Internal Controls
This type of control deters problems before they arise.
What is preventive controls?
Measures such as vacations, rotation of duties, and fidelity bond insurance are used to prevent this.
What is fraud?
Controls that prevent problems before they occur.
What are preventive controls?
This occurs when two or more people cooperate to override internal controls.
What is collusion?
Analytical reviews and reconciliations are part of this type of control.
What are independent checks on performance?
Internal controls aim to provide this type of information to support decision-making and reporting.
What are accurate and reliable information?
The type of risk that exists before any controls are implemented.
What is inherent risk?
These control activities include policies, procedures, and rules designed to meet objectives.
What are control activities?
The separation of authority and responsibility within the information system function.
What is segregation of systems duties?
A path that allows transactions to be traced from origin to output.
What is an audit trail?
This framework allows management to benchmark IT security, assures users that controls exist, and helps auditors advise on IT matters.
What is COBIT?
The risk that remains after management implements controls.
What is residual risk?
Three types of controls that should be included in a good internal control system
What are preventive, detective, and corrective controls?
This committee oversees systems development and acquisition.
This technology is tamper-resistant and ensures transaction integrity by storing duplicate copies across a network.
What is blockchain?
The COBIT process “EDM” stands for these three words.
What is Evaluate, Direct, and Monitor?
The term for a company taking no action because the risk is within tolerance levels.
What is accepting risk?
The control activity that ensures employees have proper authority to perform tasks.
What is authorization?
The control process that ensures modifications to systems do not introduce errors or facilitate fraud.
What is change management?
This system gathers, records, processes, stores, summarizes, and communicates information about an organization.
What is an Accounting Information System (AIS)?
A weak or deficient control environment often results in breakdowns in this.
What is risk management and control?
One of the four ways management can respond to risk that involves transferring it to another party.
What is sharing risk?
A type of authorization for routine transactions that does not require special approval.
What is general authorization?
Employees who enter transactions and create new accounts are part of this function.
Software that identifies suspicious patterns and unusual behavior to detect fraud is called this.
What is fraud detection software?