a process effected by an entity's board of directors, management, or other personal to provide reasonable assurance to the achievement of the following objectives; reliability of financial reporting, compliance with applicable laws and regulations, and effectiveness and efficiency of operations.
list the 5 components of COSO's integrated framework on internal control:
1. risk assessment 2. control environment 3. control activities 5. information and communication 6. monitoring
the process used to identify and evaluate the risks that may effect an organization's ability to achieve its objectives
the overall control consciousness of the organization, effected by management through, example, policies, procedures, ethical standards, and monitoring processes
the policies and procedures implemented by managers to assure the accomplishment of organizational objectives and the mitigation of risks
the process of identifying, capturing, and exchanging information in a timely fashion to assist in the accomplishment of an organization's objectives
information and communication
assesses the quality of other internal components and whether they continue to operate effectively. (includes assessment of both the design and operation of controls on a timely basis)
what usually involves a 2-way flow? explain:
information and communication; from top-management to the rest of the organization (key policies, code of conduct, and strategies) & from the bottom-up (communicating economic info as well as deviations from policies)
according to "segregation of duties" what transactional functions should be kept seperate?
authorizing, recording, and physical custody
what control procedures are often referred to as input, output, and processing?
what confirms the auditor's understanding of a firm's I/Cs