SOC 103 Chapter Notes - Chapter 3: Business Process, Accounts Receivable, Embezzlement

Internal controls: is a process effected by management, the board of directors and other personnel that is designed to minimize risk exposures to an acceptable level of company"s objectives. Both ceo and cfo are criminally liable for weak internal control processes. Internal control is process oriented, focuses on the processes by which the company is run rather than the outcomes of the processes. Good internal controls allow management to freely make decisions in accordance with company"s risk preferences. Loss prevention tools, may not perfectly prevent all losses. General rule of internal controls is that is should provide a reasonable assurance that they will achieve their objectives. -they must reflect a balance between reducing risk exposures versus the costs of implementing the controls. Erm system, erm involves weighing various opportunities against the related risks and managing these opportunities and risks in a way that is consistent with the management objectives and risk preferences.