CHAPTER 22
INTERNAL CONTROLS BEST PRACTICES
22.1 OVERVIEW
(a) Controls over Planning and Budgeting
(b) Controls over Operational Risk
(c) Controls over Financial Statement Risk
(d) Compliance-Related Controls
(e) The Audit Imperative
(f) Remediation
(g) Enterprise Risk Management, COSO ERM
22.2 COSO II
(a) Assessment of Controls
(i) Design Effectiveness and Operational Effectiveness
(ii) Scoping of the Audit Requirement
(iii) Materiality
(iv) Relevance
(v) Top-Down Approach to Controls Assessment
22.3 AUTOMATION OF CONTROLS
(a) Prevention versus Detection
(b) Field-Level Audit
22.4 TYPES OF AUTOMATED CONTROLS
(a) Access Controls
(b) Process Controls
(c) Continuous Monitoring
(i) Control Areas
(d) Transaction Controls
(e) Master Data Controls
(f) System Configuration Controls
(i) Accounting, Consolidation, and Financial Reporting Controls
(ii) Subsidiary Ledger Controls
22.5 PRIMARY FINANCIAL CONTROL CONSIDERATIONS
(a) Revenue Cycle
(b) Procurement Cycle
(c) Intangibles
(d) Property, Plant, and Equipment Cycle
(e) Inventory/Production Cycle
(f) HR/Payroll Cycle
(g) Equity Cycle
(h) Financial Close and Reporting Cycle
(i) Tax Cycle
(j) Legal Cycle
22.6 COMBINING COMPLIANCE AND OPERATIONAL REQUIREMENTS TO ACHIEVE AN ROI ON COMPLIANCE EXPENDITURE
(a) Practical Considerations
22.7 FURTHER CONSIDERATIONS
(a) Company-Level Controls and the Control Environment
(b) International Considerations
(c) COBIT
22.8 CONCLUSION
NOTES
22.1 OVERVIEW
In its pure essence, a business exists ...
Get Governance, Risk, and Compliance Handbook: Technology, Finance, Environmental, and International Guidance and Best Practices now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
