Lecture 20 - Risk Assessment and Internal Control PDF
Lecture 20 - Risk Assessment and Internal Control PDF
Lecture 20 - Risk Assessment and Internal Control PDF
Chapter – 3
“Risk Assessment and Internal Control”
(iv) Frameworks of Internal Control:
management.
- safeguarding of assets.
policies.
20.1
Risk Assessment and Internal Control Chapter 3
(ii) CoCo (Criteria of Control):
- CoCo describes internal control as actions that foster the best result for an
(c) compliance with applicable laws and regulations and internal policies.
objectives.”
- The CoCo framework outlines criteria for effective control in the following
four areas:
(a) Purpose
(b) Commitment
(c) Capability
In order to assess whether controls exist and are operating effectively, each
address them.
(a) COBIT framework is created by the ISACA (Information Systems Audit and
crucial gap between technical issues, business risks and control requirements.
(b) Business managers are equipped with a model to deliver value to the
the IT processes.
20.2
Chapter 3 Risk Assessment and Internal Control
(c) It is a control model that guarantees the integrity of the information
system. Today, COBIT is used globally by all managers who are responsible
(d) Overall, COBIT ensures quality, control and reliability of information systems
business.
- SOX Section 404 mandates that all publicly-traded companies must establish
internal controls and procedures for financial reporting and must document,
effectiveness.
reporting.
20.3
Risk Assessment and Internal Control Chapter 3
(v) INTERNAL CHECK:
(a) Meaning:
system, whereby work of one person is proved independently to work of another, the
(b) Objectives:
(c) Considerations:
(d) Persons having physical custody of assets must not be allowed access to books
of accounts.
20.4