CIA Part 1 - Glossary Definitions

Description

CIA Internal Audit Flashcards on CIA Part 1 - Glossary Definitions, created by David Brink on 24/01/2018.
David Brink
Flashcards by David Brink, updated more than 1 year ago
David Brink
Created by David Brink almost 7 years ago
104
1

Resource summary

Question Answer
Abuse Abuse occurs when the conduct of an activity or function falls short of expectations for prudent behavior. Abuse is distinguished from noncompliance in that abuse conditions may not directly violate laws or regulations. Abuse activities may be within the letter of the laws and regulations but violate either their spirit or the more general standards of impartial and ethical behavior.
Activity Reports Activity reports of the internal auditing department highlight significant audit findings and recommendations and inform senior management and the board of any significant deviations from approved audit work schedules, staffing plans, and financial budgets, and the reasons for them.
Add Value The internal audit activity adds value to the organization (and its stakeholders) when it provides objective and relevant assurance, and contributes to the effectiveness and efficiency of governance, risk management, and control processes.
Adequate Control Adequate control is a level of control that is present if management has planned and organized in a manner that provides reasonable assurance that the organization's risks have been managed effectively and that the organization's goals and objectives will be achieved efficiently and economically.
Alternative Risk-Transfer Tools Captive Insurance Methods Financial Insurance Contracts Multiline/multiyear Insurance contracts Multiple-trigger policies Risk Securitization
Captive Insurance Methods A noninsurance firm is created for the purpose of accepting the risk of a parent firm who owns an insurer. Here, a parent firm establishes a subsidiary (called captive insurance company) to finance it's retained losses. Captives combine risk transfer and risk retention.
Financial Insurance Contracts These contracts are based on spreading risk over time, as opposed to across a pool of similar exposures. These contracts usually involve sharing of the investment returns between the insurer and the insured.
Multiline/Multiyear Insurance Contracts These contracts combine a broad array of risks (multiline) into a contract with a policy period that extends over multiple years (multiyear). For example, a pure risk may be combined with a financial risk.
Multiple-Trigger Policies These policies reflect the source of the risk and are not as important as the impact of the risk on the earnings of the firm. A pure risk is combined with a financial risk. The policy is "triggered," and payment is made, only upon the occurrence of an adverse event.
Risk Securitization This method involves the creation of securities, such as bonds, or derivatives contracts, options, swaps, or futures, that have a payout or price movement linked to an insurance risk. Examples include catastrophe options, earthquake bonds, catastrophe bonds, and catastrophe equity puts.
Analytical Procedures Analytical auditing procedures are performed by studying and comparing relationships among both financial and nonfinancial information. The application of analytical auditing procedures is based on the premise that, in the absence of known conditions to the contrary, relationships among information may reasonably be expected to exist and continue. Examples of contrary conditions include unusual or nonrecurring transactions or events; accounting, organizational, operational, environmental, and technological changes; inefficiencies; ineffectiveness; errors; irregularities; or illegal acts.
Anecdotal Records Such records constitute a description or narrative of a specific situation or condition.
Appreciation Appreciation means the ability to recognize the existence of problems or potential problems and to determine the further research to be undertaken or the assistance to be obtained.
Assurance Maps Organization-wide and coordinated exercises involving mapping assurance coverage provided by multiple parties against the key risks facing the organization so that duplicate efforts, missed risks, and potential gaps can be identified and monitored. The chief audit executive, senior management, and the board need assurance maps to ensure proper coordination among diverse risk activities.
Assurance Services These services are an objective examination of evidence for the purpose of providing an independent assessment of governance, risk management, and control processes for the organization. Examples may include financial, performance, compliance, system security, and due diligence engagements.
Attribute Characteristic that describes a person, thing or event. It is an inherent quality that an item either has or does not have.
Attribute Listing Emphasizes the detailed observation of each particular characteristic or quality of an item or situation. Attempts are then made to profitably change the characteristic or to relate it to a different item.
Attribute Sampling Measurement or evaluation of the selected sampling units to determine whether they have the attribute of interest, and the computation of some statistical measure (statistic) from these measurements to estimate the proportion of the population that has the attribute.
Auditable Activities Consist of those subjects, units, or systems that are capable of being defined and evaluated. Auditable activities may include: 1. Policies, procedures, and practices 2. cost centers, profit centers, and investment centers 3. general ledger account balances 4. information systems (manual and computerized) 5. major contracts and programs 6. organizational units such as product service lines 7. functions such as information technology, purchasing, marketing, production, finance, accounting, and human resources 8. transaction systems for activities such as sales, collection, purchasing, disbursement, inventory and cost accounting, production, treasury, payroll, and capital assets 9. financial statements 10. laws and regulations
Auditee includes any individual, unit, or activity of the organization that is audited.
Audit objectives are broad statements developed by internal auditors and define intended audit accomplishments.
Show full summary Hide full summary

Similar

2.2 Risk Mitigation Planning, Strategies and Controls
DJ Perrone
CCNA Security 210-260 Section 1 Network Attack Fundamentals
Jacob Gratton
Sarbanes-Oxley and Beyond
zefanya.emanuel
COSO (Comm.of Sponsoring Org. of the Treadway Commission)
Mark Anthony Pusing
Network Security Vocabulary
Shantal K Green
Internal Audit CH. 1 - 4
abbey robb
Ascesa al potere hitler
Alessandra CORSOF
MTA Security Terms & Notes (1)
Shantal K Green
QUALIFIED INTERNAL AUDITOR
Mark Anthony Pusing
Sarbanes-Oxley and Beyond
andy mor