ECON 185 @ UCSB: Chapter 6

Internal Controls System - Definition/What for

Policies, plans, procedures (PPP) - implemented by management to protect a firms assets

Internal Controls Systems - Guidance involved (2)

- Statement on Auditing Standard No. 94

- Sarbanes-Oxley Act of 2002

Internal Control System Objectives

- Safeguard assets

- Check the accuracy and reliability of accounting data

- Promote operational efficiency

- enforce prescribed managerial policies

This term describes the policies, plans, and procedures implemented by a firm to protect the assets of the org.

A) Internal Control

B) SAS no. 94

C) Risk Assessment

D) Monitoring

A) Internal control

Which of the following is not one of the four objectives of an internal control system?

A) safeguard assets

B) Promote firm profitability

C) Promote operational efficiency

D) Encourage employees to follow managerial policies

B) Promote firm profitability

What does COSO stand for and what does it do?

Committee of Sponsoring Organizations. It is the organization that established the common internal control framework that most businesses subscribe to.

What does COBIT stand for?

Control Objectives for Information and Related Technology

COSO Internal Control (Years)

1992, 2013

COSO - ERM (Years)

2004, 2017

COBIT (Years)

1992, 2012

Sarbanes-Oxley Act

2002

COSO framework three objectives "ROC" are:

Reporting objectives

Operations Objectives

Compliance Objectives

COSO "R"?

Reporting Objectives - Internal and external financial and non financial reporting

COSO "O"?

Operations Objectives - Vision of entity and improving internal policies and procedures

COSO "C"?

Compliance Objectives - adherence to laws and regulations (external)

Components of Internal Control (five)?

CRIME

Control activities

Risk assessment

Information and communication

Monitoring activities

Environment (control)

COSO Framework means ...

Understanding and evaluating a system of internal control.

The relationship among the three dimensions of internal control?

Objectives

Components

Organizational Structure

ERM stands for? (Associated with COSO)

Enterprise Risk Management

An internal control system should consist of five components. Which of the following is not one of those five components?

A) The control environment

B) Risk Assessment

C) Monitoring

D) Performance Evaluation

D) Performance Evaluation

Which of the following is not one of the five components of Enterprise Risk Management from the COSO 2017 report?

A) Risk governance and culture

B) Risk, strategy and objective setting

C) Risk in execution

D) Risk response

D) Risk response

Separation of Duties - purpose and activities

Purpose:

- Structure of work assignments

- one employee's work checks the work of another

Related Activities:

- Authorizing transactions

- Recording transactions

- Maintaining custody of assets

Physical Protections of Assets (Cash Control)

- Utilize direct deposit

- Wire transfer

- Bank lockbox arrangements

Separation of duties is an important control activity. If possible, managers should assign which of the following three functions to different employees?

A) Analysis, authorizing, transactions

B) Custody, monitoring, detecting

C) Recording, authorizing, custody

D) Analysis, recording, transactions

C) Recording, authorizing, custody

Definition of a material weakness in internal controls:

- Preventive

- Detective

- Corrective

Requirements of Sarbanes-Oxley Act

- Statement of management responsibility for internal control structure

- Assessment of effectiveness of internal control structure

Attestation of auditor on accuracy of management's assessment