Professional Documents
Culture Documents
Summary of Key points to remember for the exam
Note: This is additional information to augment what is covered in the Red IIA workbook.
These are high level points that summarize Section 1 and should be useful in helping you to
comprehend the topics covered. Be sure to create your own “cheat sheets”.
Section 1 ‐ Governance/Business Ethics
Chapter A: Corporate/Organizational Governance Principles
Exam Alert: Corporate Governance is tested heavily on the exam.
An organization should set the tone at the top for honesty and integrity and reinforce that every
manager, director, and employee needs to maintain these values.
A corporation’s governance mechanism is established by a firm’s bylaws, which are a set of
internal rules or policies. Bylaws describe the powers of the corporation and the duties and
responsibilities of the board of directors and officers, and how to treat stockholders.
For a corporation to be legitimate, its governance principles must correspond to the will of the
general public. Therefore, a corporation must be managed on the principles of corporate
governance defining the roles of shareholders, directors, and officers/managers in corporate
decision making and accountability.
‐ Example 1 of Corporate Governance problem: Separation of ownership from control. This is
the major issue embedded in the structure of modern corporations that has contributed to
the corporate governance problem. Stockholders are owners, and the board of directors,
officers, and managers control the corporation on a day‐to‐day basis. This means no one
shareholder or a group of shareholders own enough shares to exercise control; so
shareholders perceive themselves to be investors rather than owners.
‐ Example 2 of Corporate Governance problem: Self‐interest. Agency problems develop when
the interests of the shareholders are not aligned with the interests of the manager, and the
manager (who is simply a hired agent with the responsibility of representing the owner’s
(principal’s) best interest) begins to pursue self‐interest instead.
The internal audit activity is responsible for assessing and making recommendations for
improving governance processes in the accomplishment of various organizational objectives.
However, it is the role of management to ensure the timely implementation of the audit
recommendations. The internal audit activity is responsible for the development of a timely
procedure to monitor the disposition of the audit recommendations. The internal audit activity
works with senior management and the audit committee to ensure that audit recommendations
receive appropriate attention.
CIA Learning System Quick Quiz: The board is the focal point for all governance activities and
establishes the "tone at the top." The board is also responsible for implementing best
governance practices and providing oversight of organizational activities.
Tone Board, Values Management
1
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
The board of directors is responsible for establishing and maintaining the organization's
governance processes and obtaining assurances concerning the effectiveness of the risk
management and control processes.
Corporate values are not typically assessed during routine risk and control evaluations. Instead,
self‐assessment methods and appropriate audit programs are generally used to measure the
comprehension and preservation of corporate values.
Operating management is responsible for risk management, executive management is
responsible for oversight, and internal auditors serve in the capacity of oversight and advisory
roles.
Abusive acts can be legal but unethical. Abuse occurs when the conduct of an activity or
function falls short of expectations for prudent behavior. Abuse is distinguished from
noncompliance in that abusive conditions may not directly violate laws or regulations. Abusive
activities may be within the letter of the laws and regulations but violate their spirit or the more
general standards of impartial behavior, and more specifically the ethical behavior. This means
that abusive acts can be legal but unethical.
For example: Marketing tactics can walk a fine line between persuasion and manipulation, and
this is another area where subjective ethics come into play heavily. Some marketing tactics can
take advantage of uneducated segments of the population, which can be perfectly legal while
being scorned throughout the marketplace. For example, before the Credit Card Act of 2009,
banks could lure teens into opening credit accounts with promises of financial freedom,
regardless of the teens' ability to repay the high‐interest debts.
Chapter B ‐ Environmental and Social Safeguards
The International Finance Corporation’s Environmental, Health, and Safety (IFC’s EHS)
Guidelines specify operational practices in different areas, including environment, occupational
and community health and safety, and sustainable materials use. Sustainable materials policies
reflect the entire lifecycle of purchased materials, from procurement through disposal or
decommissioning (e.g., recycling, handling of hazardous waste). When an organization adopts
the guidelines, it pledges to implement whichever is stricter—the guidelines or the host
country’s laws and regulations.
A framework is simply a set of guidelines to help organizations meet organizational objectives.
CIA Learning System Quick Quiz: A realistic outcome of a privacy framework evaluation is
assurance of compliance with specific laws and/or standards.
2
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
Chapter C – Corporate Social Responsibility (CSR)
Exam Alert: Students from my prior classes have stated that CSR is tested heavily on the exam.
Corporate social responsibility (CSR, also called corporate conscience, corporate citizenship or
sustainable responsible business/ Responsible Business) is a form of corporate self‐regulation
integrated into a business model. CSR policy functions as a self‐regulatory mechanism whereby
a business monitors and ensures its active compliance with the spirit of the law, ethical
standards and international norms. With some models, a firm's implementation of CSR goes
beyond compliance and engages in "actions that appear to further some social good, beyond
the interests of the firm and that which is required by law."
CSR aims to embrace responsibility for corporate actions and to encourage a positive impact on
the environment and stakeholders including consumers, employees, investors, communities,
and others.
Not having a CSR policy and program exposes the organization to significant risks that the board
is responsible for controlling. These risks could include but are not restricted to penalties for
noncompliance with laws and regulations. Non‐sustainable actions could also damage the
organization’s reputation and its ability to attract investors, employees, and customers. It can
also make the organizational liable for damages, possibly including liability for the actions of
suppliers.
Mere adoption of a CSR framework is not sufficient; an organization’s processes must be
integrated into the framework. Results should be reported both within and outside the
organization to meet the needs of various stakeholders, including regulatory groups. Internal
audit may be involved in auditing the organization’s CSR programs, as long as internal auditing
was not involved in creating the programs.
Be able to give examples of CSR
Know the difference between Corporate Social Responsibility and Corporate Social Obligation
(law)
3
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
Section II – Risk Management
Chapter A: Risk Management Techniques
Exam Alert: Risk Management is tested heavily on the exam.
A process to identify, assess, manage, and control potential events or situations, to provide
reasonable assurance regarding the achievement of the organization’s objectives.
A Risk Management Framework helps a business meet objectives (financial, operational, and
compliance)
Organizations measure risk in terms of impact and likelihood
The chief audit executive (CAE) should incorporate information from a variety of sources into the
risk assessment process, including discussions with the board, management, and external auditors;
review of regulations; and analysis of financial/operating data.
Risk assessment is a systematic process of assessing and integrating professional judgments about
probable adverse conditions and/or events, providing a means of organizing an internal audit
schedule.
As a result of an audit or preliminary survey, the chief audit executive (CAE) may revise the level of
assessed risk of an auditable entity at any time, making appropriate adjustments to the work
schedule.
Risk assessment does not necessarily involve the assignment of dollar values and is not intended to
identify the audit area with the greatest dollar savings.
Acceptable risk is the level of residual risk that has been determined to be a reasonable level of
potential loss or disruption for a specific computer system
Chapter B – Organizational Use of Frameworks
The risk assessment map looks at each type of fraud and determines how likely the fraud is to occur
and how significant it would be if it did occur. Any fraud that has a high probability and high
significance of material effect must be addressed with processes and procedures that prevent this
type of fraud.
Unless complex risk quantification is merited (e.g., derivatives), it's best to keep the quantification
and prioritization of risks simple.
In conducting a cultural diversity audit internal audit should:
I. Review the organization’s Web site.
II. Verify compliance with country and regional laws and regulations.
III. Assess overt and subtle business practices for different cultures.
IV. Evaluate the political environment of the nations in which the organization conducts business.
Managing risk includes a variety of activities that attempt to identify, assess, manage, and control
risk across the entire spectrum of an organization, ranging from single events or projects to narrowly
4
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
defined types of risk (e.g., market risk) to threats and opportunities facing the entire enterprise.
Organizations such as brokers, banks, and insurance companies may view risks as sufficiently critical
to warrant continuous oversight and monitoring.
A risk framework provides a master list that enables all risks identified in the organization to be
tracked and categorized. An important step in ERM is to assess risks identified, and the ranking
provides a standardized view of risks.
Practice Advisory 2120‐1 states that risk management is a key responsibility of senior management
and the board, not the CAE. To achieve its business objectives, management ensures that sound risk
management processes are in place and functioning.
ERM takes a broader (as opposed to a focused) portfolio approach than traditional risk management
and deals with risks and opportunities affecting the creation or preservation of organizational value.
Risk sharing reduces risk likelihood or impact by transferring or otherwise sharing a portion of the
risk. The most widely used form of risk transfer is insurance. Risk acceptance is taking no action to
affect likelihood or impact.
The function of the chief risk officer (CRO) is most effective when the CRO works with management
in their areas of responsibility.
Management is responsible for controls.
Risk is the possibility of an event occurring that will have an impact on the achievement of
objectives. Risk is measured in terms of impact and likelihood.
Types of Risk:
a. Strategic risks include political risk, regulatory risk, reputation risk, leadership risk, and
market brand risk.
b. Operational risks include an organization’s systems, technology, and people.
c. Financial risks includes risks from volatility in foreign currencies, interest rates, and
commodities. It also includes credit risk, liquidity risk, and market risk.
d. Hazard risks include natural disasters, impairment of physical assets, and terrorism.
It is important to emphasize that the uncertainties could have a potential upside or downside so
that the scope of ERM encompasses the more traditional view of potential hazards as well as
opportunities.
Risk is pervasive throughout an organization as it can arise from any business function or process at
any time without warning. Because of this widespread exposure, no single functional department
management, other than the board of directors, can oversee the enterprise‐wide risk management
program.
5
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
Section III – Organizational Structure / Business Processes and Risks
Chapter A: Organizational Structure
A matrix organizational structure allows authority to flow both vertically and horizontally. A matrix
can work regardless of whether the product life cycle is long or short.
A "flat" organization structure is one with relatively few levels of hierarchy and characterized by
wide spans of management
For a flat structure to be successful, employees must be able to work unsupervised most of the time
because the manager, having many employees, has little time for each one.
A centralized configuration has several levels of authority, a long chain of command, and a narrow
span of control. All of these characteristics support management consistency and may discourage
innovation and employee involvement and empowerment.
Increased uniformity in decisions is an advantage of centralization.
Span of control is the term now used more commonly in business management, particularly human
resource management. Span of control refers to the number of subordinates a supervisor has.
In a matrix organization project managers may "borrow" specialists from line managers thus
employees may report to multiple managers
In order to remain competitive and adaptable many organizations adopt a flatter organizational
structure.
In a centralized structure, most communication is vertical, up and down a hierarchical chain of
command. This impedes communication and awareness across functional lines, which can be an
obstacle for ERM.
Chapter B – Typical Activities in Various Business Cycles
Exam Alert ‐ Procurement Cycle will be on the exam. Know and understand the three major
steps and the order they are performed: 1. Organization's requirements established 2. Sourcing
3. Purchasing 4. Supplier relationship management
Companies have different objectives for their procurement strategies, based on their own
business objectives. In some cases, the manufacturer may place a higher value on the quality of
the components than price or reliability of supply.
Strategic marketing is driven by customer needs.
A vertical marketing system consists of producers, wholesalers, and retailers managed as a
coordinated or programmed system. Example: grocery store chain operates an ice‐making
facility, a soft drink bottling operation, an ice cream‐making plant, and a bakery that supplies its
individual stores with everything from bagels to birthday cakes
Conventional distribution systems consist of one or more independent producers, wholesalers,
and retailers, each of which is a separate profit‐maximizing business. The profit objective of
each independent channel member may result in actions that are not profit‐maximizing for the
system as a whole, and the conventional distribution system offers no means for controlling
channel conflict.
6
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
The vertical and lateral approaches are the most widely used supply chain management
approaches globally.
The operating cycle shows the intended result of operations, from purchase of resources and/or
materials, through production, sales, and collection cycles. The cycle is also known as the cash‐
to‐cash cycle, since it shows how cash disbursed is converted back into cash received.
Chapter C – Business Process Analysis
Exam Alert ‐ Know the purpose of a flowchart. The best tool that operating personnel could
provide to internal auditors so that they can “see” the operations in order to identify
inefficiencies, ineffective steps, and control weaknesses is a Process flowchart
Efficiency is related to the cost of a process relative to the value it creates. An efficient process
achieves results with minimal waste, expense, and/or cycle time (the time it takes from the
beginning to end to complete a process), and has a high ratio of output to input.
The TOC philosophy holds that there is only one constraint in a system at any given time and
that each constraint limits the output of the entire system. It is important to concentrate on
addressing specific constraints rather than trying to fix the entire system, which may or may not
have tangible results.
The Six Sigma process for conducting continuous improvement is referred to by the initials
DMAIC. Once the organization has defined the nature of the problem, the next step is to
measure existing performance and begin recording data and facts that provide information
about the underlying causes of the problem.
A flowchart, also called a process‐flow analysis, is a graphical representation of an operation in
terms of the sequence of activities and decisions throughout a process.
Chapter D – Inventory Management Techniques and Concepts
Materials requirements planning (MRP) is a planning and controlling technique for managing
dependent‐demand manufacturing inventories.
EOQ is a fixed order model that depends on the assumptions that lead time is constant, demand
occurs at a relatively stable and known rate, operating and storage costs are known,
replenishment is instantaneous, and there are no stockouts.
Computer Integrated Manufacturing CIM involves a manufacturing system that completely
integrates all factory and office functions within an organization throughout the life cycle of a
product or service. CIM can help an organization reduce costs of spoilage and scrap, increase
productivity, improve quality, and increase its overall responsiveness to customers.
The EOQ decision model calculates the optimum quantity of inventory to order by incorporating
only the ordering costs and carrying costs into the model. These costs behave opposite each
other. Purchase costs, quality costs, and stockout costs are not incorporated into the EOQ
model.
Poor quality materials cause major problems in a JIT system because it retains no safety stock to
use for replacing defective materials. Substandard materials cause major production disruptions
7
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
in JIT systems and defeat its benefits, which include lowering cost and lead time while increasing
product quality.
Inventory shipping and handling costs are classified as ordering costs, not as carrying costs.
Property tax, insurance, and depreciation and obsolescence are all classified as inventory
carrying costs.
Chapter E – Electronic Funds Transfer (EFT) / Electronic Data Interchange (EDI) / E‐commerce
Successful EDI implementation begins with Mapping the work processes and flows that support
the organization's goals
Transmission of EDI transactions to trading partners may sometimes fail.
Internal auditors should look for network security controls, user identification systems, privacy
and confidentiality controls, a list of all e‐commerce applications within the enterprise,
maintenance activities to ensure continued operation, failure detection and automated repair
features, application change management controls, and business continuity plans.
Unauthorized access is a risk which is higher in an EFT environment.
Chapter F – Business Development Life Cycles
Phases of the cycle Emergence, Growth, Maturity, and Decline (EGMD)
During the growth stage of a product’s life cycle
A. The quality of products is poor.
B. New product models and features are introduced.
C. There is little difference between competing products.
D. The quality of the products becomes more variable and products are less differentiated.
Answer (A) is incorrect because poor product quality is evident during the introduction stage of the product life
cycle.
Answer (B) is correct. In the growth stage, sales and profits increase rapidly, cost per customer decreases,
customers are early adopters, new competitors enter an expanding market, new product models and features are
introduced, and promotion spending declines or remains stable. The firm enters new market segments and
distribution channels and attempts to build brand loyalty and achieve the maximum share of the market. Thus,
prices are set to penetrate the market, distribution channels are extended, and the mass market is targeted
through advertising. The strategy is toadvance by these means and by achieving economies of productive scale.
Answer (C) is incorrect because competitors are most numerous and products become less differentiated during
the maturity stage of the product life cycle. In this stage, imitators have entered the market and competitors have
learned which technologies and features are successful.
Answer (D) is incorrect because the quality of the products becomes more variable and products are less
differentiated
Chapter G – The ISO Framework
The ISO certification standards represent a stamp of approval on the quality of products and
services, and many companies will buy only from ISO‐certified suppliers.
ISO 9000 series focuses on quality assurance
ISO 14000 Standards address management of environmental impact and performance
improvement
8
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
ISO31000 Standard addresses Risk Management
Chapter H – Out‐Sourcing Business Processes
Organizations should not out‐source functions deemed as core competencies.
9
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
Section IV – Communication
Chapter A: Communication
The term for barriers in the sender‐to‐receiver and receiver‐to‐sender message processes is
communication noise. Communication noise can happen anywhere along the communications
spectrum. Both senders and receivers need to be careful about the intent of the message, the
medium, and the interpretation.
Communication channel richness refers to the amount of information that can be transmitted
during a communication episode.
Face‐to‐face discussion is the richest medium because it permits direct experience, multiple
information cues, immediate feedback, and personal focus. Impersonal written media, including
flyers, bulletins, and standard computer reports, are the lowest in richness. These channels are
not focused on a single receiver, use limited information cues, and do not permit feedback.
Decoding is how the receiver of a message interprets that message. Interpretations can vary
widely given cultural backgrounds.
Nonverbal communication is often imprecise. It is influenced heavily by culture and can
sometimes convey more information than verbal communication.
Deductive reasoning (top down) is the process of reasoning from general principles (hypothesis)
to particular examples. Those that take a CIA Exam Review Course will pass the CIA Exam. We
noted of the 10 students who took the exam the five that took the review course passed.
Inductive reasoning (bottom up) is the process of reasoning from detailed facts to a general
principle. Most common method used by scientist. Draw a conclusion from evidence (facts).
Jane and Wayne passed the CIA Exam. Jane and Wayne were in Lyndon’s CIA Exam review
course. Those that take Lyndon’s CIA Exam review Course will pass the CIA Exam.
In both organizations and cultures the distribution of organizational power can interfere with
communication. The person who perceives himself or herself as having little power or authority
will be less likely to initiate discussion, even of important topics.
10
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
Information overload (I) and misrepresentation of feelings and emotions (II) are considered
drawbacks of electronic communication. Information overload, such as numerous electronic
mail messages, may lead to lost time and inefficiencies and is considered a drawback of
electronic communication. Reduced transmission time (III) is considered a positive result of
electronic communication, and electronic communication generally results in an adequate paper
trail (such as saved "sent mail").
Listen with empathy and intensity. Listening with empathy to the speaker's ideas allows for
objective, not judgmental, listening. Empathy puts the listener in the speaker's shoes, so the
listener understands what the speaker wants to communicate rather than what the listener
wants to understand. A listener must concentrate intensely to avoid being distracted.
Exam alert: Open (descriptive response) vs. Closed (One word response)
Selective perception is the process of selecting some information and filtering out other
information as it is received based on an individual's needs, interests, values, opinions, and past
experiences.
Chapter B: Stakeholder Relationships
The audit charter and annual plan must be aligned with the organization’s strategic objectives
and risk appetite. If not, the annual plan, even if approved, will not meet the board’s and senior
management’s expectations. This will lead to conflict between internal audit activities and
board/senior management’s expectations and risk appetite.
For internal audit to add value to an organization, it must go beyond assessing present controls
towards identifying root causes of problems and recommending solutions and changes. This will
require support from the board and senior management in the form of example, resources, and
direction. To add value, internal audit must have organizational knowledge and relationships. A
new CAE would be less likely to have sufficient organizational and industry knowledge.
When handling related parties the most difficult type of transaction is one where a close family
member who is a major shareholder. Transactions involving major shareholders (e.g., close
family and relations), either directly or indirectly, are potentially the most difficult type of
transactions.
The ultimate goal of shareholder and investor communications is honesty. Honesty from
management is the ultimate goal of shareholder and investor communications, although the
communication should provide consistency, clarity, candor, and effectiveness.
A golden parachute is a contract in which a corporation agrees to make payments to key
management and senior officers in the event of a change in the control of the corporation.
Shareholders do not initiate golden parachutes; management does.
11
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
Section V – Management and Leadership Principles
Chapter A: Strategic Management
Industry Life Cycle Four Stages (I, G, M, D) – Introduction, Growth, Maturity and Decline
During the maturity stage, competition is at its greatest, and costs are at their lowest; thus,
prices would be at their lowest.
Different strategies are used to manage in each type of industry. Organizations must recognize
when an industry is shifting in some way.
Franchising and horizontal mergers commonly used to gain market share in a fragmented
industry.
Growth strategy ‐ An organization may decide to enter a new business in the same or a different
industry when the benefits outweigh entry costs and other legal and administrative barriers.
Quantitative research is based on numbers and mathematical calculations (aka quantitative
data), qualitative research is based on written or spoken narratives (or qualitative data).
Regression Analysis ‐ Indicates correlation(s) based on assumption of cause‐and‐effect
relationships among variables. Often used to analyze cost behavior or forecast sales levels.
Quality is the reliability of a product or service for its users. To ensure a reliable level of quality
throughout an organization, every individual, department, and subdivision of an organization
must conform to design specifications set by customer expectations.
Exam Alert: Total Quality Management (TQM) Managing people and business process to ensure
100% customer satisfaction.
Chapter B: Organizational Behavior
Wider span of control at the top means fewer managers. Conversely, a narrower span of
control means more managers.
Span of control affects delegation, employee participation, and employee learning.
Understand Environmental Factors Impacting the motivation of employees such as
organizational structure and culture, relationships with managers and supervisors, job design,
reward system, and performance appraisal.
Group types (structural, functional, task, informal) ‐ A task group is charged with completion of a
task, and the group will disband once the task is complete. Informal groups also may have a task
to complete, but they may not be formally appointed. Structural and functional groups usually
are embedded in the organization's structure and are ongoing.
Groups ‐ Some group members go along with what appears to be the group consensus rather
than giving their honest input is the definition of Groupthink which is undesirable.
Chapter C: Management Skills/Leadership Styles
To successfully implement empowerment in an organization, leaders must balance their need
for personal control with providing freedom for others to act on their own authority.
12
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
Teams need a clear purpose, performance objectives, and outcomes
Chapter D: Conflict Management
Negotiation and Conflict Management skills help auditors build relationships and trust,
understand and handle adversarial communication, and effectively deliver reports and
recommendations.
Conflict should be viewed as a healthy way to facilitate growth in an organization.
An avoidance strategy aims to resolve the conflict by ignoring it or imposing a solution. It is only
appropriate if the conflict is trivial or if quick action is needed to prevent the conflict from
arising.
Utilizing Principled Negotiation skills if an agreement is reachable, results should meet the needs
of both parties to the extent possible and should be fair, long lasting, and in the public good.
Utilizing the Added‐Value Negotiation skills this process usually takes less time because of the
multiple offers presented at the beginning of the process.
Chapter E: Project Management / Change Management
Gannt Chart ‐ Divides project into sequential activities with estimated start and completion
times. Internal audit scheduling is effectively accomplished with use of Gantt chart.
Determining the most efficient path for reaching project goals can be done utilizing:
1. Critical path method (CPM)
2. Program Evaluation Review Technique (PERT)
CPM and CRT identify and prioritize tasks which must be completed on time for the whole
project to be completed on time.
13
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
Section VII – Financial Management
Chapter A: Financial Accounting and Finance
Topic 1: Describe Basic Concepts and Underlying Principles of Financial Accounting
Accounting Concepts
Understand the common accounting terms (p.3‐438)
Goal of financial reporting: is to provide stakeholders with information to exercise due diligence
in decision making.
To ensure that financial statements are truly useful, GAAP requires the information in financial
statements to be Relevant, Reliable, Comparable and Consistent
Dual‐entry (or double‐entry) accounting is the international standard. In a dual‐entry system,
each transaction is recorded in at least two places: a debit to one account and a credit to
another account.
A common way of expressing the dual‐entry method is with a T‐account. Preparing periodic trial
balances can ensure that the accounts balance at that specific moment in time.
Exam Alert: Know the impact of a Debit or a Credit on accounts.
Assets, Expenses and Dividends: Debits increase accounts and Credits decrease accounts
Liabilities, Revenues, Capital Stock, and Retained Earnings: Debits decrease accounts and Credits
increase accounts
Example Test Question
4. When purchasing an asset using debt, which of the following transactions occurs?
A. Debit assets (increase) and credit liabilities (increase).
B. Debit assets (decrease) and credit liabilities (increase).
C. Debit liabilities (decrease) and credit assets (increase).
D. Debit liabilities (increase) and credit assets (increase).
An asset account is debited, increasing it by the value of the additional assets. A liability account
is credited, increasing it by the amount of the loan.
A number of questions about “if this occurs, then what” such as a sale takes place, but the sale
is not posted and inventory is not adjusted. How is inventory and accounts receivable affected?
The temporary accounts get closed at the end of an accounting year. Temporary accounts
include all of the income statement accounts (revenues, expenses, gains, and losses), the sole
proprietor's drawing account, the income summary account, and any other account that is used
for keeping a tally of the current year amounts. Since the temporary accounts are closed at the
end of each fiscal year, they will begin the new fiscal year with zero balances.
14
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
The accounts that do not get closed (their balances are carried forward to the next accounting
year) are referred to as permanent accounts. The balance sheet accounts are permanent
accounts.
Accrual versus cash basis accounting. Accrual relies on the principles of revenue recognition and
matching. Accrual basis accounting records transaction as they occur recognizing revenue only
when earned and expenses only when incurred, regardless of when the cash is actually paid out
(GAAP). Cash basis accounting, the organization recognizes revenue only when cash is received
and recognizes expenses only when cash is paid out (Not GAAP) thus payables and receivables
are ignored.
Accounting assumptions used in preparing the financial statements include Economic entity,
Going concern, monetary unit, and Periodic reporting.
Accounting principles used in preparing the financial statements include:
‐ Historical cost
Revenue recognition ‐ The practice of recording advanced payments from customers as
liabilities.
Example Test Question
25. The practice of recording advanced payments from customers as liabilities is an
application of the
A. going concern assumption.
B. monetary unit assumption.
C. historic cost principle.
D. revenue recognition principle.
‐ Matching – Expenses should be recognized in the period in which the correspondence
revenues are recognized. Example: Depreciation and amortization are ways to apply the
cost of a long‐lived asset over the periods in which the benefits are received. Period costs
are expensed immediately because they cannot be matched.
‐ Full disclosure
Accounting cycle – Closing is the process of transferring from Ledger to Trial Balance
Financial Statements
‐ Income Statement – Shows net profits from primary activities, a key creditworthiness
indicator
‐ Statement of Shareholders’ Equity (Retained Earnings)
‐ Balance Sheet: Assets – Liabilities = Equity
‐ Statement of Cash Flows – A statement of cash flows provides information about the cash
receipts and cash payments of an enterprise during a period. This activity could be related
to Operating, Investing and Financing activities
15
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
Disclosures / footnotes – The notes or disclosures to the financial statements should be an
integral part of the statements. Required disclosures are:
‐ Contingent liabilities – Both material and uncertain
Example: A lessee agrees to reimburse a lessor for a shortfall in the residual value of an
asset under lease.
‐ Subsequent events
‐ Contractual obligations
‐ Accounting policies and valuation methods used
‐ Change in accounting policies
‐ Capital stock disclosures
‐ Off‐balance sheet accounting
‐ Other disclosures
Depreciation Methods
‐ Allocating the cost of tangible assets over the periods of expected use
‐ Straight Line = Depreciable Base / Useful Life
Topic 2: Describe Intermediate Concepts of Financial Accounting
Characteristics of an Operating Lease
A lease agreement transfers substantially all the benefits and risk of ownership of the
asset to the lessee if at least one of the following criteria is met:
1) The lease provides for the transfer of ownership of the leased property.
2) The lease contains a bargain purchase option (BPO).
a) A bargain purchase option gives the lessee the right to purchase the leased property for a
price lower than its expected fair value at the date the BPO becomes exercisable.
3) The lease term is 75% or more of the estimated economic life of the leased property.
4) The present value of the minimum lease payments is at least 90% of the fair value of the leased
property.
a) Minimum lease payments equal minimum rental payments plus the amount of residual value
(or the minimum rental payments plus the amount of BPO).
Defined benefit plan promises specific level of retirement benefits.
16
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
Topic 3: Describe Advanced Concepts of Financial Accounting
Preferred stocks are designed to pay shareholders consistent dividends. They get their name
from the fact that they have preference over common stocks in the payment of dividends. This
means preferred stock dividends are always paid to shareholders before dividends on common
stock. Preferred dividends generally have yields that are competitive with corporate bonds.
When an organization purchases equity interest in other organizations in the form or capital
or preferred stock and has “Significant Influence” (20% to 50% ownership) they must value this
investment using the Equity method: Proportional share of investee’s net income/loss,
dividends
Topic 4: Preform Financial Statement and Ratio Analysis
The effects of under/over counting inventory on COGS and income.
Formula for COGS
Residual income is a metric used to measure performance of a department. It measures the
return earned by the department which is in excess of the minimum required return. RI is often
compared to ROI. ROI is a % while RI is a dollar amount.
Quick Ratio
You will only see one or two ratios on the exam. Thus, NO need to memorize all of the formulas.
Quick Ratio is defined as Current Assets (Cash and AR ‐ Inventory) / Current Liabilities
Current Ratio is defined as Current Assets (Cash, AR and Inventory) / Current Liabilities
Inventory turnover is an efficiency ratio which calculates the number of times per period a
business sells and replaces its entire batch of inventories. It is the ratio of cost of goods sold by a
business during an accounting period to the average inventories of the business during the
period.
Residual income is a metric used to measure performance of a department. It measures the
return earned by the department which is in excess of the minimum required return. Set
minimum return rate, and if RI is positive, investors will get their return and excess can go to
retained earnings.
17
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
Topic 5: Define and Differentiate Various types of Debt and Equity
Government‐backed securities (Most secure)
Common Stock vs. Preferred Stocks. Preferred stocks are designed to pay shareholders
consistent dividends. They get their name from the fact that they have preference over common
stocks in the payment of dividends. This means preferred stock dividends are always paid to
shareholders before dividends on common stock. Preferred dividends generally have yields that
are competitive with corporate bonds.
Stock splits ‐ A stock split is a decision by the company's board of directors to increase the
number of shares that are outstanding by issuing more shares to current shareholders. For
example, in a 2‐for‐1 stock split, every shareholder with one stock is given an additional share.
Topic 6: Define and Describe Various Financial Instruments
Bond, Common Stock vs. Preferred Stock
Bonds are the principal form of long‐term debt financing for corporations and governmental
entities.
1) A bond is a formal contractual obligation to pay an amount of money (called the par value,
maturity amount, or face amount) to the holder at a certain date, plus, in most cases, a series of
cash interest payments based on a specified percentage (called the stated rate or coupon rate)
of the face amount at specified intervals.
2) All of the terms of the agreement are stated in a document called an indenture.
Topic 7: Demonstrate an Understanding of Cash Management/Treasury Functions
Understand Cash Receipt Controls whether taking revenue at a Point of Sale (POS), mail, or
electronically.
18
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
Topic 8: Describe Inventory and Business Valuation Models
Know the difference between a perpetual inventory (keeps a continuous record of inventory
changes as they occur) vs. periodic inventory (which determines only the inventory on hand at
the end of a period by physical count).
FIFO (can distort net income and gross profit), LIFO, and Weighted Average (Called “moving” if
perpetual, Simple and Income cannot be manipulated)
Cost / Retail Ratio and retail method for valuing inventory.
Effect on Cost‐ Effect on Estimated
Retail Ratio Ending Inventory at Retail
A. No effect No effect
B. No effect Overstatement
C. Overstatement Overstatement
D. Overstatement Understatement
The retail method of inventory estimation applies a cost‐retail ratio to the ending inventory at retail to
determine ending inventory at cost. The ratio equals goods available at cost divided by goods available
at retail. Normal inventory shrinkage is deducted from the retail amount of goods available because the
goods are not available. However, abnormal amounts of theft, etc., are deducted in arriving at both the
cost and retail amounts. The reason for the difference in treatment is that normal but not abnormal
inventory losses are anticipated and included in selling price (retail value). Accordingly, failure to
account for normal inventory shrinkage has no effect on the calculation of the cost‐retail ratio but
overstates ending inventory at retail.
Topic 9: Demonstrate and Understanding of Capital Budgeting
Operating Budget ‐ A summary of an organization’s plans that sets specific targets for sales,
production, distribution, and financing activities.
What budget do you complete first?" Then it listed "cash, sales, production, and administrative
expenses." CIA Exam Alert: Always do the Sales budget first. It drives the others.
A capital budget identifies, evaluates, and selects projects that require large amounts of capital
investment and provide benefits far into the future. To make capital investment decisions,
managers must estimate the quantity and timing of cash flows, assess the risk of the
investment, and consider the impact of the project on the organization's profits.
Capital budget Discounting Methods:
Net Present Value ‐ Compares present value of a project’s cash inflows to present value of a
project’s cash outflows. Provides realistic assumptions.
Internal Rate of Return ‐ The discount rate often used in capital budgeting that makes the net
present value of all cash flows from a particular project equal to zero. Generally speaking, the
19
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
higher a project's internal rate of return, the more desirable it is to undertake the project. As
such, IRR can be used to rank several prospective projects a firm is considering. Assuming all
other factors are equal among the various projects, the project with the highest IRR would
probably be considered the best and undertaken first.
Topic 10: Describe Various Taxation Schemes
Progressive (High‐income taxpayers pay a larger fraction of income) vs. Regressive tax (Low‐
income taxpayers pay a larger fraction of income)
Example of a regressive tax is a State sales tax.
In the distribution of liquidation proceeds for a bankrupt firm. Taxes payable is a priority claim.
Priority claims are paid in full before any liquidation proceeds are distributed to general
claimants or shareholders.
20
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016
Part 3 – Cheat Sheet
Summary of Key points to remember for the exam
Chapter B – Managerial Accounting
Contribution Margin (4) = Sales (30) – Variable Cost (26)
Breakeven Point (45,000) = Fixed Cost (180,000) / Contribution Margin (4)
Example: A company makes a product that sells for $30. During the coming year, fixed costs are
expected to be $180,000, and variable costs are estimated at $26 per unit. How many units must the
company sell in order to break even?
Topic 8 – Transfer Pricing
a. One department of an organization, Final Assembly, is purchasing subcomponents from another
department, Materials Fabrication. The price that Materials Fabrication will charge Final Assembly is to
be determined. Outside market prices for the subcomponents are available. Which of the following is
the most correct statement regarding a market‐based transfer price? Overall long‐term competitiveness
is enhanced with a market‐based transfer price.
Correct. Market‐based transfer prices provide market discipline. Inefficient internal suppliers will tend
to wither while efficient ones prosper, enhancing the overall long‐term competitiveness of the firm.
21
X:\2016 Jake Caburian\0 CIA Info\Part 3 Section 1‐7 Cheat Sheet minus 6 and 8 updated Dec 2016.docx
December 20, 2016