Professional Documents
Culture Documents
Rais12 PPT 07
Rais12 PPT 07
Compare and contrast the COBIT, COSO, and ERM control frameworks.
Describe the four types of control objectives that companies need to set.
Describe the events that affect uncertainty and the techniques used to identify them.
Explain how to assess and respond to risk using the Enterprise Risk Management (ERM) model.
Functions Categories
Preventive General
Deter problems Overall IC system and
processes
Detective
Discover problems Application
Transactions are processed
Corrective correctly
Correct problems
Organizational structure
External influences
Strategic
High-level goals aligned with corporate mission
Operational
Effectiveness and efficiency of operations
Reporting
Complete and reliable
Improve decision making
Compliance
Laws and regulations are followed
Identify Risk
Identify likelihood of risk
Identify positive or negative impact
Types of Risk
Inherent
Risk that exists before any plans are made to control it
Residual
Remaining risk after controls are in place to reduce it
Reduce
Implement effective internal control
Accept
Do nothing, accept likelihood of risk
Share
Buy insurance, outsource, hedge
Avoid
Do not engage in activity that produces risk
Effective supervision.