Term
|
Definition
occurrence or wanted event that could have negative effects on an entity |
|
|
Term
|
Definition
The potential dollar loss that could result from a threat |
|
|
Term
|
Definition
The potential dollar loss that could result from a threat |
|
|
Term
|
Definition
Probability a threat will occur |
|
|
Term
|
Definition
Process implemented by board of directors and management used to try to reasonably assure that control objectives are achieved |
|
|
Term
|
Definition
deter problems before they arise |
|
|
Term
|
Definition
used to discover problems once they arise |
|
|
Term
|
Definition
used to fix problem once it has occurred and has been discovered |
|
|
Term
|
Definition
make sure an organization's control environment is stable and well-managed |
|
|
Term
|
Definition
prevent, detect, and correct transaction errors and fraud |
|
|
Term
|
Definition
intended to (1)prevent financial statement fraud (2) make financial reports more transparent (3) strengthen the internal controls at public companies (4)punish executives who perpetuate fraud |
|
|
Term
Effects of Sarbanes-Oxley Act on: PCAOB, auditors, audit committees, management, and internal control requirements |
|
Definition
PCAOB: appointed by SEC--they set and enforce auditing standards for public accounting
auditors: have to report to audit committee, can't perform some non-audit services, stricter independence rules
audit committee: members must be on board of directors, have at least one financial expert. They are in charge of hiring, paying... for internal auditors
management: has to sign off saying that to their knowledge, the statements are correct. have to assess internal controls on report. they can be fined if these are signed incorrectly if they have full knowledge
internal controls: issue a report with statements saying that management is responsible for controls--auditor and management both have to assess controls |
|
|
Term
Diagnostic control system |
|
Definition
measures companies progress by comparing planned and actual performance |
|
|
Term
interactive control system |
|
Definition
a control tool for managers--helps them monitor changes, make changes |
|
|
Term
|
Definition
Control Objectives for Information and related technology
Issues of control (1) business objectives (2) IT resources: people, systems, technology... (3) IT processes |
|
|
Term
COSO's internal Control Framework |
|
Definition
defines internal controls and provides guidance in evaluating the controls and enhancing them
Five Components: 1. Control Environment 2. Control Activities 3. Risk Assessment 4. Information and Communication 5. Monitoring |
|
|