Information & Communication - ANS-OIE
Obtain and use information
Internally communicate information
External party communication
Monitoring Activities - ANS-SOD
Separate Ongoing evaluations
Communication of Deficiencies
,updating mission and vision as internal controls
Existing Control Activities - ANS-CATP
Control Activities selected and developed
Technology controls
Policies and procedures
Components of ERM - ANS-GO PRO (5 components)
Governance and culture
strategy and Objective-setting
Performance
Review and Revision
information, communication and reporting Ongoing
Principles of ERM - ANS-DOVES SOAR VAPIR SIR TIP (20 principles)
ERM principles of Governance and Culture - ANS-DOVES
defines Desired culture
exercises board Oversight
demonstrates commitment to core Values
attracts, develops and retain capable Employees
establishes operating Structure
ERM principles of Strategy and Objective-setting - ANS-SOAR
evaluates alternative Strategies
formulates business Objectives
Analyzes business context
defines Risk appetite
ERM principles of Review and Revision - ANS-SIR
assesses Substantial change
pursues Improvement in ERM
Reviews risk and performance
ERM principles of Information, Communication, and Reporting Ongoing - ANS-TIP
leverages information and Technology
communicates risk Information
, reports on risk, culture and Performance
Principles based approach - ANS-requires management judgement
COSO Framework Document - ANS-COPS
Component evaluation
Overall assessment
Principal evaluation
Summary of IC deficiencies
Developing Value - ANS-CPER
Creation
Preservation
Erosion
Realization
Mission, Vision and Core Values - ANS-Mission - why
Vision - what
Core Values - how
Definition of ERM - ANS-CCPIS - to manage risk and create value
Culture (core values)
Capabilities
Practices
Integration with Strategy-setting and performance (mission and vision)
Frequency/likelihood by Severity(impact) chart (ARTS) - ANS-High F by High S - Avoid
High F by Low S - Reduce
Low F by High S - Transfer (buy insurance - share)
Low F by Low S - Self-insure (accept - chosen industry)
SOX Title III - Corporate Responsibility - ANS-Audit Committee:
no compensation
not related to issuer
otherwise indep
responsible for auditor
auditor reports to them
responsible for resolving issues between mgt and auditor
establish whistleblower hotlines
CEO/CFO representations:
internal control is their responsibility
evaluated IC in 90 days prior
they include conclusions about IC effectiveness
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller lydiaomutho. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.99. You're not tied to anything after your purchase.