Risk Management and Internal Control Flashcards

Vocabulary flashcards related to risk management, internal control, fraud, and related frameworks, based on provided lecture notes.

Business Risk

Uncertainty about the rate of return caused by the nature of the business, including sales volatility and operating leverage due to fixed operating expenses.

Financial Risk

Risk determined by a firm’s capital structure or sources of financing. Partially debt-financed firms introduce financing leverage, causing net income to vary more than operating income, increasing risk premiums for investors.

Liquidity Risk

Inability to sell an investment quickly for cash, involving uncertainty about the price received and the time it takes to sell the asset.

Default Risk

The probability that some or all of the initial investment will not be returned, closely related to the financial condition of the company issuing the security and its rank in claims on assets in the event of default or bankruptcy.

Interest Rate Risk

Fluctuation in interest rates causing the value of an investment to fluctuate, affecting almost all investment alternatives.

Management Risk

Risk resulting from decisions made by a firm’s management and BOD, ranging from product innovation methods and financing to acquisitions.

Purchasing Power Risk

The decline (rise) on the power of investment as a result of inflation (deflation), eroding the purchasing power and increasing investor risk.

Market Risk

The risk associated with fluctuations in market conditions that can affect the value of an investment or business.

Product Risk

Risks associated with the complexity, obsolescence, research and development, packaging, and delivery of warranties of a product.

Competitor Risk

Risks arising from the pricing strategy, market share, and market strategy of competitors.

Operations Risk

Risks related to process stoppages, health and safety, after-sales service failure, environmental issues, technological obsolescence, and integrity issues like management and employee fraud.

Financial Risk (Manufacturing)

Risks associated with interest rates volatility, foreign currency fluctuations, liquidity, derivatives, and viability in manufacturing, trading, and service concerns.

Business Risk (Manufacturing)

Risks related to regulatory changes, reputation, political factors, regulatory and legal issues, shareholder relations, credit rating, capital availability, and business interruptions in manufacturing, trading, and service concerns.

Liquidity Risk (Financial Institutions)

The risk that a financial institution will be unable to meet its obligations when they come due, without incurring unacceptable losses.

Operational Risk (Financial Institutions)

The risk of loss resulting from inadequate or failed internal processes, people, and systems, or from external events.

Market Risk (Financial Institutions)

The risk of losses in on and off-balance sheet positions arising from movements in market prices.

Credit Risk (Financial Institutions)

The risk of loss arising from the failure of a counterparty to adequately perform on its contractual obligations.

Market Liquidity Risk

The risk that an entity cannot quickly liquidate a position at a reasonable price due to adverse market conditions.

Regulatory Risk

The risk of changes in laws and regulations, which could negatively affect an investment.

Environmental Risk

The potential adverse events or negative impacts on the natural environment, which can significantly affect organizations.

Integrity Risk

Threat to an organization’s ethical standards, credibility, and reputation.

Financial Reporting Risk

Possibility of inaccuracy and unreliability in financial reporting.

Leadership Risk

Willingness of leaders to explore new opportunities and take challenges in pursuit of organization’s success, can include turnover and succession issues.

Risk Management

Process of measuring or assessing risk and developing strategies to manage it; a systematic approach in identifying, analyzing, and controlling areas or events with a potential for causing unwanted change.

Risk Avoidance

Not performing an activity that could carry risk, thus losing out on potential gains that accepting (retaining) the risk may have allowed.

Risk Reduction/Optimization

Reducing the severity of loss or likelihood of the loss from occurring by finding balance between the negative risk and the benefit of the operation or activity and between risk reduction and effort applied.

Risk Sharing

Sharing with another party the burden of loss or the benefit of gain from a risk, and the measures to reduce a risk.

Risk Retention

Accepting the loss or benefit of gain from a risk when it occurs; all risks that are not avoided are transferred or retained by default.

Enterprise Risk Management (ERM)

A process, effected by an entity’s board of directors, management, and other personnel, designed to identify potential events that may affect the entity, manage risks to be within its risk appetite, and provide reasonable assurance regarding the achievement of entity objectives.

Board Risk Oversight Committee (BROC)

A separate committee established by the Board that is responsible for the oversight of a company’s Enterprise Risk Management system to ensure its functionality and effectiveness.

Fraud

Intentional act involving the use of deception that results in a material misstatement of the financial statements.

Asset Misappropriation

Stealing or misusing an organization’s assets, often involving employees embezzling cash receipts, stealing assets, or causing the company to pay for goods or services that were not received.

Fraudulent Financial Reporting

Intentional manipulation of reported financial results to misstate the economic condition of the organization.

Skimming

Withholding cash receipts without recording them; detection is very difficult, but unexplained changes in gross profit percentage or sales volume may indicate it.

Lapping

Concealing a cash shortage by covering it with a subsequent payment made by another customer; remedy involves routine testing of collection details compared with validated bank deposit slips.

Kiting

Counting the cash twice using the float in the banking system; remedy involves analyzing and verifying cash transfers.

Kickbacks

Refunds payable to the purchasing person on goods or services acquired from the vendor, often concealed with checks made payable to the purchasing agent.

Internal Control

Process designed and effected by those charged with governance, management, and other personnel to provide reasonable assurance about the achievement of the entity's objectives.

Control Environment

The overall attitude, awareness, and actions of the directors and management regarding the implemented internal control system; the foundation on which an effective system of internal control is built.

Risk Assessment Procedures

The process of identifying and responding to business risks and the results thereof, pertaining to all internal or external events and circumstances that may occur and adversely affect an entity’s ability to create accurate and honest financial statements.

Information and Communication System

The process of creating financial statements that are free from misstatements and how information is communicated to all in accordance with the principles of internal control.

Control Activities

Actions (generally described in policies, procedures, and standards) that help management mitigate risks to ensure the achievement of objectives, may be preventive or detective in nature.

Monitoring of Controls

Process of assessing the quality of internal control performance over time, ensuring controls are present and continue to function effectively.

Sarbanes-Oxley Act of 2002

A set of laws enacted in 2002 to strengthen the corporate reporting activities in the United States, aimed at restoring investors confidence in the financial statements companies were issuing.

COSO

Committee of Sponsoring Organizations of the Treadway Commission, a framework for designing, implementing, and evaluating internal control.

COBIT

Control Objectives for Information and Related Technologies, a framework created by ISACA that allows bridging the crucial gap between technical issues, business risks, and control requirements related to IT.

Cadbury Report

Recommendations on the arrangement of company boards and accounting systems to mitigate Corporate Governance Risks and Failures.