Control Activities（Internal controlのComponents） -リスク緩和の統制活動- USCPA

Internal control 、内部統制。

その国際的な標準フレームワークが COSO の Framework 。

COSO の Internal control framework

POINT

・Internal control の Risk を Acceptable level にまで下げるために、Control activities の Selection や Development を行う

Control Activities

統制活動。Internal control の Framework である COSO の Components のひとつ。　

Internal control の The achievement of objective の Risk に Address するために、Policies と Procedures を Establish し、Control activities を Develop する。

Internal control の 17 principles のうち10から12が Control activities の Principles。

The organization selects and develops control activities that contribute to the mitigation of risks to the achievement of objectives to acceptable levels.
The organization selects and develops general control activities over technology to support the achievement of objectives.
The organization deploys control activities through policies that establish what is expected and procedures that put policies into action.

Internal control の The achievement of objective の Risk を、 Acceptable levels に下げるために、Control activities の Selection と Development を行う。

Internal control の The achievement of objective を Support する Technology の General control activities の Selection と Development を行う。

Technology の General control と Business process での利用との Dependency を Determine
Technology infrastructure に関する Control activities を Establish
Security management process に関する Control activities を Establish
Relevant technology の Acquisition、Development、Maintenance process に関する Control activities を Establish

Policies と Procedures を通じて Control activities の Deployment（配備）を行う。

Management の Directives を Deploy させるために Policies と Procedures を Establish
Policies と Procedures を Execute させるために Responsibility と Accountability を Establish
Timely manner に Perform
Corrective action
Competent personnel による Perform
Policies と Procedures を Reassess

主な Control activities

Business processes と Transactions の Routine controls が含まれる。

Post Views: 14