Summary Class notes - ICAIS

- Roger Meuwissen, Oscar van Leeuwen
- 2019 - 2020
- Maastricht School of Management (MSM)
469 Flashcards & Notes
1 Students
  • This summary

  • +380.000 other summaries

  • A unique study tool

  • A rehearsal system for this summary

  • Studycoaching with videos

Remember faster, study better. Scientifically proven.

PREMIUM summaries are quality controlled, selected summaries prepared for you to help you achieve your study goals faster!

Summary - Class notes - ICAIS

  • 1538344800 Lecture 1

  • Fraud Triangle

    - Perceived pressure facing individual
    - Perceived opportunity to commit fraud
    - Person's rationalization or integrity
  • Accounting Information System
    "... Processes data and transactions to provide users with information they need to plan, control and operate their business"
  • Internal Control
    "Those organizational activities aimed at providing relevant and reliable information for decision-making and accountability"
  • Three types of information in organizations
    1. Information for delegation and accountability.

    Division of labour -> Responsibility -> Account for
    Vertical Flow

    2. Information for decision-making
    E.g. decision to purchase or design product
    Vertical Flow

    3. Information for operating the business
    E.g. sharing knowledge, coordinating activities
    Horizontal Flow
  • Decision tree spectrum of information
    See slides

  • Name the aspects of quality of information

    - Validity
    - Accuracy
    - Completeness
    - Precesion
    - Timeliness
    - Understandability
  • Validity

    In accordance with reality (not too high)
  • Accuracy
    Mathematically correct
  • Completeness
    In accordance with reality (not too low)
  • Precision
    Degree of detail
  • Timeliness
    Provided on time
  • Understandability
  • What's the definition of Internal Control according to COSO?

    A process affected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to:
    - Operations (effectiveness and efficiency of operations)
    - Reporting (reliability of internal/external (non) financial reporting)
    - Compliance (adherence to applicable laws and regulations)
    - Safeguarding of assets (added by US Government Accountability Office)
  • Components of Internal Control

    - Control Environment
    - Risk Assessment
    - Control Activities
    - Information and Communication
    - Monitoring
  • Control Environment

    - Foundation of all other components
    - Norms and values with respect to control consciousness
    - Organizational culture, structure, management philosophy and operating style, HR policies, integrity and values, attitude towards IT & information provision.
  • Risk Assessment

    - Risk assessment is the identificiation and analysis of relevant risks to the achievement of the objectives
    - Objectives: operations objectives, financial reporting objectives, compliance objectives
  • Enterprice Risk Management Framework

    1. Governance & Culture
    2. Strategy & Objective setting
    3. Performance
    4. Review and revision
    5. Information, communication & reporting
  • Risk
    The threat that an event or action will adversely affect an organization's ability to achieve its business objectives and execute its strategies succesfully.
  • Risks external environment
    External threats including substitute products, catastrophic loss, changes in customers tastes and preferences, competitors, political enviroment, laws/regulations, and capital and labor availability.
  • Risks - Business process and assets loss
    Threats form ineffective or inefficient processes for acquiring, financing, transforming, and marketing products, and loss of tangible, intangible and market-based assets.
  • Risks - Information
    Threats from poor quality information for decision making and erroneous information to outsiders.
  • Preventive controls

    - Establish accountability using segregation of duties
    - Physical security of assets
    - Procedures for authorization
    - Management guidelines
    - Supervision
    - Three-way matches
    - Code of conduct
  • Preventive IT controls

    - Edit checks
    - Input controls at/between data fields
    - Physical security
    - Logical security
  • Detective controls

    - Analytical review
    - Reconciliations and control totals
    - Detailed (sample-based) checks
    - Back-up / recovery (IT)
    - Exception reports (IT)
  • What types of internal controls are there

    - Detailed checks, total checks, and partial observation
    - Direct and indirect checks
    - Formal and material checks
    - Negative and positive checks
    - Policy control
    - Standards control
    - Expectations control
    - Authority control
    - Progress control
    - Efficiency control
    - Execution control
    - Custody control
  • Information and Communication - internal control component

    - Recording of transactions
    - Matching of internal with external recordings
    - Confirmations to thirds parties
    - Communications of procedures and task assignments
    - Accountability
    - Other management reports
  • Monitoring
    Monitoring is a process that assesses the quality of an internal control system over time
  • What are the two different forms of monitoring

    - Monitoring as a continuous process
    - Monitoring as separate evaluations

    Periodical physical stocktaking, comparing the results with the accounting records, and reporting on the differences.
  • What are the cornerstones of internal control?

    1. The steering paradigm
    2. The management cycle
    3. The basic pattern of information provision
    4. The value cycle
  • The Steering Paradigm

    1. Controlled system: organization
    2. Control system: management
    3. Information system: gives information to control system
    4. Environment: provides information to information system and/or control system

    1. Information (information system) is key to controlling a system
    2. There is continuous interaction between the environment and the system
    3. The subjective choice of the system boundaries determines what information is considered internal or external
    4. There is a manager/device (control system) who attempt to control the behaviour of a subordinate/organizational unit (controlled system) on the basis of information. Information is acquired from the information system, directly from the environment, or both.
  • The management cycle

    The management cycle indicates in detail which steps management activities consists of. Ideally, there is a perfect congruence between the goals of the organization and the employees, however this hardly exists in reality and therefore people need to be managed to move them in the desired direction. According to the management cycle, this process consists of five stages:
    1. Planning (plan)
    2. Structuring (do)
    3. Execution (do)
    4. Evaluation (check)
    5. Adjustment (act)
  • The basic pattern of information provision

    In general, each process of information provision has the same structure and consists of three parts:
    1. Input
    2. Processing - using procedures and existing data collections
    3. Output

    An information system produces information by combining input data with existing data (usually contained with computer files) according to certain procedures (usually contained within computer programs) to generate the desired output.
  • The Value Cycle
    The value cycle is a model that enables visualization of segregation of duties and helps to describe the relationsship betwween positions and events in organizations. Ideally there should be segregation of duties between each part of the value cycle.
  • What are the segregation of duties?

    - Authorizing transactions (e.g. approving events (external party))
    - Recording transactions (record events in book of original entry)
    - Custody of resources (physically protect resources)
    - Controlling activities (checking (reconciliations, control totals, SOD)
    - Executing transactions (physically move resources)

  • BIDE - formulas

    Beginning balance + increase - decrease = ending balance

    Beginning inventory + purchases - sales = ending inventory
    Beginning balance cash - cash disbursements + cash receipts = ending balance cash
    Beginning balance AP + purchases - cash disbursements = ending balance AP
    Beginning balance AR + sales - cash receipts = ending balance AR
  • What are inherent limitations of internal control?

    - Human error
    - Collusion
    - Override
  • What are sometimes limitations of internal control?

    - Management's choice of internal control quality balances cost with expected benefits. So some misstatement will be optimal
    - Most internal controls are directed at routing or expected transactions. So nonrouting or unexpected transactions may not be controlled
    - Over time, controls may deteriorate due to changed conditions, or faltering compliance.
Read the full summary
This summary. +380.000 other summaries. A unique study tool. A rehearsal system for this summary. Studycoaching with videos.

Latest added flashcards

Unilateral network
Focuses on one particular goal. It exclusively works on projects that address the creation of unique products and management is aimed at the realization of the specific goal and takes place through flexibility measure (sub-optimization).
Social network
Objectives are clear and there is a lot of customization. There are varying network structures to come up with creative solutions and the structures change frequently.
Netwerk organization
Various participants operate together on changing projects. Such participants can be both within or outside the organization, but are often highly qualified staff with a high degree of autonomy.
Unilateral professional
Focuses on a very limited set of goals, often related to one group of stakeholders and has an operational culture.
Social Professional
Functional structure, focused on the welfare of employees, customers and society. Goals are explicitly defined and contain financial-economic aspects, but also customer-satisfaction. Products and services are often tailor-made
for customers since there is a high degree of flexibility. There is also a high degree of delegation.
Untargeted concern
Goals are insufficiently developed and not measurable. There is a strong political climate where the main concern is self-interest and defending one’s own position. Behaviour is therefore very risk averse and creativity and flexibility are barely present (also distrust among personnel).
Targeted Concern
Driven by financial-economic motives, has a Divisionalized structure and there is mutual competition between profit-generating divisions. Hence, these divisions are managed as investment centers, where standardization is prioritized. Finally, there is formalization of decision-making.
Untargeted bureaucracy
Personnel is divided as management behaves politically to achieve personal goals. Decision-making takes place ad hoc, with personal or departmental interests at heart. Departments are also managed as cost or revenue centers. Creativity, flexibility and enterprise is often not the focus of attention and the
balance between efficiency and flexibility is lost à decrease in job satisfaction.
Targeted Bureaucracy
Machine bureaucracy – it is formal and top-down with a focus on the pursuit of efficiency. There is emphasis on financial and economic goals, functionally specialized department and positions, multiple management levels (hierarchy), at the expense of flexibility. Departments are managed as cost or revenue centers and there is standardization.
Processes run out of control as leaders lose power (caused by organizational growth). Manageability of processes decreases, large number of rules and guidelines restrict employees’ freedom and they become alienated form the organization.