Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
76 Cards in this Set
- Front
- Back
|
corporate governance content
|
1) financial reporting of public companies. 2) internal controk
|
|
|
COSO control envirnment
|
management operating style relates ethics. and financial reporting. vs human resource policies ( recruit and evaluate the employee)
|
|
|
compliance program
|
q
|
|
|
enhanced financial disclosure: SOX
|
contigency loss that pending law suit was not accrued
|
|
|
SOX: internal control : repoting
|
assumption of responsibility. assessment of effectiveness of I/c
|
|
|
SOX. code of ethic provisions
|
1 full fair accurate disclosure. 2 honesty ethic conduct
|
|
|
Sox: audit committee financial expert
|
a
|
|
|
COSO
|
a
|
|
|
external communication vs internal communication
|
external: the matter that affecting f/s is communicated with outside party. internal: enable archive objective. variance analysis = to suppirt internal control. internal control information
|
|
|
COSO monitoring
|
deficiencies is identified reported investigated on going and separate evaluation
|
|
|
COSO: ERM ( enterprise risk management)
|
1) risk assessment: the determination of likelihood or impact on the event to achieve the objective of company. 2) control activity: response to a risk
|
|
|
risk sharing ERM
|
insuring against loss or do joint venture
|
|
|
COSO: an operational objective vs a reporting objective
|
COSO: an operational objective. ( within budget) vs a reporting objective.( GAAP)
|
|
|
IPPF: international
|
a
|
|
|
IIA standards
|
the chief audit executive to establish a risk based approach to determine audit priorities
|
|
|
ERM: enterprise risk management
|
1. internal environment. 2. objective setting. 3 event identification. 4. risk assessment 5 risk response. 6 control activities. 7 information and communication. 8 monitoring
|
|
|
audit comittee
|
qualification ( competence independence) a financial expert. responsibilities
|
|
|
disclosure committee
|
to management. a standard reporting package
|
|
|
compensation committee
|
make a recommendation to BOD
|
|
|
NYSE. NASDAQ rules
|
independent of directors. 5 yrs for director &:family member for employee of the company. 3 yrs for NASDAQ. 5yrs for audit firm 3 for nasdaq. 3 yrs for receiving $ 120k other than director compensation
|
|
|
SEC
|
responsible for protecting investors
|
|
|
COSO
|
3 principles : operating efficiency. compliance. F/S. 5 component uCRIME
|
|
|
control environment
|
1. mgmt integrity ethical value. 2. philosophy operating style. 3. organization structure. 4 BOD. AUDIT COMMITTEE participation. 5. inter audit function. 6. personnel policies and practice. 7 . external influences 8 includes set of standards. process and structures
|
|
|
risk assessment. COSO
|
risk assessment for financial reporting. risk= change--- new--- restructuring rapid expand----
|
|
|
control activity
|
authorization. contro of transacton is SOD. documents and records. safeguarding. independent check on performance 2) includes polices procedures that mgmt s directives r carried out. routinely perform controls
|
|
|
information and communication
|
identification retention. transfer of information
|
|
|
monitoring
|
ongoing. and separate evaluation of the quality of IC
|
|
|
assessment of the effectiveness of ICFR ( internal control over financial reporting )
|
SOX 404b: express opinion on IC. auditor. plan & perform. to get reasonable assurance whether material weakness exist. 2 one or more material weakness = IC is not effective.
|
|
|
control deficiency
|
the design or operation of control NOT prevent or detect misstatements on a timely basis
|
|
|
significant deficiency
|
a control deficiency or combination of control deficiencies. less severe than a material weakness
|
|
|
material weakness
|
a or combination of significant deficiency. a reasonable possibility that material misstatements of f/s will not be prevented or corrected in a timely badis
|
|
|
compensating control
|
exist then control deficiency is ordinarily not a significant deficiency or material weakness
|
|
|
strong indicator of mw
|
1 fraud by senior mgmt 2 restatement due error or fraud. 3 mw was not detected by IC. 4 ineffective oversight. 5. compensation for mgmt increase. 6 effect in compliance
|
|
|
ICFR: PCAOB
|
1. unqualified. 2. withdrawal or disclaimer . 3 an adverse ; one or more mw. if remediated by year end then UQ. 4 date should be same ICFR = FR
|
|
|
defective certifications
|
COE 1 M or 10 yrs in prison. willful dc : 5M or 20yr
|
|
|
risk reduction vs risk sharing
|
reducrion: relocation compensating or mitigation control. sharing: a joint venture. buying insurance
|
|
|
risk assessment
|
objective setting--- event identification -- risk assessment -- risk response
|
|
|
threshold triggers
|
mgmt predetermined limits
|
|
|
inherent risk vs residual risk
|
inherent: mgmt nothing to do to alter. residual: risk of event after considering mgmt s response
|
|
|
ERM limitation
|
human judgement. mgmt over ride. cost benefit constraint. collusion. change in environment
|
|
|
ERP : enterprise resource planning
|
1 cross functional system. 2 integrated data f all org activities. 3 automates business work together
|
|
|
ERM 8 component
|
IS EAR AIM internal environment. setting objectives. event identification. assessment of risk risk response. activities - control. information and communication. monitoring
|
|
|
on line analytical processing vs on line transaction processing system
|
analytical: allows end users. to retrieve data from a system and perform using statistics and graphics tool. TPS: customer payment or other transaction. EIS: strategic information. in line info storage system: ex list of charges by month
|
|
|
financial expert on audit committee
|
1. experience with internal controls. 2 understanding of GAAP. internal control. audit committee function
|
|
|
BOD
|
fiduciary relationship to the company6
|
|
|
Materiality misstatements
|
auditors judgment not discuss with corporate governance
|
|
|
EAR vs APR
|
a
|
|
|
auditor. communication w audit committee
|
any disagreement ( even solved) on financial statement
|
|
|
American option vs European option
|
american: during a specific period of time. European : at a specified date
|
|
|
T - bill
|
less than 1yr. denomination of $1k. max 5M purchase. T- note : 1 - 10 yr. T - bond 10 + yr
|
|
|
credit risk
|
the default by borrower or issuer of debts security bonds
|
|
|
price risk
|
a security will decline in value
|
|
|
open ended fund vs closed end fund
|
open= mutual fund
|
|
|
COSO : reporting objectives
|
external internal financial non financial reporting objectives
|
|
|
C/S with cumulative voting rights
|
get one vote for each director
|
|
|
Dodd-Frank Act of 2010: wall street reform and consumer protection
|
insider director of BOD : offer employee. major stockholder. disclose why why not the chairperson of the board is also the CEO
|
|
|
internal audit charter
|
purpose. responsibility. authority
|
|
|
SOX
|
requires CEO to disclose all significant internal control deficiency to company's auditor and audit committee
|
|
|
IIA the institute of internal auditors
|
a risk based approach to determine audit priorities
|
|
|
ERM
|
objective: 4 strategic, operating , compliance, reporting. component:8 CRIME plus object setting. event identification. risk respinse
|
|
|
evaluators
|
individuals that monitor controls within a organization]
|
|
|
a master file vs a transaction file
|
master: permanent file. a source of reference. periodically updated
|
|
|
the role of the system analyst. the information system manager. the control group. a system programmer
|
a
|
|
|
the Dodd-Frank Act of 2010
|
all members of the compensation committee of the board of directors be independent
|
|
|
SOX : internal control
|
3: mgmt responsibility on F/S ; evaluate the effectiveness of IS. ; Auditor attested mgmt s evaluation on F/S
|
|
|
code of ethic provisions by SOX
|
disclosure on F/S and honest ethical conduct
|
|
|
compliance program
|
ethical value to hot line & ethical training program
|
|
|
COSO: information and communication
|
consider system that identify info capture process and distribute info supporting the accomplish of the financial reporting
|
|
|
COSO: risk assessment
|
principle related to consider the risk of material misstatements
|
|
|
ERM: enterprise risk management
|
IS EAR AIM: Internal environment. Setting objectives . Event identification. Assessment of risk. Risk response. Activities (control) Information and communication. Monitoring
|
|
|
SEC & NASDAQ control on board of directors
|
directors independence requirements: 5yrs (3yrs)
|
|
|
risk tolerance vs risk appetite
|
tolerance: the acceptable variation
|
|
|
risk sharing vs reduction
|
sharing: sharing the risk with another party: insurance. joint venture. hedging. reduction: reduce its likely hood or impact.
|
|
|
application programmmer
|
should NOT: operating system software; correct data. ; custody of data
|
|
|
ERM components |
Coso CRIME + setting objective. + event identification. + risk response |
|
|
BECKER CG |
Becker CG B1.1: # 2. 4. 5. 12. 15. 26. 28. 29. 34. CG B1.2: # 3. 7. 9. |
