Control Objective for Information and Research Technology
What does "COBIT" stand for?
1. A False Statement, Representation, or Disclosure
2. Material Fact
3. Intent to Deceive
4. Justifiable Reliance
5. Injury or loss suffered by the victim
Legally, for an act to be fraudulent there must be:
1. Base it's evaluation on a recognized control framework
2. Disclose all material internal control weakness
3. Conclude that a company does not have effective financial reporting internal controls if there are material weakness
After SOX was passed, the SEC mandated that management must:
1. Reduce (the likelihood and impact of risk)
2. Accept (the likelihood and impact of the risk)
3. Share (risk or transfer it to someone else by buying insurance, outsourcing an activity, or entering into hedging transaction
4. Avoid (risk by not engaging
What are the four responses to risk?