Risk Assessment, Controls and Risk Management

Risk Assessment, Controls and Risk Management - R isk...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
Risk Assessment, Controls and Risk Management Internal Control Definition and Objectives According to the COSO internal control is a method, or process, that is carried out by an entity's board of directors, management and other personnel that is designed to provide reasonable assurance that the company's objectives in the following three categories will be achieved: 1) Effectiveness and efficiency of operations 2) Reliability of financial reporting 3) Compliance with applicable laws and regulations Who Is Responsible for Internal Control? - The board of directors is responsible for overseeing the internal control system, providing governance, guidance and insight. - The CEO is ultimately responsible for the internal control system and the "tone at the top". - Senior managers delegate responsibility for establishment of specific internal control policies - Financial officers and their staffs are central to the exercise of control - Internal auditors play a monitoring role. They evaluate the effectiveness of the internal controls - Virtually all employees are involved in internal control Note: Internal auditors evaluate the effectiveness of the control systems and contribute to their ongoing effectiveness, but they do NOT have the primary responsibility for establishing or maintaining the control systems. Components of Internal Control 1) Control Environment E 2) Risk Assessment R 3) Control Activities C 4) Information and Communication I 5) Monitoring M CRIME Component 1: The Control Environment Is the foundation for the other components, It provides discipline and structure, it encompasses “include” the attitude and action of the board of directors and set “tone at the top”, it set of: -Organizational structure: Its ability to provide the necessary information flow to manage its activities. Adequacy of definition of key manager’s responsibilities, and their understanding of these responsibilities. -integrity and ethical values: -Existence and implementation of codes of conduct and other policies regarding acceptable business practice, conflicts of interest, or expected standards of ethical and moral behavior. -Management philosophy and operating style: -Nature of business risks accepted, e.g., whether management often enters into particularly high-risk ventures, or is extremely conservative in accepting risks. -Frequency of interaction between senior management and operating management. -Attitudes and actions toward financial reporting, including disputes, misapplied accounting principles, important financial information not disclosed, or records manipulated or falsified). -Human Resource Policies and Practices: include hiring, orientation, training, evaluating, counseling, promoting and
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 08/16/2011 for the course MGMT 301 taught by Professor Hisham during the Spring '11 term at McMaster University.

Page1 / 4

Risk Assessment, Controls and Risk Management - R isk...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online