1. What are two key provisions of the Sarbanes Oxley Act of 2002?
    • Corporate responsibility
    • Enhanced financial disclosures
  2. What are the five components of COSO (CRIME)?
    • C Control activities
    • R Risk assessment
    • I Information & communication
    • M Monitoring
    • E Control environment
  3. What does the control environment "tone at the top" consist of (PHRASED)?
    • P Philosophy & operating style of management
    • H Human resources
    • R Reporting (financial) competencies
    • A Authority & responsibility
    • S Structure (organizational)
    • E Ethical values (and Integrity)
    • D Direcgtors
  4. What is enterprise risk management?
    A process effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.
  5. Components of Enterprise Risk Management (IS EAR AIM)
    • I Internal environment
    • S Setting objectives

    • E Event identification
    • A Assessment of risk
    • R Risk response

    • A Activities (control)
    • I Information & communication
    • M Monitoring
  6. Key elements of internal evironment (PHRASED C)
    • Risk management philosophy
    • Risk appetite
    • Board of Directors
    • Integrity and Ethical Values
    • Commitment to Competence
    • Organizational Structure
    • Assignment of Authority and Responsibility
    • Human Resources Standards
Card Set