CSA
It is the formal process used to identify risks and evaluate controls through structured questionnaires.
What is a Control Self-Assessment (CSA)?
It is the result of the potential financial impact of a risk multiplied by the probability of occurrence.
What is monetization?
These are the months where the compliance months take place
What is September and October?
It is the global platform for identity access management and governance.
What is IGA?
It is the main reason why organizations implement segregation of duties in their financial processes.
What is mitigating the risk of fraud and error?
These are the three phases of the CSA model
What is engagement, assessment and improvement?
It is the level of risk that an organization is willing to assume.
What is Risk Appetite?
Is the process to approve a policy or procedure through an electronic signature.
What is a certification in the Workiva P&P workspace?
It is the control that validates the current status of access and privileges
What is the user recertification?
It is one of the four classic functions of SoD is to authorize or approve transactions.
What is the Approval function?
It is Simple, Flexible, Integrated and Continuos Improvement
The 4 principles of the CSA model are?
These are the activities that are carried out in order to reduce the level of exposure to a risk.
What is risk treatment or risk mitigation?
It is the global policy that defines the framework for creating, approving, and updating internal documents.
What is GGB-002 Global Policy on the Regulatory Framework?
Is responsible for enforcing the control that users are not shared
Who is each user?
In an internal control model, is the area that monitors the effectiveness of segregation of duties and acts as a second line.
What is the Internal Control area?
This instructive outlines the steps to launch a CSA, including planning, design, and communication.
What is INS-IC-06 Instruction for launching a Control Self-Assessment?
This is one of the characteristics sought by ERM, which provides certainty of information, which is why evidence is required.
What is reliability?
Are Additional work, Relationships with associates, relatives, former associates, suppliers, Participation in other companies and Government realtionships.
The four conflict of interest types are?
Is responsible for recertifying each asociate’s accounts and privileges?
Who is associate’s manager?
It is the US law that requires controls such as segregation of duties (SoD) to ensure the reliability of financial information.
What is the Sarbanes-Oxley Law (SOX)?