Entity-Level Controls from AS5 A. Access control and monitoring software. B. Budgetary controls. C. Report highlighting...

Entity-Level Controls from AS5

A. Access control and monitoring software.

B. Budgetary controls.

C. Report highlighting credit sales, returns, and allowances over the complete and entire reporting period, including 30 days after the close of a financial reporting period.

D. Use of control frameworks such as those provided by COSO and COBIT.

E. A report of all employees not taking required vacation days.

F. Development of a business interruption plan.

G. Program change controls.

H. Supervision.

1. Controls related to the control environment.

2. Controls over management override.

3. The company’s risk assessment process.

4. Centralized processing and controls, including shared service environments. = G

5. Controls to monitor the results of operations.

6. Controls to monitor other controls, including activities of the internal audit function, the audit committee and self-assessment programs.

7. Controls over the period-end financial reporting process.

8. Policies that address significant business control and risk management practices

Solutions

Expert Solution

1. Controls related to the control environment	Establishment of a code of cunduct Use of control frameworks such as those provided by COSO and COBIT.
2. Controls over management override.	Segregation of duties H. Supervision
3. The company’s risk assessment process.	F. Development of a business interruption plan. A report on IT risks and a risk action plan
4. Centralized processing and controls, including shared service environments	A systems development life cycle methodology (SDLC) G. Program change controls
5. Controls to monitor the results of operations.	B. Budgetary controls Service Leval agreements and reporting process
6. Controls to monitor other controls, including activities of the internal audit function, the audit committee and self-assessment programs.	E. A report of all employees not taking required vacation days. A file of signed code conduct letters
7. Controls over the period-end financial reporting process.	Not covered
8. Policies that address significant business control and risk management practices	A. Access control and monitoring software. Selection and hiring control plans

ekkarill92 answered 1 year ago

Next > < Previous

Related Solutions

1. Entity-level controls are__________ Select one: a. Are designed to supplement a key control that is...

1. Entity-level controls are__________ Select one: a. Are designed to supplement a key control that is either ineffective or cannot fully mitigate a risk or group of risks by itself. b. Are designed to mitigate risks that threaten processes, activities, tasks, and transactions. c. Are designed to reduce key risks associated with business objectives d. Are designed to directly mitigate risks that exist at the organization-wide level. 2. Which of the following statement regarding risks and controls associated with business...

_________ occurs if a disgruntled employee convinces another to steal from the company. A) The control environment B) Collusion C) A control activity D) Monitoring

_________ occurs if a disgruntled employee convinces another to steal from the company.A) The control environmentB) CollusionC) A control activityD) Monitoring

Definitions: subject: In the context of access control, an entity capable of accessing objects object: In...

Definitions: subject: In the context of access control, an entity capable of accessing objects object: In the context of access control, a resource to which access is controlled. role-based access control: Controls access based on the roles that users have within the system and on rules stating what accesses are allowed to users in given roles. Consider a private organization's information system where local restaurant health grades are processed and stored. Only authorized individuals such as those from the food...

Consider using mandatory access controls and compartments to implement an ORCON control. Assume that there are...

Consider using mandatory access controls and compartments to implement an ORCON control. Assume that there are k different organizations. Organization i will produce n(i, j) documents to be shared with organization j. a. How many compartments are needed to allow any organization to share a document with any other organization? b. Now assume that organization i will need to share nm(i, i1, ..., im) documents with organizations i1, ..., im. How many compartments will be needed?

Management asserts that entity-level controls are designed adequately and operating effectively to reduce to an acceptably...

Management asserts that entity-level controls are designed adequately and operating effectively to reduce to an acceptably low level the risk of managers and employees embellishing performance results or misusing company resources. What specific procedures would you as the auditor use to obtain audit evidence about the design and implementation of the client’s internal control system? What key controls would you expect to find in place if management’s assertion is true? What are the inherent limitations of internal control?

For Network Access Control and Cloud Security You are required to research and report on this...

For Network Access Control and Cloud Security You are required to research and report on this topic according to the Detail of Question below. A. Select one paper to: Read, understand in order to present three main parts: 1. Summary: o Provide a 200-300 word summary of the paper under review, from the background to the results being presented, and further work proposed. Please do NOT copy the abstract into this space! 2. Main points: o The main issues as...

Entity A sold Product C to Entity B for many years. In order to expand its...

Entity A sold Product C to Entity B for many years. In order to expand its market, recently, Entity A promoted a new product, i.e. Product D. On 1 January 2020, Entity A sold 20,000 units of Product D to Entity B at a price of $88 per unit. Cash was received when control of products transferred to Entity B. According to the contract between Entity A and Entity B, Entity A agreed with Entity B returning unused products at...

If we have centralized control of access in an organization, from C-I-A (Confidentiality, integrity, availability) perspective,...

If we have centralized control of access in an organization, from C-I-A (Confidentiality, integrity, availability) perspective, which item will be difficult to enforce? (b) One of the realities of the modern Internet is that new network vulnerabilities will be discovered almost daily. You can also count on those vulnerabilities being exploited soon after they are found. An entire industry is growing and profiting from these discoveries, whether they are used maliciously or used to lead to the prevention of future...

Highlighting contractor`s unique factors is a good strategy to: Select one: a. Control risk b. Win...

Highlighting contractor`s unique factors is a good strategy to: Select one: a. Control risk b. Win a new contract c. Get high technology d. Develop a realistic plan In a fixed-price contract, the contractor is primarily concerned with which of the following Select one: a. Risk b. Capacity c. Price d. Audits Lesson learned from last projects are registered in the phase of: Select one: a. Initiating b. Closing c. Planning d. Feasibility Mangers try to ensure necessary resources and...

Explain the following: a. Concept of internal controls b. Objectives of internal controls c. Major components...

Explain the following: a. Concept of internal controls b. Objectives of internal controls c. Major components of internal controls and key factors of each component d. Limitations of internal controls e. Preventive, detective, and corrective controls f. Methods to document the understanding of internal controls and their advantages and disadvantages

Subjects