lease and deprication.doc

52 views3 pages
22 Apr 2012
Department
Course
Professor

For unlimited access to Class Notes, a Class+ subscription is required.

Risk Management
Internal control systems are useful because they identify and correct accounting-related fraud or
errors. However, internal controls are useless if risks associated with an organization’s routine decisions
are not monitored. Enterprise risk management (ERM) focuses on risks to an organization’s operations
and ensures controls are in place to eliminate, mitigate, or compensate such risks. Additionally, ERM
identifies and assesses risks related to management’s objectives by evaluating internal control components:
control environment, risk assessment, control procedures, monitoring, and information and
communication.
Control Environment
An effective control environment primarily defines organizational structure, commitment to competence,
assignment of authority and responsibility, and internal audit functions. Control environments are
important any type of risk approach because it establishes organizational tone, the foundation of
organizational internal control, and its response to risk.
Risk Assessment
Risk assessment is the process used to estimate the likelihood and impact of risks on management’s
objectives. Risk assessment generally includes risk-response. After potential risks are identified, they
become part of an organization’s risk portfolio. Risk response is then used to evaluate correlations and
total impact and make changes to optimize the risk portfolio.
Control Procedure
Control procedures are actions taken by management to eliminate, mitigate, and compensate for risks. The
most frequently used control procedures are performance reviews, segregation of duties, physical controls,
and information-processing controls. Performance reviews gives management the opportunity to perform
periodic evaluations of the organization’s objectives and ensure they are being met. Segregation of duties
separates tasks such as authorization to execute transactions, recording transactions, and periodic
reconciliation of existing assets to current amounts to reduce the risk of an individual creating and
concealing errors, frauds, and misstatements within the organization. Organizations have physical controls
in place to prevent access to documents, inventory, and specific areas by unauthorized
individuals. Information-processing controls create audit trails and are in place to ensure financial
statement transactions are processed correctly.
Monitoring
Monitoring is an ongoing assessment of the quality of an organization’s internal controls. Examples of
monitoring controls may include analyzing customer or vendor billing complaints, supervising the accuracy
of transaction processing, and comparing recorded amounts to assets and liabilities. Monitoring activities
are similar to control activities. Unlike control activities, monitoring activities are more in-depth because
they include identifying weaknesses in other controls. Although monitoring includes management related
tasks, audit committees are generally assigned these tasks.
Information and Communication
Information and communication are necessary for management to complete an organization’s
objectives. Information systems are effective when they consistently provide timely, current, accurate, and
accessible information related to an organization’s external sources. Communication is the means of
relaying information to internal and external sources through report production and distribution.
Depreciation Methods
Unlock document

This preview shows page 1 of the document.
Unlock all 3 pages and 3 million more documents.

Already have an account? Log in

Get access

Grade+
$10 USD/m
Billed $120 USD annually
Homework Help
Class Notes
Textbook Notes
40 Verified Answers
Study Guides
1 Booster Class
Class+
$8 USD/m
Billed $96 USD annually
Homework Help
Class Notes
Textbook Notes
30 Verified Answers
Study Guides
1 Booster Class