Term
|
Definition
| occurrence or wanted event that could have negative effects on an entity |
|
|
Term
|
Definition
| The potential dollar loss that could result from a threat |
|
|
Term
|
Definition
| The potential dollar loss that could result from a threat |
|
|
Term
|
Definition
| Probability a threat will occur |
|
|
Term
|
Definition
| Process implemented by board of directors and management used to try to reasonably assure that control objectives are achieved |
|
|
Term
|
Definition
| deter problems before they arise |
|
|
Term
|
Definition
| used to discover problems once they arise |
|
|
Term
|
Definition
| used to fix problem once it has occurred and has been discovered |
|
|
Term
|
Definition
| make sure an organization's control environment is stable and well-managed |
|
|
Term
|
Definition
| prevent, detect, and correct transaction errors and fraud |
|
|
Term
|
Definition
intended to
(1)prevent financial statement fraud
(2) make financial reports more transparent
(3) strengthen the internal controls at public companies
(4)punish executives who perpetuate fraud |
|
|
Term
Effects of Sarbanes-Oxley Act on:
PCAOB, auditors, audit committees, management, and internal control requirements |
|
Definition
PCAOB: appointed by SEC--they set and enforce auditing standards for public accounting
auditors: have to report to audit committee, can't perform some non-audit services, stricter independence rules
audit committee: members must be on board of directors, have at least one financial expert. They are in charge of hiring, paying... for internal auditors
management: has to sign off saying that to their knowledge, the statements are correct. have to assess internal controls on report. they can be fined if these are signed incorrectly if they have full knowledge
internal controls: issue a report with statements saying that management is responsible for controls--auditor and management both have to assess controls |
|
|
Term
| Diagnostic control system |
|
Definition
| measures companies progress by comparing planned and actual performance |
|
|
Term
| interactive control system |
|
Definition
| a control tool for managers--helps them monitor changes, make changes |
|
|
Term
|
Definition
Control Objectives for Information and related technology
Issues of control
(1) business objectives
(2) IT resources: people, systems, technology...
(3) IT processes |
|
|
Term
| COSO's internal Control Framework |
|
Definition
defines internal controls and provides guidance in evaluating the controls and enhancing them
Five Components:
1. Control Environment
2. Control Activities
3. Risk Assessment
4. Information and Communication
5. Monitoring |
|
|
