Sarbanes-Oxley Act of 2002
"To protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes."
What is the intent of the Sarbanes-Oxley Act
The five interrelated components of internal control
Used to protect servers and buildings from getting compromised from both online threats and physical threats
what are firewalls
What are Opportunity, Motivation/pressure, Rationalization
an internal source document used to notify the General ledger to make an accounting entry
What is a Journal Voucher
requires public companies to annually file an internal control report with the SEC
What is Section 404 of Sarbanes-Oxley
Under which of the Internal Control components does this fall: The organization identifies and assesses changes that could significantly impact the system of internal control.
What is Risk Assessment
The four steps that are described through the IT Department Functions diagram
In order for fraud to occur a person must have two requirements
What are Deliberate intent and the manipulation of information for criminal purposes?
the four subcategories within the segregation of duties control plan
Authorizing Events, Executing Events, Recording Events, Safeguarding/Custody of resources.
Requires cover disclosure in financial reporting, for transparent reporting of the true economic effect.
What is Section 401 of Sarbanes-Oxley Act
A particular process within your company has controls associated with it, such as collecting payments or being billed
What are Business Process Control Plans
The process that ensures the IT adheres to the overall objectives of the organization's strategy, as well as protecting it assets.
What is IT governance
An employee inserts this code into the company, but the code will not go in execute unless a certain event does not occur
What is a Logic Bomb
As discussed in class, As described in the Summary of Personnel Control Plans diagram, the checklist of Personnel Control Plans includes
What is Selections and Hiring, Retention, Personnel Development, Personnel Management, and Personnel Termination Control Plans
Prohibits audit firms from providing a wide array of non-audit services, such as consulting of financial information, to audit clients.
What is Section 201 of Sarbanes-Oxley Act
The control plan which focuses on fixing problems that have occurred
What is Corrective Control Plan
Within the implementation of software changes, this organizational design ensures that project selection is in line with the organizational plans and budgets allowed and that this base is applied to each tasks undertaken
What is Project-Management Framework
Has legal responsibility to prevent fraud and other irregularities
what is management
The hierarchy of data in order from smallest to largest
What is Character, Field, Record, Table
As discussed in class, the two companies which heavily led to the passing of The Sarbanes-Oxley Act of 2002.
What are WorldCom and Enron
Monthly reconciliations of departmental transactions, physical counting of inventory, or an end of the month cash count would all be considered this type of control plan
The IT security functional positions
What are Policies and Compliance, Physical Security and Disaster Recovery, and Access Control
As discussed in class, the recent lawsuit against one of the big four, for not disclosing known information about the wrongdoing.
What is the EY Ethics Cheating Scandal
Designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite. This addresses four categories of objectives: Strategic, Operations, Reporting, and Compliance
What is Enterprise Risk Management