Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
11 Cards in this Set
- Front
- Back
What should the risk management strategy of an organisation should encapsulate?
|
The risk profile of the organisation, i.e., the level of risk it finds acceptable
The risk assessment and evaluation processes the organisation practices |
|
Effective risk management requires what?
|
Management commitment, Integration with the strategic planning process, Acceptance of risk management as a continuous process Organisation-wide ownership. |
|
Risk management process comprises of three areas?
|
Risk assessment analyses and evaluates risk through processes of identification, description and estimation.
Risk reporting is concerned with regular reports in relation to risk.
Risk treatment is the process of selecting and implementing measures to modify risk. |
|
A risk management framework needs to be established, reflecting the policy and guidelines for the organisation. Particular roles should be established and responsibilities should be assigned to?
|
The Board, or its audit committee
A risk management group
The chief risk officer
Internal audit
External audit
Line managers
All employees |
|
Establishing a strategy for staff fraud involves:
|
Risk profile
Risk assessment
Risk treatment
Assigning responsibility
Reporting and monitoring |
|
What three things should a good internal control system produce?
|
Effective and efficient operation
Internal financial control
Compliance with laws and regulations |
|
An internal control system includes
|
all the policies and procedures adopted by the directors and management of an entity to assist in achieving their objectives of ensuring, the orderly and efficient conduct of a business. This includes adherence to internal policies, the safeguarding of assets, the prevention and detection of fraud and error, the accuracy and completeness of the accounting records and the timely preparation of reliable financial information. It comprises the control environment and control procedures. |
|
Control environment is ?
|
The overall attitude, awareness and actions of directors and management regarding internal controls and their importance to the entity. It encompasses the management style, and corporate culture and values shared by all employees. It provides a background against which the various other controls are operated
|
|
Control procedures are?
|
Those policies and procedures in addition to the control environment which are established to achieve the entity's specific objectives.
|
|
Some different types of control are?
|
Organisation Segregation of duties Physical Authorisation and approval Arithmetical and accounting Personnel Supervision and management |
|
There are four types of control objective: |
Detective
Directive
Preventive Corrective |