Assignment
1. Explain the meaning of the term internal controls. Give an example of an internal control. Explain the control objectives that internal controls achieve.
2. Describe the types of internal controls.
3. Discuss the internal control regulatory environment - which laws or organizations require that companies maintain a system of internal controls.
4. Explain COBIT and COSO. What are the similarities and differences between the two frameworks?
5. Explain the following COSO framework components:
a. internal environment
b. objective setting
c. event identification
d. risk assessment
e. risk response
f. control activities
g. information and communication
h. monitoring
6. Auditors assess control risk in a two-stage process. First, they assess the strength of the design of the firm's control system. The first step in evaluating the design of the auditee's control system is identifying the specific threats that would prevent the information system from operating reliably and securely.
a. Explain firm-level threats.
b. Explain transaction-level threats.
7. Auditors document their control risk assessments with narratives, flowcharts and checklists. Explain and give an example of narratives, flowcharts and checklists.
8. Explain what an audit program is. How is it used before, during and after the audit? Listen to the following YouTube about audit programs, if possible: https://www.youtube.com/watch?v=lLYoUNaKoQAFind an example of an audit program. Cite the website. Discuss the key features that you found in the audit program.