Term
|
Definition
A body of guiding principles that form a template against which organizations can evaluate a multitude of business practices.
|
|
|
Term
|
Definition
| Internal Control over Financial Reporting |
|
|
Term
|
Definition
Committee of Sponsoring Organizations of the Treadway Commission, a voluntary private sector organization dedicated to improving the quality of financial reporting through business ethics, effective internal controls, and corporate governance.
|
|
|
Term
| Supplemental publications to COSO's Internal Control-Integrated Framework |
|
Definition
| Internal Control over financial reporting-guidance for smaller public companies; Guidance on monitoring internal control systems. |
|
|
Term
| The COSO, CoCo, and Turnball frameworks |
|
Definition
| Are used by an increasing number of organizations to evaluate the entire system of internal control, not just internal controls over financial reporting |
|
|
Term
| Internal Control (COSO's definition) |
|
Definition
| A process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: Effectiveness and efficiency of operations. Reliability of financial reporting. Compliance with applicable laws and regulations. |
|
|
Term
| The components of internal controls |
|
Definition
| Control environment, Risk Assessment, Control Activities, Information and Communication, Monitoring |
|
|
Term
|
Definition
| Successes that must be accomplished for objectives to be achieved. |
|
|
Term
|
Definition
| Dividing control activities among different people to reduce the risk of error or inappropriate actions taken by any single individual |
|
|
Term
| Actions speak louder than words |
|
Definition
| In addition to hardcopy, electronic, and oral communication formats, management's actions powerfully communicate what is important to the organization |
|
|
Term
| Deficiency (COSO's definition) |
|
Definition
| "A condition within an internal control system worthy of attention" that may represent a perceived, potential, or real shortcoming, or opportunity to strengthen the internal control system to provide a greater likelihood that the entity's objectives will be achieved |
|
|
Term
|
Definition
| The CEO has primary responsibility for setting the "tone at the top" and establishing a positive control environment. |
|
|
Term
|
Definition
| The entity-wide attitude of integrity and control consciousness, as exhibited by the most senior executives of an organization |
|
|
Term
|
Definition
| A level of assurance that is supported by generally accepted auditing procedures and judgments |
|
|
Term
| Inherent Limitations of Internal Controls |
|
Definition
| The confines that relate to the limits of human judgments, resource constraints and the need to consider the cost of controls in relation to expected benefits, the reality that breakdowns can occur, and the possibility of collusion or management override |
|
|
Term
|
Definition
| The combination of internal and external risk factors in their pure, uncontrolled state, or the gross risk that exists assuming there are not internal controls in place |
|
|
Term
|
Definition
| The amount of risk, on a broad level, an organization is willing to accept in pursuit of its business objectives. Risk appetite takes into consideration the amount of risk that management consciously accepts after balancing the cost and benefit of implementing controls |
|
|
Term
|
Definition
| The portion of inherent risk that management can reduce through day-to-day operations and management activities |
|
|
Term
|
Definition
| The portion of inherent risk that remains after management expects its risk responses (sometimes referred to as net risk) |
|
|
Term
|
Definition
| A control that operates across an entire entity and, as such, is not bound by, or associated with, individual processes. |
|
|
Term
|
Definition
| An activity that operates within a specific process for the purpose of achieving process level objectives |
|
|
Term
| Transactional-level Control |
|
Definition
| An activity that reduces the risk relative to a group or variety of operational-level tasks or transactions within an organization |
|
|
Term
|
Definition
| An activity designed to reduce risk associated with a critical business objective |
|
|
Term
|
Definition
| An activity designed to either reduce risk associated with business objectives that are not critical to the organization's survival or success or serve as a backup to a key control |
|
|
Term
|
Definition
| An activity that, when taken together with other controls, contributes to the overall effective mitigation risk. Frequently, complementary controls operate across multiple processes and risks |
|
|
Term
|
Definition
| The U.S. Public Company Accounting Oversight Board |
|
|
