Risk Assessment: Internal Control Evaluation

These flashcards cover critical terms and definitions related to internal control evaluation and risk assessment as discussed in the lecture notes.

Internal Control

A process designed to provide reasonable assurance regarding the achievement of objectives related to reliability of financial reporting, effectiveness and efficiency of operations, and compliance with applicable laws.

COSO

The Committee of Sponsoring Organizations of the National Commission of Fraudulent Financial Reporting, created a widely recognized framework for internal control.

Control Risk

The risk that a material misstatement will not be prevented or detected on a timely basis by internal controls.

Entity-Level Controls

Controls that affect the reliability of the financial statements taken as a whole, pervasive to the internal control system.

Control Activities

Policies and procedures that help ensure that management directives are carried out.

Material Weakness

A deficiency in internal control such that there is a reasonable possibility that a material misstatement will not be prevented or detected.

Significant Deficiency

A deficiency in internal control that is less severe than a material weakness but important enough to merit attention by those charged with governance.

Detective Controls

Controls that find errors or fraud after they have occurred.

Preventive Controls

Controls that prevent errors or fraud from occurring.

Test of Controls (TOC)

Procedures performed to test the operating effectiveness of internal controls.

Risk of Material Misstatement (RMM)

The risk that financial statements are materially misstated, which encompasses inherent risk and control risk.

Audit Committee

A subcommittee of the board of directors that oversees financial reporting and disclosure.

Management's Responsibility

Management must establish and maintain adequate internal controls over financial reporting.

Substantive Tests

Procedures designed to detect material misstatements in a financial statement.

ICFR

Internal Control over Financial Reporting; a requirement for public companies to have effective controls in place regarding financial reporting.

Monitoring

Management’s ongoing evaluation of the internal control system to identify deficiencies.

Physical Controls

Controls that limit physical access to assets, ensuring only authorized personnel can access them.

Information and Communication

Systems and processes that ensure pertinent information is communicated effectively throughout the organization.

Audit Trail

A trail of activities from data identification to financial reports, ensuring transparency in financial transactions.