All page numbers refer to the COSO Enterprise Risk Management—Integrated Framework. You may print the relevant pages or may save the book to a storage device. No citation or bibliography is necessary unless you utilize a resource other than the Integrated Framework.
- Read Objective Setting pages 35 38.
- Read Event Identification pages 41 43 (stop at Event Identification Techniques) and Exhibit 4.2 pages 46 47.
- Read Risk Assessment pages 49 50 (stop at Data Sources.)
- Read Risk Response pages 55 58 (stop at Portfolio View.)
- Read Control Activities pages 61 64 (stop at Controls over Information Systems.)
Control activities relate primarily to which risk response?
- Identify and explain examples of performance indicators, financial analysis tools, and operational metrics that could be used to detect irregularities and unexpected results.
- Identify and explain three basic duties that must be “segregated” (completed by different people) in order to maintain adequate internal control.
- The owner of Gardner Company, a small manufacturing client, has asked your advice on how to best segregate duties given that there are only 3 clerical employees. Assign the following eight functions between employees 1, 2 and 3.
- Maintain the general ledger
- Maintain the accounts payable subsidiary ledger
- Maintain the accounts receivable subsidiary ledger
- Prepare checks for signature
- Maintain the cash disbursements journal
- Issue credits on returns and allowances
- Reconcile the bank account
- Receive and deposit cash receipts
Employee 1
Employee 2
Employee 3
- In a small company, complete segregation of duties may not be possible. Explain the best “compensating” control?
- When designing a control for a specific identified risk, do you feel a company should focus on preventive or detective controls?
Attachments:
COSO ERM Fram….pdf
Instrucrion.docx