Control

Processes put in place by management to ensure the integrity of financial and accounting information.

Preventive Controls

Internal controls designed to deter problems from occurring.

Detective Controls

Internal controls that identify and discover problems after they have occurred.

Corrective Controls

Processes that recover from identified problems and rectify them.

Control Activities

Policies and procedures established to ensure that management's objectives are achieved.

Risk Assessment

The process of identifying and analyzing risks to the achievement of an organization’s objectives.

IT Governance

The framework in which an organization directs and controls its IT operations to ensure that IT supports and enables the achievement of the organization's objectives.

COBIT

Control Objectives for Information and related Technologies, a framework for IT management and governance.

Compliance

Adherence to laws, regulations, guidelines and specifications relevant to the organization.

Information Security Management System (ISMS)

A systematic approach to managing sensitive company information to ensure its confidentiality, integrity, and availability.

Monitoring Activities

Ongoing evaluations of the internal controls to determine their effectiveness.

Enterprise Risk Management (ERM)

A process by which organizations assess and manage risks to maximize value.

ISO 27000 Series

A series of international standards designed to manage information security.

Objectives

Specific goals set by an organization to achieve its mission.

Human Resource Standards

Policies and practices related to the management of the workforce to ensure integrity and competence.

Incident Management

The process of managing the lifecycle of all incidents to restore normal service operation as quickly as possible.