Dunn Solutions Manual for Enterprise Information Systems: A Pattern Based Approach, 3eChapter 14 Review Questions R1. What is a system of internal controls? Internal controls are a set of rules, policies, and procedures an organization implements to provide reasonable assurance that (1) its financial reports are reliable, (2) its operations are effective and efficient, and (3) its activities comply with applicable laws and regulations. R2. Distinguish between risk, exposure, and threat. Risk, as with many words in the English language, has multiple meanings so we must be careful to define how we are using it. A riskis any exposure to the chance of injury or loss. (Some people use the term riskin a more narrow sense to describe the probability of a loss occurring.) Threatis another word some people use to describe these situations because they represent a probable evil, violence, or loss to the entity. There are so many potential risks that it may seem overwhelming to try to control all of them. So we should only worry about the most significant risks. The significance of a risk is determined by (a) its impact on the organization, and (b) the likelihood of it occurring. Exposureis a word some people use to describe the potential impact on the entity. R3. Describe the relationship between risk, opportunity, and objectives. Opportunity and risk go hand in hand. You can’t have an opportunity without some risk and with every risk there is some potential opportunity. People’s objectives and the stated objectives of the organization impact both risks and opportunities. Conservative objectives that can be easily achieved require less risk. More aggressive objectives create greater risk as more difficult and complex activities are pursued to achieve them. Change creates opportunities. The world is constantly changing and change is often viewed in a negative light because it upsets the status quo. The people who are the most successful are those who are able to anticipate change, recognize the opportunities associated with it, and adapt very quickly. In summary, change creates many new opportunities. The opportunities an organization seeks are guided by its objectives. But with every opportunity there is some element of risk. We seek to manage these risks by a system of controls.
has intentionally blurred sections.
Sign up to view the full version.