Risk
The protection and safeguarding of sensitive and critical information and the physical assets that support information technology.
the process that assesses and evaluates the compliance in addressing the internal control objectives
What is monitoring?
the Public Accounting Reform and Investor Protection Act of 2002
What is Sarbanes-Oxley Act?
A measure of conformity with applicable laws and regulations, as well as internal policies and procedures
is an indicator of the level of control consciousness of the company, providing direction, discipline and structure
integrity, accuracy, completeness, and timely release of information to the governing subcommittees and/or departments.
have some responsibility and accountability within the internal control environment
Addresses the company’s exposure to loss
creating and maintaining an ethical work environment
the identification and analysis of relevant risks to achieving objectives
determines whether an organization’s financial statements are free of material misstatement.
what is an auditor?
company’s goods and/or services do not consistently meet or exceed expectations
What is customer satisfaction?
examines and improves existing internal controls and/or implements new internal controls to mitigate risks
What is self-assessment?
are embedded in the operational and financial processes
wrongful or criminal deception intended to result in financial or personal gain
what is Fraud?
is responsible for communicating the expectations and duties of staff as part of a control environment. They are also responsible for assuring that the other major areas of an internal control framework are addressed.
business strategies are not responsible to environmental change, are not driven by appropriate inputs and are not communicated consistently throughout the organization.
identifies, captures, and communicates data
What is information and communication?
ultimately responsible for a company’s system of internal control