Independence & Objectivity of Internal Auditors please refer... Case Study: Enron and Arthur Andersen

Independence & Objectivity of Internal Auditors  please refer...

 Case Study: Enron and Arthur Andersen

The Enron scandal serves as a stark reminder of the consequences that can arise when independence and objectivity are compromised. Arthur Andersen, the auditing firm responsible for Enron's financial statements, failed to maintain independence and objectivity, leading to catastrophic consequences for both the company and the auditing profession. The case highlighted the importance of stringent measures and ethical guidelines to prevent conflicts of interest and ensure the integrity of public company audits.

Ensuring independence and objectivity in public company audits is vital for upholding the accuracy and integrity of financial reporting. By implementing measures such as rotational policies, robust oversight, and restrictions on non-audit services, auditors can minimize the risk of bias and conflicts of interest. Effective communication and consultation further enhance the objectivity of auditors, enabling them to provide reliable and unbiased assessments.

This article ✍️ helpful for cia part 1 students.. please respond with your comments, queries...Sure i will help you.

Regards from Prof Mahaley Head Gmsisuccess Mumbai 

www.gmsisuccess.in

Guideline for attempting the CIA Part 1 exam confidently!

Guideline for attempting the CIA Part 1 exam confidently:

Pre-Exam Preparation

Before starting the exam, make sure you:

1. *Read the instructions carefully*: Understand the exam format, time limit, and any specific instructions.

2. *Plan your time*: Allocate time for each section and question based on their complexity and your familiarity with the topic.

3. *Stay calm and focused*: Take deep breaths, and try to relax.

First Hour Strategy (40+ MCQ)

During the first hour, focus on attempting simple and understandable questions first:

1. *Quickly scan the questions*: Identify questions that are straightforward and easy to understand.

2. *Attempt 40+ MCQ*: Focus on completing at least 40 simple questions within the first hour.

3. *Use the process of elimination*: Eliminate obviously incorrect options to increase your chances of selecting the correct answer.

4. *Mark questions for review*: If you're unsure about a question, mark it for review and come back to it later.

Second and Third Hour(starting )Strategy

After completing the simple questions, move on to more complex questions:

1. *Tackle moderate-level questions*: Attempt questions that require more analysis and critical thinking.

2. *Use your knowledge and experience*: Apply your knowledge of internal auditing concepts, standards, and best practices to answer questions.

3. *Manage your time effectively*: Allocate time for each question based on its complexity and your familiarity with the topic.

Final 30 Minutes Strategy

During the final 30 minutes, focus on:

1. *Reviewing marked questions*: Go back to questions you marked for review and attempt to answer them.

2. *Checking your work*: Review your answers to ensure you've selected the correct option.

3. *Making educated guesses*: If you're unsure about a question, make an educated guess based on your knowledge and experience.

Additional Tips

1. *Stay focused and calm*: Take breaks if needed, and try to relax.

2. *Use the exam software effectively*: Familiarize yourself with the exam software and use its features to your advantage.

3. *Don't get stuck on a question*: Move on to the next question if you're unsure or stuck.

By following these guidelines and strategies, you'll be well-prepared to tackle the CIA Part 1 exam and achieve a high score.

Students... feel free 🆓 to discuss with me.. share your views, suggestion, queries here ✍️ in comment box.. Sure i will guide you respond you within shortest possible time.

Best wishes 🍀 

Prof Mahaley

Head Gmsisuccess Mumbai Tel 9773464206

www.gmsisucces.in

Interpreting MCQ questions in the Certified Internal Auditor (CIA) Part 1 exam can be challenging. Here are some tips to help you prepare and improve your ability to interpret MCQ questions:

 Interpreting MCQ questions in the Certified Internal Auditor (CIA) Part 1 exam can be challenging. Here are some tips to help you prepare and improve your ability to interpret MCQ questions:

Understand the Exam Format and Content

Familiarize yourself with the exam format, content, and question types. The CIA Part 1 exam consists of 125 MCQs(2.5 hours or 150 minutes), covering topics such as IPPF ,internal audit standards, IIA ethics, and internal control systems with COSO COBIT,Risk Management etc 

✍️ Develop Your Analytical and Logical Reasoning Skills .....Refer GMSI Article (How to interpret MCQ Questions ⁉️)

CIA exam questions often require analytical and logical reasoning skills. Practice breaking down complex questions into simpler components, identifying key words and phrases, and evaluating the relationships between different pieces of information.

✍️ Focus on Key Topics and Concepts

Identify the most critical topics and concepts in the CIA Part 1 exam, such as:

- Internal audit standards (e.g., IPPF, IIA Standards)

- Internal audit ethics (e.g., Code of Ethics, independence and Objectivity, Integrity,confidentiality)

- COSO and COBIT frameworks

- Internal control systems (e.g., control environment, risk assessment plus Accounting Information System etc) #Refer GMSI Article for AIS,Business acumen Corporate culture etc

Concentrate your studies on these areas, and make sure you understand the key concepts, principles, and relationships.

✍️ Practice with Sample Questions and Case Studies..Refer GMSI Pre Exam Test Series Basic & Challenging mocktest,Prof Mahaleys thorough performance evaluation report sure help you to know strong &weak areas topic subtopic and also MCQ Questions ⁉️ interpretation tactics & tricks..discussed during lecture.

Utilize sample questions, case studies, and practice exams to help you develop your analytical and logical reasoning skills. This will also help you become familiar with the exam format and question types.

Some recommended resources include:

- IIA Learning System

- CIA Exam Prep Courses (e.g., GMSI Audio visual recorded lecture with pdf notes)

- Practice exams and sample questions on the IIA website plus GMSI Pre Exam Test Series Basic & Challenging.

✍️ Improve Your Reading Comprehension and Speed

CIA exam questions often require you to read and understand complex information quickly. Practice improving your reading comprehension and speed by:

- Reading technical articles and books on internal auditing and related topics,also refer GMSI Article for CIA students 

- Taking practice exams and quizzes under timed conditions

- Using techniques such as skimming, scanning, and note-taking to improve your reading efficiency

✍️ Correlate Key Words and Phrases with Option Answers.. Read regularly GMSI Article & Attend GMSI live lecture in this regard..what & how to focus..

When reading MCQ questions, identify key words and phrases that can help you correlate with the option answers. Look for:

- Action verbs (e.g., "evaluate," "assess," "recommend" &  many)

- Technical terms and concepts (e.g., "COSO," "COBIT," "internal control" &  many)

- Descriptive phrases (e.g., "in accordance with," "consistent with," "in compliance with" & many)

Use these key words and phrases to help you eliminate incorrect options and select the correct answer.

✍️ Manage Your Time Effectively

During the exam, manage your time effectively by:

- Allocating time for each question based on its complexity and your familiarity with the topic

- Using a systematic approach to read and answer questions (e.g., read the question, identify key words and phrases, eliminate incorrect options, select the correct answer)

- Avoiding spending too much time on a single question; move on to the next question and come back to it later if necessary

I hope this helps you to build up 💯 exam preparation streregy for exam success.

In next article I will guide..how to cope with MCQ Questions ⁉️ easily during the exam.

Thanks students for responding.. please write ✍️ your comments, suggestion here or text me on 9773464206 or email ✉️ gmsisuccess1@gmail.com

www.gmsisuccess.in

Pre Exam Test Series CIA Part 1 2 3

CIA Pre-Exam Test Series

Prepare for the Certified Internal Auditor (CIA) exam with our comprehensive test series. Our program helps you:

- Assess your exam readiness

- Identify strong and weak areas (topics, subtopics, concepts, terms, and question interpretation)

- Develop a study plan to improve your performance

- Boost your confidence to achieve a score of 82% or higher

Benefits of Our Test Series

- Comprehensive assessment of your knowledge and skills

- Personalized report card highlighting your strengths and weaknesses

- Guidance on when to book your exam (2024 or 2025)

- Improved chances of passing the CIA exam with a high score

Get Started Today!

Text your availability to 9773464206 or click the link below to access our free test series:

https://g.page/GMSI-Training-Centre?gm

Don't miss this opportunity to assess your CIA exam readiness and improve your chances of success!

CIA and US CMA Exam Stretegy.. how to Crack MCQ Questions ⁉️

 Stretegy to crack 400+ scale in part 1 and part 2

1.Be familiar with concepts of all topic, subtopic,even terms, phrases.

2.Don't wait for revision..once you understand topics,parellelly solve MCQ, your tutors mocktest,even essay based questions‼️ 

3.During lecture, ✍️ important terms, sentence, logical step.. don't stuck in textbook..move ahead..

4.Ask question ⁉️ queries, discuss with teachers,follow students who  respond quickly:refer their solution..

5.Solve questions from students support guide of IMA,that you will get,once you register with IMA..

6.Your confidence & exam competency build up mainly during online offline lecture, during which question answers sessions conducted..participates that.. don't miss 

7.Try to finish mocktest, before time slot allotted by teacher 

8.Memorize important types of questions, with their logical steps.. mainly variance analysis, budgetary control,joint cost,overhead allocation etc

9.Solve simulated 3hours comprehensive mocktest, before booking exam..at least 3..get your performance report.. know your possibility of wrong steps,wrong assumption,wrong application etc 

10.In main exam also..if you are confident & aggressive then..you can solve mcq in three steps..a.solve first question ⁉️ which easily click.. approx 30+questions ‼️ in first hour..next b moderately difficult 35+ in 2nd hour c.difficult , challenge or lengthy question ⁉️ in 3rd hour 

Students..Start your study with positive approach..

Best wishes..

Prof Mahaley 

Head 

Gmsisuccess 

www.Gmsisuccess.in

CIA Part 1: MCQ test: Independence Objectivity & Internal Audit Charter

 Today's MCQ mocktest. basic.. please solve, submit your answers

_Internal Audit Charter_

1. What is the primary purpose of an internal audit charter?

A) To establish the internal audit function's responsibilities and authority

B) To define the scope of internal audit activities

C) To identify the internal audit function's stakeholders

D) To outline the internal audit function's reporting requirements

Answer: 

1. Which of the following should be included in an internal audit charter?

A) Audit procedures and techniques

B) Audit scope and objectives

C) Auditor's qualifications and experience

D) Management's responsibilities and expectations

Answer: 

_Independence and Objectivity of Internal Auditor_

1. What is the primary requirement for internal auditors to maintain their independence?

A) Reporting directly to the board of directors

B) Having no operational responsibilities

C) Being free from management's influence

D) Having unlimited audit budget

Answer: 

1. Which of the following can compromise an internal auditor's objectivity?

A) Having a close relationship with management

B) Having a financial interest in the company

C) Having a family member working in the company

D) All of the above

Answer: 

_Definition of Internal Auditing as per IIA_

1. According to the IIA, what is internal auditing?

A) An independent, objective assurance and consulting activity designed to add value and improve an organization's operations

B) A management function responsible for ensuring compliance with laws and regulations

C) A financial function responsible for preparing financial statements

D) A operational function responsible for managing day-to-day activities

Answer: 

1. Which of the following is NOT a key characteristic of internal auditing as per the IIA?

A) Independence

B) Objectivity

C) Assurance

D) Management

Answer: 

www.gmsisuccess.in

How Blockchain Works?

www.gmsisuccess.com

Blockchain, sometimes referred to as Distributed Ledger Technology (DLT), makes the history of any digital asset unalterable and transparent through the use of decentralization and cryptographic hashing.  

If you have been following banking, investing, or cryptocurrency over the last ten years, you may be familiar with “blockchain,” the record-keeping technology behind the Bitcoin network. And there’s a good chance that it only makes so much sense. In trying to learn more about blockchain, you've probably encountered a definition like this: “blockchain is a distributed, decentralized, public ledger."

“Blocks” on the blockchain are made up of digital pieces of information. Specifically, they have three parts:

1. Blocks store information about transactions like the date, time, and dollar amount of your most recent purchase from Amazon. (NOTE: This Amazon example is for illustrative purchases; Amazon retail does not work on a blockchain principle as of this writing)
2. Blocks store information about who is participating in transactions. A block for your splurge purchase from Amazon would record your name along with Amazon.com, Inc. (AMZN). Instead of using your actual name, your purchase is recorded without any identifying information using a unique “digital signature,” sort of like a username.
3. Blocks store information that distinguishes them from other blocks. Much like you and I have names to distinguish us from one another, each block stores a unique code called a “hash” that allows us to tell it apart from every other block. Hashes are cryptographic codes created by special algorithms. Let’s say you made your splurge purchase on Amazon, but while it’s in transit, you decide you just can’t resist and need a second one. Even though the details of your new transaction would look nearly identical to your earlier purchase, we can still tell the blocks apart because of their unique codes.

A QUICK OVERVIEW

1. Digital assets are distributed instead of copied or transferred.
2. The asset is decentralized, allowing full real-time access.
3. A transparent ledger of changes preserves integrity of the document, which creates trust in the asset.

How Does Blockchain Work?

---

The whole point of using a blockchain is to let people — in particular, people who don't trust one another — share valuable data in a secure, tamperproof way.

— MIT Technology Review

Blockchain consists of three important concepts: blocks, nodes and miners.

How Blockchain Works

When a block stores new data it is added to the blockchain. Blockchain, as its name suggests, consists of multiple blocks strung together. In order for a block to be added to the blockchain, however, four things must happen:

1. 1. A transaction must occur. Let’s continue with the example of your impulsive Amazon purchase. After hastily clicking through multiple checkout prompt, you go against your better judgment and make a purchase. As we discussed above, in many cases a block will group together potentially thousands of transactions, so your Amazon purchase will be packaged in the block along with other users' transaction information as well.
2. 2. That transaction must be verified. After making that purchase, your transaction must be verified. With other public records of information, like the Securities Exchange Commission, Wikipedia, or your local library, there’s someone in charge of vetting new data entries. With blockchain, however, that job is left up to a network of computers. When you make your purchase from Amazon, that network of computers rushes to check that your transaction happened in the way you said it did. That is, they confirm the details of the purchase, including the transaction’s time, dollar amount, and participants. (More on how this happens in a second.)
3. 3. That transaction must be stored in a block. After your transaction has been verified as accurate, it gets the green light. The transaction’s dollar amount, your digital signature, and Amazon’s digital signature are all stored in a block. There, the transaction will likely join hundreds, or thousands, of others like it.
4. 4. That block must be given a hash. Not unlike an angel earning its wings, once all of a block’s transactions have been verified, it must be given a unique, identifying code called a hash. The block is also given the hash of the most recent block added to the blockchain. Once hashed, the block can be added to the blockchain.

Blockchain vs. Bitcoin

1. The goal of blockchain is to allow digital information to be recorded and distributed, but not edited. That concept can be difficult to wrap our heads around without seeing the technology in action, so let’s take a look at how the earliest application of blockchain technology actually works.

   Blockchain technology was first outlined in 1991 by Stuart Haber and W. Scott Stornetta, two researchers who wanted to implement a system where document timestamps could not be tampered with. But it wasn’t until almost two decades later, with the launch of Bitcoin in January 2009, that blockchain had its first real-world application.

   The Bitcoin protocol is built on the blockchain. In a research paper introducing the digital currency, Bitcoin’s pseudonymous creator Satoshi Nakamoto referred to it as “a new electronic cash system that’s fully peer-to-peer, with no trusted third party.”

KEY TAKEAWAYS

1. • Blockchain technology underlies cryptocurrency networks, and it may also be used in a wide variety of other applications as well.
   • Blockchain networks combine private key technology, distributed networks and shared ledgers.
   • Confirming and validating transactions is a crucial function of the blockchain for a cryptocurrency.

   

Accounting Information Systems and Internal Control:

www.gmsisuccess.com

 The accounting information systems that company's use to pull all of this wonderful accounting information together and make it available to internal and external users.  We will also learn about the internal controls that are built into the accounting information system to ensure the reliability of the financial information, the effectiveness and efficiency of operations and the company's compliance with applicable laws and regulations.  Therefore, a good system of internal control will help reduce errors and irregularities, and help minimize the "opportunity" to commit fraud.

There are a few reasons why treats to accounting information systems are increasing. The first reason is that information available is to an unprecedented number of workers. Besides, information on distributed computer networks is hard to control. Information is often distributed among many systems and thousands of employees. Customers and suppliers have access to each other’s systems and data.

Any potential adverse occurrence is called a threat or an event. The potentially dollar loss from a threat is called the exposure or impact. The probability that it will happen is called the likelihood of the threat.

Internal control is the process implemented to provide reasonable assurance that the following control objectives are achieved. It is a process because it permeates an organization’s activities and is an integral part of management activities. Internal control provides reasonable assurances. Complete assurance is difficult to achieve and prohibitively expensive.

Internal control perform three important functions:

1. Preventive controls deter problems before they arise.
2. Detective controls discover problems that are not prevented.
3. Corrective controls identify and correct problems as well as correct and recover from the resulting errors.

Internal controls are often segregated into two categories

1. General controls. This type of control makes sure an organization’s control environment is stable and well managed.
2. Application controls. This type of control makes sure transactions are processed correctly.

A Harvard business professor has espoused four levels of control to help management reconcile the conflict between creativity and controls.

• Belief system. This system describes how the company creates value and helps the employees understand the management’s vision.
• Boundary system. This system helps employees act ethically by setting boundaries on employee behavior.
• Diagnostic control system. This type of system measures, monitors, and compares actual company progress to budgets and performance goals.
• Interactive control system. This system helps managers to focus on key strategic issues and to be more involved in decisions.

The Foreign Corrupt Practices Act (FCPA) was passes to prevent companies from bribing foreign officials to obtain business. In the last 75 years, the SOX is the most important business-oriented legislation. After the SOX was passed, the SEC mandated that management must base its evaluation on a recognized control framework. They also must disclose all material internal control weaknesses and must conclude that a company does not have effective financial reporting internal controls if there are material weaknesses.

There are three frameworks used to develop internal control systems.

• COBIT framework. The ISACA developed Control Objectives for Information and Related Technology (COBIT) framework. This framework addresses control from three vantage points.
  • Business objectives. This is to satisfy business objectives.
  • IT resources. These includes people, application systems, technology, facilities and data.
  • IT processes. These are broken in four domains: planning & organization, acquisition & implementation, delivery & support and monitoring & evaluation.
• The Committee of Sponsoring Organizations (COSO) consist of a few organizations. The COSO issued internal control – integrated framework (IC), which is widely accepted as the authority on internal controls and is incorporated into policies, rules, and regulations used to control business activities.
• COSO developed another control framework to improve the risk management process. It’s called Enterprise Risk Management – Integrated Framework (ERM). ERM is the process the board of directors and management use to set strategy, identify events that may affect the entity, assess management risks, and provide reasonable assurances that the company achieves its objectives and goals.

The internal environment, or company culture, influences how organizations establish strategies and objectives and structure business activities. A weak or deficient internal environment often results in breakdowns in risk management and control. An internal environment control consists of the following:

• Management’s philosophy, operating style, and risk appetite
• The board of directors
• Commitment to integrity, ethical values, and competence
• Organizational structure
• Methods of assigning authority and responsibility
• Human resource standards
• External influences

Companies have a risk appetite, which is the amount of risk they are willing to accept to achieve their goals. To avoid undue risk, the risk appetite must be in alignment with company strategy. The more responsible management’s philosophy and operating style, the more clearly they are communicated, the more likely employees will behave responsibly.

An involved board of directors represents shareholders and provides an independent review of management that acts as a check and balance on its actions. Public companies has an audit committee of outside, independent directors. The audit committee is responsible for financial reporting, regulatory compliance, internal control and hiring and overseeing internal and external auditors.

The policy and procedures manual explains proper business practices, describes needed knowledge and experience, explains document procedures, explains how to handle transactions, and lists the resources provide to carry out specific duties. The manual includes the chart of accounts and copies of forms and documents. It is a helpful tool for both current employees and new employees.

Employees should be hired based on educational background, experience, achievements, honesty and integrity, and meeting written job requirements. Sometimes there is a background check. A thorough background check includes talking to references, checking for a criminal record, examining credit records, and verifying educating and work experience.

One of the greatest control strengths is the honesty of the employees. Policies should convey the required level of expertise, competence, ethical behavior and integrity required. The following policies and procedures are important.

• Hiring
• Compensating, evaluating and promoting
• Managing disgruntled employees
• Discharging
• Vacations and rotation of duties
• Confidentiality agreements and fidelity bond insurance
• Prosecute and incarcerate perpetrators

Objective setting is the second ERM component. Management determines what the company hopes to achieve, often referred to as the corporate vision or mission. The company determines what must go right to achieve the objectives and establishes performance measures to determine whether they are met.

• Strategic objectives
• Operation objectives
• Reporting objectives
• Compliance objectives

The risks of an identified event are assessed in several different ways.

Inherent risks exists before management takes any steps to control the likelihood or impact of an event.

The residual risk is what remains after management implements internal controls or some other response to risk. Companies should assess inherent risk, develop a response, and then assess residual risk.

Management can respond to risk in one of four ways

• Reduce the likelihood and impact of risk by implementing internal controls
• Accept the likelihood and impact of the risk
• Share risk or transfer it to someone else
• Avoid risk by not engaging in the activity that produces the risk

Accountants and systems designers help management design effective control systems to reduce inherent risk. They also evaluate internal control systems to ensure that they are operating effectively.

One way to estimate the value of the internal controls involves the expected loss, the mathematical product of impact and likelihood.

Expected loss = impact x likelihood

The value of a control procedure is the difference between the expected loss with the control procedure and the expected loss without it.

Control activities are policies and procedures that provide reasonable assurance that control objectives are met and risk responses are carried out. It is management’s responsibility to develop a secure and adequately controlled system.

Controls are much more effective when placed in the system as it is built, rather than as an afterthought. Managers need to involve systems analysts, designers, and end users when designing computer-based control systems.

Control procedures fall into the following categories

• Proper authorization of transactions and activities
• Segregation of duties
• Project development and acquisition controls
• Change management controls
• Design and use of documents and records
• Safeguarding assets, records and data
• Independent checks on performance

Because management lacks the time and resources to supervise each company activity and decision, it establish policies for employees to follow and then empowers them. This empowerment, called authorization, is an important control procedure. Authorization are often documented by signing, initializing, or entering an authorization code on a document.

Computer systems can record a digital signature, a means of signing a document with data that cannot be forged.

Certain activities or transactions may be of such consequence that management grants specific authorization for them to occur. In contrast, there is a procedure known as general authorization. This is without special approval.

Good internal control requires that no single employee be given too much responsibility over business transactions and processes. An employee should not be in a position to commit and conceal fraud. Segregation of duties is discussed in two separate sections: segregation of accounting duties and segregation of system duties.

Effective segregation of accounting duties is achieved when the following functions are separated (see also figure 7.3 on page 217).

• Authorization: approving transactions and decisions
• Recording: preparing source documents
• Custody: handling cash, tools, inventory, or fixed assets

With Segegration of system duties, authority and responsibility should be divided clearly among the following functions

• Systems administration: make sure all information system components operate smoothly and efficiently.
• Network management: ensure that devices are linked to the organization’s internal and external networks.
• Security management: makes sure that systems are secured and protected from internal and external threats.
• Change management: is the process of making sure that changes are made smoothly and efficiently.
• Users: record transactions, authorize data to be processed and use system output.
• Programming: take the analyst’ design and create a system
• Computer operations: run the software on the company’s computers.
• Information system library: maintains custody of corporate databases, files and programs in a separate storage area.
• Data control

Important system development controls are the following

1. A steering committee. This committee guides and oversees systems development and acquisition.
2. A strategic masterplan. This is a plan developed and updated every year to align an organization’s information system with its business strategies.
3. A project development plan. This is a plan that shows the tasks to be performed, who will perform them, project costs, completion dates, and project milestones.
4. A data processing schedule. This schedule shows when each task should be performed.
5. System performance measurements. These are established to evaluate the system. Measurements include throughput, utilization and response time.
6. A post-implementation review. This review is performed after a development project is completed to determine whether the anticipated benefits were achieved.

Some companies hire a systems integrator to manage a systems development effort involving its own personnel, its client, and other vendors. Companies using systems integrators should use the same project management processes and controls as internal projects. They should develop clear specifications and monitor the project.

Independent checks on performance, done by someone other than the person who performs the original operation, help ensure that transactions are processed accurately. They include the following:

• Top level reviews.
• The management should monitor company results and periodically compare actual company performance to a planned, prior period or competitor’s performance.
• Analytical reviews.
• This is an examination of the relationship between different sets of data.
• Reconciliation of independently maintained records.
• Records should be reconciled to documents or records with the same balance.
• Comparison of actual quantities with recorded amounts.
• Significant assets are periodically counted and reconciled to company records.
• Double-entry accounting.
• The maximum that debits equal credits provides numerous opportunities for independent checks.
• Independent review.
• After a transaction is processes, a second person reviews the work of the first, checking for proper authorization etc.

Information and communication constitute the seventh component of the ERM and is also a very important component in the accounting information system. This relates directly to the primary purpose of an AIS, which is to gather, record, process, store, summarize, and communicate information about an organization.

An audit trail allows transactions to be traced back and forth between their origination and de financial statements.

Accounting systems generally consists of seven subsystems, each designed to process a particular type of transaction using the same sequence of procedures, called accounting circles.

ERM processes must be continuously monitored and modified as needed, and deficiencies must be reported to management. Key methods of monitoring performance include the following:

• Perform ERM evaluations.
• The effectiveness is measured using a formal or a self-assessment ERM evaluation.
• Implement effective supervision.

This involves training and assisting employees, monitoring their performance, correcting errors, and overseeing employees who have access to assets.

• Use responsibility accounting systems.
• This systems include budgets, quotas, schedules, standard costs, and quality standards.
• Monitor system activities.
• For example risk analysis and management software packages review computer and network security measures, detect illegal access, test for weaknesses and vulnerabilities, report weaknesses found and suggests also improvements. The software also monitors and combats viruses, spyware, adware, spam etc.
• Track purchased software and mobile devices

The business software alliance (BSA) tracks down and fines companies that violate software license agreements. The increasing number of mobile devices should be tracked and monitored, because their loss could represent a substantial exposure.

• Conduct periodic audits.
• External, internal and network securities audits can assets and monitor risk as well as detect fraud and errors. Informing employees of audits helps resolve privacy issues, deters fraud, and reduces erros. Auditors should regularly test susyem controls and periodically browse system usage files looking voor suspicious activities.
• Employee a computer security officer and a chief compliance officer.
• A computer security officer (CSO) is in charge of system security, independent of the information system function and reports to the chief operating officer (COO) of the CEO.
• Engage forensic specialists

Forensic investigators who specialize in fraud are a fast-growing group in the accounting profession. Computer forensics specialists discover, extract, safeguard and document computer evidence such that its authenticity, accuracy, and integrity will not succumb to legal challenges.

• Install fraud detection software
• Neural networks are programs with learning capabilities. These networks can accurately identify fraud.
• Implement a fraud hotline.
• A fraud hotline is an effective way to comply with the law and resolve whistle-blower conflict.