Ch3 Review Questions

Download as docx, pdf, or txt
Download as docx, pdf, or txt
You are on page 1of 2

Review questions; 4, 6, 7, 8, 10, 11

4:What is The IIA’s definition of governance? How does this definite relate to
the figure in exhibit 3-3?
The IIA definition of corporate governance, included within the International Standards is:

Governance is the combination of processes and structures implemented by the board in


order to inform, direct, manage and monitor the activities of the organization toward the achieve
ment of its objectives.
Exhibit 3-3 is the diagram of the elements included in the corporation governance. It
consisted by two main parts: Strategic direction and Governance. Strategic direction provided the
principles and guidance to achieve the company’s goal. Governance are responsible for the
manage and supervise the operate of company.

6: What types of outcomes might a board need to consider to understand stakeho


lders’ expectations?
Different types of shareholders may have different expectations, in order to satisfying the
ir various expectations, the board may need to consider the outcomes of financial, compliance, o
perations and strategic.

7: In governance, what are the key responsibilities of:


a, The board of director?
The governance responsibilities for board is: Establishing a governance committee, articu
lating requirements for reporting to the board and reevaluating governance expectations periodic
ally.
b, Senior management?
The governance responsibilities for senior management is: Ensuring that the full scope of
direction and authority delegated is understood appropriately, identifying the processes and activi
ties within the organization that are integral to executing the governance direction provided by th
e board, Evaluating what other business consideration or factors might create a justification for d
elegating a lower tolerance level to risk owners than that delegated by the board and ensuring tha
t sufficient information is gathered from the risk owners to support its reporting requirements to t
he board.
c, Risk owners?
The responsibilities of risk owners include: Evaluating whether the risk management acti
vities are designed adequately to manage the related risks within the tolerance levels specified by
senior management, assessing the ongoing capabilities of the organization to execute those risk
management activities, determining whether the risk management activities are currently operati
ng as designed, conducting day-to-day monitoring activities to identify whether anomalies or div
ergences from exited outcomes have occurred.

8. What role does the internal audit function play in governance?


The internal audit function can play a key role in promoting and supporting effective
organizational governance. It is an effective part of the governance process by: ensuring it fully
understands the board’s governance direction and expectations, supporting management’s risk
management program, developing an internal audit plan that appropriately encompasses the
governance assurance activities and allows for periodic communications to senior management
and the board on the effectiveness of risk management activities.

10.What are the three lines of defense in the Three Lines of Defense model?
The first line of defense represents the internal control activities conducted by individuals
and management.
The second line of defense represents other assurance activities: financial controller; risk
management; compliance; health and safety; environmental;
The third of line of defense represents the most independent and objective form of
assurance.
The Three Lines of Defense model provides a simple and effective way to enhance
communications on risk management and control by clarifying essential roles and duties.

11.What is a combined assurance model? Why do some organizations use such mod
els?
To combat assurance fatigue,some organization have developed models called combined or
integrated assurance models. These models vary from one organization to the next, and can be
implemented at a high level or in great detail. In general, such models focus on understanding the
different types of assurance being provided, and based on the level of risk being assessed and
how strong the assurance is, a coordinated plan or calendar is developed to facilitate awareness
of what assurance activity will perform assessments when, and how other assurance activities
can rely on that work.

You might also like