Executive's Guide to COSO Internal Controls : Understanding and Implementing the New Framework.
Robert R. Moeller
Bok Engelsk 2013 · Electronic books.
| Omfang | 1 online resource (316 pages)
|
|---|---|
| Utgave | 1st ed.
|
| Opplysninger | Intro -- Executive's Guide to COSO Internal Controls -- Contents -- Preface -- CHAPTER ONE Importance of the COSO Internal Control Framework -- THE IMPORTANCE OF ENTERPRISE INTERNAL CONTROLS -- WHAT ARE ENTERPRISE INTERNAL CONTROLS? -- UNDERSTANDING THE COSO INTERNAL CONTROL FRAMEWORK: HOW TO USE THIS BOOK -- CHAPTER TWO How We Got Here: Internal Control Background -- EARLY DEFINITIONS OF INTERNAL CONTROLS: FOREIGN CORRUPT PRACTICES ACT OF 1977 -- THE FCPA AND INTERNAL CONTROLS TODAY -- EVENTS LEADING UP TO THE TREADWAY COMMISSION -- EARLIER AICPA AUDITING STANDARDS: SAS NOS. 55 AND 78 -- THE TREADWAY COMMITTEE REPORT -- THE ORIGINAL COSO INTERNAL CONTROL FRAMEWORK -- THE SARBANES-OXLEY ACT AND INTERNAL ACCOUNTING CONTROLS -- Title I: Public Company Accounting Oversight Board -- Title II: Auditor Independence -- SOx Title III: Corporate Responsibility -- Title IV: Enhanced Financial Disclosures -- Title V: Analyst Conflicts of Interest -- Titles VI through X: Fraud Accountability and White-Collar Crime -- Title XI: Corporate Fraud Accountability -- NOTES -- CHAPTER THREE COSO Internal Controls: The New Revised Framework -- UNDERSTANDING INTERNAL CONTROLS -- REVISED FRAMEWORK BUSINESS AND OPERATING ENVIRONMENT CHANGES -- External Financial Reporting Objectives -- Internal Control Operations Objectives -- Internal Control Compliance Objectives -- Overlapping Internal Control Objectives -- THE REVISED COSO INTERNAL CONTROL FRAMEWORK -- COSO INTERNAL CONTROL PRINCIPLES -- COSO OBJECTIVES AND BUSINESS OPERATIONS -- SOURCES FOR MORE INFORMATION -- CHAPTER FOUR COSO Internal Control Components: Control Environment -- IMPORTANCE OF THE CONTROL ENVIRONMENT -- CONTROL ENVIRONMENT PRINCIPLE 1: INTEGRITY AND ETHICAL VALUES -- Establishing an Enterprise Code of Conduct -- Affirming Adherence to the Code of Conduct -- Code Violations and Corrective Actions.. - CHAPTER ELEVEN COSO Legal, Regulatory, and Compliance Objectives -- IMPORTANCE OF ENTERPRISE COMPLIANCE CONTROLS -- REGULATORY COMPLIANCE CONTROL ISSUES -- INTERNAL CONTROLS AND LEGAL ISSUES -- COMPLIANCE WITH PROFESSIONAL AND OTHER STANDARDS -- CHAPTER TWELVE Internal Control Entity and Organizational GRC Relationships -- INTERNAL CONTROLS FROM AN ORGANIZATIONAL GRC PERSPECTIVE -- ENTERPRISE GOVERNANCE OVERALL CONCEPTS -- Enterprise Governance and Internal Controls -- GRC Risk Management Components -- BUSINESS ENTITY-LEVEL INTERNAL CONTROLS -- The Importance of the Tone at the Top -- Mission Statements -- Enterprise-Wide Codes of Conduct -- DIVISIONAL AND FUNCTIONAL UNIT INTERNAL CONTROLS -- DEPARTMENT- AND UNIT-LEVEL INTERNAL CONTROLS -- ORGANIZATION AND GRC CONTROLS IN PERSPECTIVE -- NOTE -- CHAPTER THIRTEEN COSO, Service Management, and Effective IT Controls -- IMPORTANCE OF IT GENERAL CONTROLS -- IT GOVERNANCE GENERAL CONTROLS -- IT MANAGEMENT GENERAL CONTROLS -- IT Standards -- IT Organization and Management -- IT Physical and Environmental System General Controls -- CLIENT-SERVER AND SMALLER SYSTEMS GENERAL IT CONTROLS -- ITIL SERVICE MANAGEMENT BEST PRACTICES -- Financial Management for IT Services -- Service Delivery Service Level Management -- Service Delivery Capacity Management -- Service Delivery Availability Management -- SERVICE DELIVERY BEST PRACTICES -- NOTES -- CHAPTER FOURTEEN Cloud Computing, Virtualization, and Wireless Networks -- INTERNAL CONTROLS FOR IT WIRELESS NETWORKS -- Key Components of an IT Wireless System -- Wireless Network Security Concerns -- CLOUD COMPUTING AND COSO INTERNAL CONTROLS -- Reviewing Cloud Computing Application Controls -- Cloud Computing Security and Privacy Challenges -- STORAGE MANAGEMENT VIRTUALIZATION -- COSO INTERNAL CONTROLS AND NEWER TECHNOLOGIES -- NOTE.. - CHAPTER FIFTEEN Another Framework: COSO ERM -- ERM DEFINITIONS AND THE ERM PORTFOLIO VIEW OF RISK -- THE COSO ERM FRAMEWORK MODEL -- COSO ERM Components: Internal Environment -- COSO ERM Components: Objective Setting -- COSO ERM Components: Event Identification -- COSO ERM: Risk Assessment Components -- COSO ERM Components: Risk Response -- COSO ERM Components: Control Activities -- COSO ERM Components: Information and Communication -- COSO ERM Components: Monitoring -- OTHER DIMENSIONS OF THE ERM FRAMEWORK -- COSO ERM AND THE REVISED INTERNAL CONTROL FRAMEWORK -- NOTES -- CHAPTER SIXTEEN Understanding and Using COBIT -- AN EXECUTIVE'S INTRODUCTION TO COBIT -- COBIT Principle 1: Meeting Stakeholder Needs -- COBIT Principle 2: Covering the Enterprise End to End -- COBIT Principle 3: Applying a Single Integrated Architecture Framework -- COBIT Principle 4: Enabling a Holistic Approach -- COBIT Principle 5: Separating Governance from Management -- USING COBIT TO ASSESS ENTERPRISE INTERNAL CONTROLS -- MAPPING COBIT TO COSO INTERNAL CONTROLS -- NOTES -- CHAPTER SEVENTEEN ISO Internal Control and Risk Management Standards -- BACKGROUND AND IMPORTANCE OF ISO STANDARDS IN A GLOBAL COMMERCE WORLD -- ISO STANDARDS OVERVIEW -- ISO 9001 Quality Management Systems -- ISO IT Security Standards: ISO 27002 -- IT Security Technique Requirements: ISO 27001 -- Service Quality Management: ISO 2000 -- ISO STANDARDS AND THE COSO INTERNAL CONTROL FRAMEWORK -- NOTES -- CHAPTER EIGHTEEN COSO Internal Controls in the Board Room -- BOARD DECISIONS AND INTERNAL CONTROL PROCESSES -- BOARD ORGANIZATION AND GOVERNANCE RULES -- CORPORATE CHARTERS AND THE BOARD COMMITTEE STRUCTURE -- THE AUDIT COMMITTEE AND MANAGING INTERNAL CONTROLS -- BOARD MEMBER INTERNAL CONTROL KNOWLEDGE REQUIREMENTS -- COSO INTERNAL CONTROLS AND CORPORATE GOVERNANCE -- NOTES.. - CHAPTER NINETEEN Service Organization Control Reports and COSO Internal Controls.. - CONTROL ENVIRONMENT PRINCIPLE 2: ROLE OF THE BOARD OF DIRECTORS -- CONTROL ENVIRONMENT PRINCIPLE 3: THE NEED FOR AUTHORITY AND RESPONSIBILITY -- CONTROL ENVIRONMENT PRINCIPLE 4: HUMAN RESOURCE STRENGTHS -- Commitment to Competence -- Attracting, Developing, and Retaining Individual Employees and Stakeholders -- Planning and Preparing for Personnel Succession -- CONTROL ENVIRONMENT PRINCIPLE 5: INDIVIDUAL INTERNAL CONTROL RESPONSIBILITIES -- Accounting for Internal Controls -- Performance Measures, Incentives, and Rewards -- COSO CONTROL ENVIRONMENT IN PERSPECTIVE -- CHAPTER FIVE COSO Internal Control Components: Risk Assessment -- RISK ASSESSMENT COMPONENT PRINCIPLES -- RISK IDENTIFICATION AND ANALYSIS -- RISK RESPONSE STRATEGIES -- FRAUD RISK ANALYSIS -- COSO RISK ASSESSMENT AND THE REVISED INTERNAL CONTROL FRAMEWORK -- NOTES -- CHAPTER SIX COSO Internal Control Components: Control Activities -- COSO CONTROL ACTIVITY PRINCIPLES -- Control Activity Principles: Integration with Risk Assessment -- Enterprise-Specific Control Activity Factors -- Business Process Control Activities -- Types of Transaction Control Activities -- Control Activity Principles: Selection and Development of General IT Controls -- Control Activity Technology General Controls -- Security Management Processes -- Technology Acquisition, Development, and Maintenance Processes -- Control Activity Principles: Policies and Procedures -- COSO CONTROL ACTIVITIES TODAY -- CHAPTER SEVEN COSO Internal Control Components: Information and Communication -- INFORMATION AND COMMUNICATIONS: WHAT HAS CHANGED? -- INFORMATION AND COMMUNICATION PRINCIPLE 1: USE OF RELEVANT INFORMATION -- Information from Relevant Sources -- Processing Data through Information Systems -- Importance of Information Quality -- INFORMATION AND COMMUNICATION PRINCIPLE 2: INTERNAL COMMUNICATIONS.. - Internal Control Communication -- Communication beyond Normal Channels -- Methods of Communication -- INFORMATION AND COMMUNICATION PRINCIPLE 3: EXTERNAL COMMUNICATIONS -- Inbound Communications -- Communications beyond Normal Channels -- THE IMPORTANCE OF COSO INFORMATION AND COMMUNICATION -- NOTES -- CHAPTER EIGHT COSO Internal Control Components: Monitoring Activities -- IMPORTANCE OF COSO MONITORING INTERNAL CONTROL ACTIVITIES -- COSO MONITORING PRINCIPLE 1: CONDUCT ONGOING AND SEPARATE EVALUATIONS -- Ongoing Evaluation Processes -- Separate Monitoring Evaluations -- COSO MONITORING PRINCIPLE 2: EVALUATE AND COMMUNICATE DEFICIENCIES -- Communication of Monitoring Findings -- Reporting to Senior Management and the Board of Directors -- COSO INTERNAL CONTROL MONITORING IN PERSPECTIVE -- NOTE -- CHAPTER NINE COSO Internal Control GRC Operations Controls -- COSO OPERATIONS OBJECTIVES -- PLANNING AND BUDGETING OPERATIONS CONTROLS -- Operations Goals -- Budgeting and Budget Performance Monitoring -- IT SYSTEMS OPERATIONS CONTROLS -- IT Policy and Governance Controls -- IT Standards -- IT Management and Organization Controls -- IT Physical and Environmental Controls -- IT Systems Software Controls -- IT System Development and Application Controls -- OPERATIONS PROCEDURE CONTROLS AND SERVICE CATALOGS -- IMPORTANCE OF COSO OPERATIONS CONTROLS -- NOTE -- CHAPTER TEN COSO Reporting Processes -- COSO REPORTING OBJECTIVES -- COSO EXTERNAL FINANCIAL REPORTING CONTROLS -- COSO INTERNAL FINANCIAL REPORTING CONTROLS -- Document Imaging -- Document and Report Library Services -- Reporting Control Workflow Technologies -- Document Forms Processing Internal Controls -- Application Records Management Reporting Controls -- COSO EXTERNAL NONFINANCIAL REPORTING CONTROLS -- COSO INTERNAL NONFINANCIAL REPORTING CONTROLS -- IMPORTANCE OF COSO REPORTING CONTROLS -- NOTE.. - Essential guidance on the revised COSO internal controls framework Need the latest on the new, revised COSO internal controls framework? Executive's Guide to COSO Internal Controls provides a step-by-step plan for installing and implementing effective internal controls with an emphasis on building improved IT as well as other internal controls and integrating better risk management processes. The COSO internal controls framework forms the basis for establishing Sarbanes-Oxley compliance and internal controls specialist Robert Moeller looks at topics including the importance of effective systems on internal controls in today's enterprises, the new COSO framework for effective enterprise internal controls, and what has changed since the 1990s internal controls framework. Written by Robert Moeller, an authority in internal controls and IT governance Practical, no-nonsense coverage of all three dimensions of the new COSO framework Helps you change systems and processes when implementing the new COSO internal controls framework Includes information on how ISO internal control and risk management standards as well as COBIT can be used with COSO internal controls Other titles by Robert Moeller: IT Audit, Control, and Security, Executives Guide to IT Governance Under the Sarbanes-Oxley Act, every corporation has to assert that their internal controls are adequate and public accounting firms certifying those internal controls are attesting to the adequacy of those same internal controls, based on the COSO internal controls framework. Executive's Guide to COSO Internal Controls thoroughly considers improved risk management processes as part of the new COSO framework; the importance of IT systems and processes; and risk management techniques.
|
| Emner | |
| Sjanger | |
| Dewey | |
| ISBN | 9781118813775
|
| ISBN(galt) |
