Vocabulary

audit committee

subcommittee of the board of directors that is in charge of overseeing financial reporting and disclosure

Committee of Sponsoring Organizations of the Treadway Commission (COSO)

organization dedicated to providing leadership and guidance in the development of frameworks on risk management, internal control, and anti-fraud measures

compliance objective of internal control

business activity of adherence to laws set by governing bodies and regulations set by regulatory bodies to which the entity is subject

control element

one of five elements for an effective internal control system; namely, control environment, risk assessment, control activities, information and communication, and monitoring

control environment

established by the board of directors and senior management. It is composed of standards, processes, and structures that provide the basis for carrying out internal control across an organization.

cost-benefit analysis

assessing the benefits of implementing a specific internal control to determine if the benefits exceed its costs

employee fraud

internal fraud committed by an employee against the company, which may include cash theft, expense reimbursement fraud, or use of company funds to pay for personal purchases

external auditor

independent auditor outside the organization that reviews the financial reporting to confirm accuracy

inherent limitations of internal control

concept that every well-designed internal control system will have its limitations

internal auditor

employee of the company in charge of objectively monitoring and evaluating financial and organizational activities

internal control

process or procedure put in place to protect assets, promote effective operations, and ensure accurate accounting and record keeping

internal control system weakness

area in which the company's policies and procedures do not protect assets, ensure reliable accounting, promote efficient operations, and encourage adherence to policies and procedures or prevent fraud

operations objective of internal control

effectiveness and efficiency of an organization's operations, including operations and financial performance goals, as well as safeguarding assets against loss

reporting objective of internal control

internal and external financial and nonfinancial reporting and record keeping. It may incorporate reliability, timeliness, transparency, and additional terms as set forth by regulators, recognized standard setters, or the entity's policies.

risk assessment

process involving identification and assessment of internal and external risks regarding the objectives of a business so that risk control measures can be specified to manage the assessed risks

Sarbanes-Oxley Act (SOX)

2002 U.S. legislation focusing on internal controls aimed at prevention of corporate accounting fraud

segregation of duties

establishment of responsibilities and dividing workflow to prevent fraud or other unethical practices