Shared Flashcard Set

Details

AIS
unit 2
85
Accounting
Undergraduate 4
05/02/2012

Additional Accounting Flashcards

 


 

Cards

Term
a. Internal controls-
Definition
process implemented by the BOD, management, and those under their direction to provide reasonable assurance that the following control objectives are achieved
Term
control objectives to be achieved
Definition
o Assets are safeguarded
o Records are maintained in sufficient detail to accuracy and fairly reflect company assets
o Accurate and reliable info is provided
o There is reasonable assurance that financial reports are prepared in accordance with GAAP and IFRS
o Operational efficiency is promoted and improved
o Adherence to prescribed managerial policies is encouraged
o Organization complies with applicable laws and regulations
Term
o Internal controls perform 3 functions:
Definition
preventative, detective and corrective controls
Term
b. Threat-
Definition
any potential adverse occurrence or unwanted event
Term
c. Exposure-
Definition
potential dollars lost if the threat occurs
Term
d. Likelihood- is the probability that the threat will happen
Definition
is the probability that the threat will happen
Term
how do Accounts and systems develops help management achieve their control objectives? (2 things)
Definition
o Designing effective control systems that take a proactive approach to eliminating threats and that detect, correct and recover from when they occur
o Make it easier to build controls into a system at the initial design stage than to add them after the fact
Term
list 2 categories of controls
Definition
1) general controls
2) application controls
Term
o general controls-
Definition
make sure an organizations controls environment is stable and well managed
Term
o Application Controls-
Definition
make sure transactions are processed correctly, concerned with accuracy, completeness, validity, and authorization of data
Term
name 4 levels of control from robert simmons
Definition
1) belief system
2) boundary system
3) diagnostic control system
4) interactive control system
Term
preventative controls
Definition
deter problems before they arise
Term
detective controls
Definition
discover problems that are not prevented
Term
corrective controls
Definition
identify and correct problems as well as correct and recover from the resulting errors
Term
o belief systems-
Definition
how a company creates value, helps employees understand management visions, communicates company core values, inspires employees to live by those values
Term
o Boundary system-
Definition
helps employees act ethically by setting boundaries on employee behavior
Term
o Diagnostic control system-
Definition
measures, monitors and compares actual company progress to budgets and performance goals
Term
o Interactive control system-
Definition
helps managers to focus subordinates attention on key strategic issues and to be more involved in their decisions
Term
how are corrective controls used to remedy problems? (3 things)
Definition
1) Identifying the cause
2) Correcting the resulting errors
3) Modifying the system to prevent future problems of this sort
Term
o FCPA-
Definition
foreign corrupt practices acts- passed to prevent companies from bribing foreign officials to obtain business
Term
o SOX-
Definition
applies to publicly held companies and their auditors and was designed to prevent financial statements fraud, make financial reports more transparent, protect investors, strengthen internal controls and punish executives who perpetrate fraud
Term
 PCAOB-
Definition
controls the auditing profession, sets and enforces auditing, quality control, ethics, independence and other auditing standards
Term
New rules for auditors b/c SOX makes accountants do what?
Definition
report specific information to the company’s audit committee
Term
New roles for audit committees- (2 things)
Definition
1) must be on a company’s BOD and be independent of the company,
2) one member must be a financial expert--hires, compensates and oversees the auditors who report directly to them
Term
 New rules for management-
Definition
requires CEO and CFO to certify that financial statements and disclosures are fairly presented, were reviewed by management and are not misleading
Term
what 2 things must mgmt do b/c of SOX when dealing w/auditors?
Definition
1. Auditors were told about all material internal control weaknesses and fraud
2. Must disclose material changes to their financial conditions
Term
New internal control requirements- (what section & what does it entail?)
Definition
Section 404 requires companies to issue a report accompanying the financial statements stating that managements is responsible for establishing and maintaining an adequate internal control systems
Term
SEC mandated that management must do 3 things...
Definition
1. Base its evaluation on a recognized control framework
2. Disclose all material internal control weaknesses
3. Conclude that a company does not have effective financial reporting internal controls if there are material weaknesses
Term
COSO-
Definition
Committee of sponsoring organizations, issued internal control and integrated framework (IC)
Term
what does COSO do? (3 things)
Definition
1) Authority of internal controls and is incorporated into policies, rules and regulations
2) Defines internal controls
3) Provides guidance for evaluating and exchanging internal controls
Term
what are the 8 components of COSO and which 3 are added from ERM?
Definition
1) control environment (internal environment)
2)control activities
3) risk assessment
4)information & communication
5)monitoring
6)objective setting (ERM)
7) event identification (ERM)
8) risk response (ERM)
Term
name 7 sub components of "the internal environment"
Definition
• Management’s philosophy, operating style, and risk appetite
• The board of directors
• Commitment to integrity, ethical values, and competence
• Organizational structure
• Methods of assigning authority and responsibility
• Human resource standards
• External influences- requirements imposed by stock exchanges, FASB, PCAOB, SEC
Term
w/COSO, mgmt should make it clear and honest reports are more important than favorable ones? TRUE or FALSE
Definition
TRUE
Term
w/internal environment, what should mgmt avoid?
Definition
 Unrealistic expectations, incentives or temptations.
 Attitude of earnings or revenue at any price.
 Overly aggressive sales practices.
 Unfair or unethical negotiation practices.
 Implied kickback offers.
 Excessive bonuses.
 Bonus plans with upper and lower cutoffs.
Term
o Internal environment-
Definition
company culture, influences how organizations establish strategies and objectives, structure business activities, and identify assess and respond to risk
Term
o Objective setting-
Definition
management determines what the company hopes to achieve, referred to as the corporate vision or mission
Term
name the 4 sub comp of "objective setting"
Definition
strategic objectives
operations obj
reporting obj
compliance obj
Term
objective setting must come b4 other 6 comp TRUE or FALSE
Definition
TRUE
Term
• Strategic objectives-
Definition
high level goals that are aligned with the companies mission, support it and create shareholder value are set first
Term
• Operations objectives-
Definition
deal with the effectiveness and efficiency of company operations, determine how to allocate resources
Term
• Reporting objectives-
Definition
ensures the accuracy, completeness and reliability of company reports, improve decision making, monitors company activities and performance
Term
• Compliance objectives-
Definition
help the company comply with all applicable laws and regulations; Most are imposed by external entities in responses to laws or regs
Term
corp objectives should be 3 things
Definition
1) easy to understand/measure
2) should be prioritized
3) be aligned w/the company's risk appetite
Term
event identification
Definition
incidents or occurrences that emanate from internal or external sources, affect implementation of strategy or achievement of objectives, impact can be positive, negative or both, events can range from obvious to obscure, effects can range from inconsequential to highly significant
Term
2 sub comp of "event identification"
Definition
1) external factors
2) internal forces
Term
event identification
Definition
• Event represents uncertainty
• Management must do its best to anticipate all possible events—positive or negative—that might affect the company:
 Try to determine which are most and least likely.
 Understand the interrelationships of events.
Term
• External factors
Definition
 Economic factors
 Natural environment
 Political factors
 Social factors
 Technological factors
Term
• Internal forces
Definition
 Infrastructure
 Personnel
 Process
 technology
Term
o Risk assessment-
Definition
-identified risks are assess to determine how to manage them
-• Corresponds to risk assessment in COSO
• Category in terms of likelihood and positive and negative impact
Term
2 sub comp of "risk assessment"
Definition
inherent risk
residual risk
Term
• Inherent risk-
Definition
the risk that exists before management takes any steps to control the likelihood or impact of a risk
Term
• Residual risk-
Definition
risk that remains after management implements internal controls or some other form of response to risk
Term
• Companies should assess inherent risk develop a response then assess residual risk..what are the 5 steps?
Definition
 1 event identification of threats that confront the company
 2estimate the likelihood or probability of each event occurring
 3 estimate the impact of potential loss from each threat
i. want to provide reasonable assurance that events do not take place
ii. Expected loss = impact x likelihood
 4 identify set of controls to guard against threat
 5estimate costs and benefits form instituting controls
i. benefits must exceed costs
ii. benefits- increased sales and productivity, reduced losses, better interaction with customers and supplies, increased customer loyalty, competetive advantages and lower insurance premiums
iii. Costs- personnel
iv. Value of a control procedure = expected loss with control procedures – expected loss without it
Term
what are the 4 sub comp of "risk response"
Definition
reduce
accept
share
avoid
Term
• Reduce-
Definition
reduce the likelihood and impact of risk by using an effective system of internal controls
 Most effective way
Term
• Accept-
Definition
accept the likihood and impact of the risk
 Don’t act to prevent or mitigate it
Term
• share-
Definition
share or transfer it to someone else by buying insurance, outsourcing an activity or entering into hedging transactions
 like insurance, outsourcing or hedging
Term
• avoid-
Definition
by not engaging in the activity that produces the risk, may require the company to sell a division, exit a product line or not expand as anticipated
 may require: sale of division, exiting a product line, canceling an expansion plan
Term
what are the 7 sub comp of "control activities"
Definition
•Proper authorization of transactions and activities
•Segregation of duties
•Project development and acquisition controls
--change mgmt controls
-•Design and use of documents and records
•Safeguard assets, records and data
•Independent checks on performance
Term
o Control activities-
Definition
control policies and procedures are established and implemented
Term
control activities cont'd
Definition
• Must more effective when place in the system as it is built
• Proper authorization of transactions and activities- auditors review transactions should verify the presence of appropriate authorizations
 Employees who process transactions should verify the presence of the appropriate authorizations
Term
• Segregation of duties-
Definition
good internal control requires that no single employee is given too much responsibility over business transactions or processes;  Should not be able to commit and conceal fraud
Term
 Segregation of accounting duties- achieved when (3 things)
Definition
1) authorization
2) recording
3) custody
Term
 Collusion-
Definition
detecting fraud where 2 or more people are together to override the controls is more difficult and much easier to commit
Term
 Segregation of systems duties-
Definition
restricting access to computer, programs and live data could perpetrate and conceal fraud
Term
i. Authorization-
Definition
approving transactions or decisions
Term
ii. Recording-
Definition
preparing source documents, maintaining journals, ledgers, or files, preparing reconciliations and preparing performance reports
Term
iii. Custody-
Definition
handling cash, maintaining an inventory storeroom, receiving incoming customer checks, writing checks on the organizations bank accounts
Term
what systems duties need to be segregated? (10 things)
Definition
i. Systems administration
ii. Network management
iii. Security management
iv. Change management
v. Users
vi. Systems analysis
vii. Programming
viii. Computer operations
ix. Information systems library
x. Data control
xi. Don’t want a person to do one or more of these that way they cant commit fraud
Term
• Project development and acquisition controls-
Definition
contain appropriate controls for management approval, user involvement, analysis, design, testing, implementation and conversion
Term
 Steering committee-
Definition
guides and oversees systems development and acquisition
Term
 Strategic master plan-
Definition
developed and updated yearly
Term
• Design and use of documents and records
Definition
 Proper design and use of documents and records helps ensure accurate and complete recording of all relevant transaction data.
 Form and content should be kept as simple as possible to:
i. Promote efficient record keeping
ii. Minimize recording errors
iii. Facilitate review and verification

 Documents that initiate a transaction should contain a space for authorization.
 Those used to transfer assets should have a space for the receiving party’s signature.
 Documents should be sequentially pre-numbered:
i. To reduce likelihood that they would be used fraudulently.
ii. To help ensure that all valid transactions are recorded.
 A good audit trail facilitates:
i. Tracing individual transactions through the system.
ii. Correcting errors.
iii. Verifying system output.
Term
• Safeguard assets, records and data
Definition
 Maintain accurate records of all assets
i. Periodically reconcile recorded amounts to physical counts.
ii. Restrict access to assets
 Top-level reviews
 Analytical reviews
 Reconciliation of independently maintained sets of records
 Comparison of actual quantities with recorded amounts
 Double-entry accounting
 Independent review
 Protect records and documents
• Independent checks on performance
Term
o Information and communication-
Definition
info must be identified, captured and communicated so employees can fulfill their responsibilities
• Info must be able to flow through all levels and functions in the company as well as flowing to and from external parties
• Accountants must understand how:
 Transactions are initiated
 Data are captured in or converted to machine-readable form
 Computer files are accessed and updated
 Data are processed
 Information is reported to internal and external parties
Term
o Monitoring-
Definition
ERM processes must be monitored on an ongoing basis and modified as needed
Term
monitoring ERM facts
Definition
• Accomplished with a series of ongoing events or by separate evaluations
• Perform ERM evaluation
• Implement effective supervision
• Use responsibility accounting
• Monitor system activities
• Track purchased software
• Conduct periodic audits
• Employ a computer security officer and security consultants
• Engage forensic specialists
• Install fraud detection software
• Implement a fraud hotline
• Internal auditing should be organizationally independent of the accounting and operating functions.
• The head should report to the audit committee of the board of directors rather than to the controller or CFO
Term
ERM Facts
Definition
a. Enterprise Risk Managements- process the BOD and management use to set strategies, identify events that may affect the entity, assess and manage risks and provide reasonable assurance that the company achieves its objectives and goals
o Companies are formed to create value for their owners
o Management must decide how much uncertainty it will accept as it creates value
o Uncertainty results in risk, which is the possibility that something negatively affects the companies ability to create or preserve value
o The ERM can manage uncertainty as well as create and preserve value
o Base evaluation of internal control on a recognized framework
o Subsidiary
o Business unit
o Division
o Entity level
Term
a. Enterprise Risk Managements-
Definition
process the BOD and management use to set strategies, identify events that may affect the entity, assess and manage risks and provide reasonable assurance that the company achieves its objectives and goals
Term
COSO UPDATE CONTROL ENVIRONMENT (5 principles)
Definition
• Commitment to integrity and ethics
• Oversight for internal control by the board of directors, independent of management
• Structures, reporting lines, and responsibilities in the pursuit of objectives established by management and overseen by the board
• Commitment to attract, develop, and retain competent individuals in alignment with objectives
• Holding individuals accountable for their internal control responsibilities in pursuit of objectives
Term
COSO UPDATE RISK ASSESSMENT (4)
Definition
• Specifying objectives clearly enough for risks to be identified and assessed
• Identifying and analyzing risks to determine how they should be managed
• Considering the potential of fraud
• Identifying and assessing changes that could significantly impact the system of internal controls
Term
COSO UPDATE CONTROL ACTIVITIES (3)
Definition
• Selecting and developing controls that help mitigate risks to an acceptable level
• Selecting and developing general control activities over technology
• Deploying control activities as specified in policies and procedures
Term
COSO UPDATE INFORMATION AND COMMUNICATION (3)
Definition
• Obtaining or generating relevant high-quality information to support internal control
• Internally communicating information, including objectives and responsibilities to support the other internal control components
• Communicating relevant internal control matters to external parties
Term
COSO UPDATE MONITORING ACTIVITIES (2)
Definition
• Selecting, developing and performing ongoing or separate evaluations of internal control components
• Evaluating and communicating deficiencies to those responsible for corrective action, including senior management and the board of directors where appropriate
Term
expected loss = __ x __
Definition
impact x likelihood
Supporting users have an ad free experience!