Please enable JavaScript.
Coggle requires JavaScript to display documents.
Elements of COSO framework (Factors that influence risk (Single person…
Elements of COSO framework
control environment elements
planning
All activities of the organisation must be properly planned to objective of the organisation.
Organising
this implies the co-ordination of people and plans in order to execute the planning.
Directing
This is a process of allocating resources to ensure objectives are met and includes elements of leadership, motivation and communication.
Controlling
this is a process of ensuring that the directed actions have been executed as planned
Factors that influence risk
Single person dominating operating and financial decision-making process.
Aggressive management in the environment of poor internal control activities
High turnover of management, especially the accounting personnel.
An unduly aggressive approach of management to financial reporting
Management’s poor reputation in business community
Management’s excessive emphasis on obtaining profit forecasts
Significant part of the remuneration of management being based on operating results
•Pressure on management, especially those are similar organization to decrease profit in order to pay less tax
•Future existence of the organisation resting on obtaining funding from outside sources
Method to communicate task and responsibilities to personnel
Organisational policy regarding such matters as acceptable business practice
Assignment of responsibility and delegation of authority to deal with with such matters as organisational goals and objectives.
Job description delineating specific duties, reporting relationships and constraints.
Computer system documentation indicating the procedures for authorizing transactions and approving system changes
Risk assessment
threaten achievement of objectives
Management’s responsibility to do the following regarding risks: identify, measure, analysis and control.
Control activities
Are policies and procedures.management ‘s responsibility ensure risk mitigated and objectives are achieved
Classification of internal control activities
Preventive control
Definition
Prevent undesirable outcomes before it occur
Forestall errors and prevent cost of correction
Most cost effective category
Detective control
Identify undesirable outcomes when occur
Corrective control
Corrective action taken reverse undesirable outcome prevent recur
Types of internal auditing activities
Segregation
Proper authorities of transactions and activities
Adequate document and records
Safeguarding of assets and information
independence checks
Information and communication
Identifying the need of pertinent information
Monitoring
Assessing quality of performance
risk assessment & internal control activities