Internal Controls Framework
Expert-defined terms from the Compliance and Regulatory Auditing course at London School of Planning and Management. Free to read, free to share, paired with a professional course.
Acceptable Risk #
This term refers to the level of risk that an organization is willing to accept in order to achieve its objectives, it is also known as residual risk or tolerated risk. Acceptable risk is a key concept in the Internal Controls Framework, as it helps organizations to balance the need to manage risk with the need to achieve their objectives. Related terms include risk assessment and risk management.
Accountability #
This term refers to the responsibility of individuals or organizations to answer for their actions, it is a key concept in the Internal Controls Framework. Accountability is essential in ensuring that individuals and organizations are answerable for their actions, and that they are held accountable for any failures or shortcomings. Related terms include transparency and governance.
Audit Committee #
This term refers to a committee that is responsible for overseeing the audit process and ensuring that the organization is compliant with relevant laws and regulations. The audit committee plays a key role in the Internal Controls Framework, as it helps to ensure that the organization's internal controls are effective and that the organization is managing risk effectively. Related terms include audit and compliance.
Audit Risk #
This term refers to the risk that an auditor will fail to detect a material misstatement in the financial statements, it is a key concept in the Internal Controls Framework. Audit risk is composed of inherent risk, control risk, and detection risk. Related terms include risk assessment and risk management.
Audit Trail #
This term refers to a record of all transactions and events that have occurred within an organization, it is a key concept in the Internal Controls Framework. The audit trail provides a clear and transparent record of all transactions and events, and helps to ensure that the organization is compliant with relevant laws and regulations. Related terms include transaction and event.
Authorization #
This term refers to the approval or permission that is required before a transaction or event can occur, it is a key concept in the Internal Controls Framework. Authorization is essential in ensuring that transactions and events are legitimate and authorized, and that the organization is compliant with relevant laws and regulations. Related terms include approval and permission.
Availability #
This term refers to the ability of an organization to access and use its resources and information, it is a key concept in the Internal Controls Framework. Availability is essential in ensuring that the organization can operate effectively and efficiently, and that it can achieve its objectives. Related terms include access and use.
Awareness #
This term refers to the knowledge and understanding of risk and internal controls within an organization, it is a key concept in the Internal Controls Framework. Awareness is essential in ensuring that individuals and organizations are aware of the risk and controls that are in place, and that they can take steps to manage risk and improve internal controls. Related terms include risk awareness and control awareness.
COBIT #
This term refers to the Control Objectives for Information and Related Technology, it is a framework for governance and management of information technology. COBIT is a key concept in the Internal Controls Framework, as it provides a structured approach to governance and management of information technology. Related terms include governance and management.
Compliance #
This term refers to the adherence to relevant laws and regulations, it is a key concept in the Internal Controls Framework. Compliance is essential in ensuring that the organization is operating legally and ethically, and that it is meeting its obligations. Related terms include law and regulation.
Confidentiality #
This term refers to the protection of confidential information and sensitive data, it is a key concept in the Internal Controls Framework. Confidentiality is essential in ensuring that confidential information and sensitive data are protected from unauthorized access and disclosure. Related terms include information security and data protection.
Control Activities #
This term refers to the policies, procedures, and practices that are implemented to manage risk and ensure compliance, it is a key concept in the Internal Controls Framework. Control activities are essential in ensuring that the organization is managing risk and compliant with relevant laws and regulations. Related terms include risk management and compliance.
Control Environment #
This term refers to the culture and tone of an organization, it is a key concept in the Internal Controls Framework. The control environment is essential in ensuring that the organization has a strong and effective control culture, and that it is committed to managing risk and compliance. Related terms include corporate culture and tone at the top.
Control Objectives #
This term refers to the specific goals and objectives that are established to manage risk and ensure compliance, it is a key concept in the Internal Controls Framework. Control objectives are essential in ensuring that the organization is focused on managing risk and compliance, and that it is achieving its objectives. Related terms include risk management and compliance.
Control Risk #
This term refers to the risk that a control will fail to prevent or detect a material misstatement, it is a key concept in the Internal Controls Framework. Control risk is a key component of audit risk, and is essential in ensuring that the organization's internal controls are effective. Related terms include audit risk and internal controls.
Data Integrity #
This term refers to the accuracy, completeness, and reliability of data, it is a key concept in the Internal Controls Framework. Data integrity is essential in ensuring that data is reliable and accurate, and that it can be trusted for decision-making and reporting. Related terms include data quality and data governance.
Detection Risk #
This term refers to the risk that an auditor will fail to detect a material misstatement, it is a key concept in the Internal Controls Framework. Detection risk is a key component of audit risk, and is essential in ensuring that the organization's internal controls are effective. Related terms include audit risk and internal controls.
Entity #
Level Controls: This term refers to the controls that are implemented at the entity level to manage risk and ensure compliance, it is a key concept in the Internal Controls Framework. Entity-level controls are essential in ensuring that the organization is managing risk and compliant with relevant laws and regulations. Related terms include risk management and compliance.
Error #
This term refers to an unintentional mistake or omission that can affect the accuracy or reliability of data or information, it is a key concept in the Internal Controls Framework. Errors can have significant consequences, and can impact the organization's reputation and financial performance. Related terms include mistake and omission.
Fraud #
This term refers to an intentional act or omission that is designed to deceive or mislead others, it is a key concept in the Internal Controls Framework. Fraud can have significant consequences, and can impact the organization's reputation and financial performance. Related terms include theft and misappropriation.
General Computer Controls #
This term refers to the controls that are implemented to manage and oversee the use of computer systems and technology, it is a key concept in the Internal Controls Framework. General computer controls are essential in ensuring that the organization's computer systems and technology are secure and reliable. Related terms include information technology and computer security.
Governance #
This term refers to the system of rules, practices, and processes that are used to direct and control an organization, it is a key concept in the Internal Controls Framework. Governance is essential in ensuring that the organization is managed effectively and efficiently, and that it is compliant with relevant laws and regulations. Related terms include corporate governance and management.
IAF #
This term refers to the Internal Audit Function, it is a function that is responsible for evaluating and improving the organization's internal controls and risk management processes. The IAF is a key concept in the Internal Controls Framework, as it helps to ensure that the organization's internal controls are effective and that risk is being managed effectively. Related terms include internal audit and risk management.
Incident Response #
This term refers to the process of responding to and managing incidents that can affect the organization's operations or reputation, it is a key concept in the Internal Controls Framework. Incident response is essential in ensuring that the organization can respond quickly and effectively to incidents, and that it can minimize the impact of the incident. Related terms include incident management and crisis management.
Information Security #
This term refers to the protection of information and data from unauthorized access, use, disclosure, modification, or destruction, it is a key concept in the Internal Controls Framework. Information security is essential in ensuring that the organization's information and data are protected and secure. Related terms include data protection and cybersecurity.
Internal Controls #
This term refers to the policies, procedures, and practices that are implemented to manage risk and ensure compliance, it is a key concept in the Internal Controls Framework. Internal controls are essential in ensuring that the organization is managing risk and compliant with relevant laws and regulations. Related terms include risk management and compliance.
Internal Audit #
This term refers to the function that is responsible for evaluating and improving the organization's internal controls and risk management processes, it is a key concept in the Internal Controls Framework. Internal audit is essential in ensuring that the organization's internal controls are effective and that risk is being managed effectively. Related terms include IAF and risk management.
Inherent Risk #
This term refers to the risk that a material misstatement will occur due to inherent factors such as fraud or error, it is a key concept in the Internal Controls Framework. Inherent risk is a key component of audit risk, and is essential in ensuring that the organization's internal controls are effective. Related terms include audit risk and internal controls.
IT Governance #
This term refers to the system of rules, practices, and processes that are used to direct and control the use of information technology, it is a key concept in the Internal Controls Framework. IT governance is essential in ensuring that the organization's information technology is managed effectively and efficiently, and that it is aligned with the organization's objectives. Related terms include governance and management.
Key Control #
This term refers to a control that is critical to the achievement of an objective or mitigation of a risk, it is a key concept in the Internal Controls Framework. Key controls are essential in ensuring that the organization is managing risk and compliant with relevant laws and regulations. Related terms include risk management and compliance.
Materiality #
This term refers to the threshold above which a misstatement or omission is considered to be material, it is a key concept in the Internal Controls Framework. Materiality is essential in ensuring that the organization is focused on managing risk and compliance, and that it is achieving its objectives. Related terms include misstatement and omission.
Monitoring #
This term refers to the ongoing evaluation and review of the organization's internal controls and risk management processes, it is a key concept in the Internal Controls Framework. Monitoring is essential in ensuring that the organization's internal controls are effective and that risk is being managed effectively. Related terms include internal audit and risk management.
Operational Risk #
This term refers to the risk of loss or damage to an organization's operations or reputation due to inadequate or ineffective internal processes, people, or systems, it is a key concept in the Internal Controls Framework. Operational risk is essential in ensuring that the organization is managing risk and compliant with relevant laws and regulations. Related terms include risk management and compliance.
PCAOB #
This term refers to the Public Company Accounting Oversight Board, it is a non-profit corporation that is responsible for overseeing the audits of public companies. The PCAOB is a key concept in the Internal Controls Framework, as it helps to ensure that the organization's internal controls are effective and that audits are being conducted effectively. Related terms include audit and compliance.
Policies #
This term refers to the statements of intent or purpose that are used to guide an organization's actions and decisions, it is a key concept in the Internal Controls Framework. Policies are essential in ensuring that the organization is managed effectively and efficiently, and that it is compliant with relevant laws and regulations. Related terms include procedure and guideline.
Procedures #
This term refers to the steps or actions that are taken to achieve an objective or complete a task, it is a key concept in the Internal Controls Framework. Procedures are essential in ensuring that the organization is managed effectively and efficiently, and that it is compliant with relevant laws and regulations. Related terms include policy and guideline.
Regulatory Compliance #
This term refers to the adherence to relevant laws and regulations, it is a key concept in the Internal Controls Framework. Regulatory compliance is essential in ensuring that the organization is operating legally and ethically, and that it is meeting its obligations. Related terms include law and regulation.
Reliability #
This term refers to the ability of a system or process to produce consistent and accurate results, it is a key concept in the Internal Controls Framework. Reliability is essential in ensuring that the organization's systems and processes are trustworthy and dependable. Related terms include accuracy and consistency.
Residual Risk #
This term refers to the risk that remains after controls have been implemented to mitigate or manage the risk, it is a key concept in the Internal Controls Framework. Residual risk is essential in ensuring that the organization is aware of the risk that remains, and that it is monitored and reviewed on an ongoing basis. Related terms include risk management and compliance.
Risk #
This term refers to the possibility of an event or circumstance that can affect an organization's objectives or outcomes, it is a key concept in the Internal Controls Framework. Risk is essential in ensuring that the organization is aware of the risk that it faces, and that it is managed effectively. Related terms include risk management and compliance.
Risk Assessment #
This term refers to the process of identifying, analyzing, and evaluating risk, it is a key concept in the Internal Controls Framework. Risk assessment is essential in ensuring that the organization is aware of the risk that it faces, and that it is managed effectively. Related terms include risk management and compliance.
Risk Management #
This term refers to the process of identifying, analyzing, evaluating, and mitigating risk, it is a key concept in the Internal Controls Framework. Risk management is essential in ensuring that the organization is managing risk and compliant with relevant laws and regulations. Related terms include risk assessment and compliance.
Sarbanes #
Oxley Act: This term refers to a law that was enacted in 2002 to regulate the financial reporting of public companies, it is a key concept in the Internal Controls Framework. The Sarbanes-Oxley Act is essential in ensuring that the organization is compliant with relevant laws and regulations, and that it is managing risk and internal controls effectively. Related terms include financial reporting and compliance.
Segregation of Duties #
This term refers to the separation of duties and responsibilities within an organization to prevent or detect errors or irregularities, it is a key concept in the Internal Controls Framework. Segregation of duties is essential in ensuring that the organization is managing risk and compliant with relevant laws and regulations. Related terms include internal controls and compliance.
Transaction #
This term refers to a specific event or occurrence that can affect an organization's financial statements or operations, it is a key concept in the Internal Controls Framework. Transactions are essential in ensuring that the organization is managing risk and compliant with relevant laws and regulations. Related terms include event and occurrence.
Turnover #
This term refers to the rate at which employees leave or join an organization, it is a key concept in the Internal Controls Framework. Turnover is essential in ensuring that the organization is managing risk and compliant with relevant laws and regulations. Related terms include employee turnover and staffing.