Answer:
Company: XYZ Corporation
Preventive Control:
One preventive control for XYZ Corporation is to implement a segregation of duties policy, where different individuals are responsible for different tasks. This ensures that employees have little control over a particular area to reduce the risk of fraud or errors. For example, the employee who is responsible for processing payroll is not approve time cards or change pay rates.
Detective Control:
A detective control for XYZ Corporation is to conduct periodic audits of financial transactions. This helps identify any unusual or suspicious activity, such as unauthorized disbursements or purchases. For example, a forensic audit is conducted to identify potential fraudulent transactions.
Corrective Control:
A corrective control for XYZ Corporation is to establish a robust internal reporting system that allows employees to report any concerns about potential issues in the company. This enables prompt investigation of any issues that may arise. For example, employees are provided with a hotline or an online reporting system allowing them to report issues anonymously.
Enterprise risk management (ERM) influences the internal controls by providing a framework for identifying and assessing risks across the organization. ERM encourages the company to evaluate all risks, including those related to financial reporting, compliance, and strategic objectives. It helps the company identify the most critical risks and develop appropriate internal controls to mitigate those risks.
In addition, ERM promotes a culture of risk management throughout the organization, where employees can report any risks or issues they observe. This helps ensure that the internal controls are effective and are being followed by all employees. ERM also encourages regular monitoring and testing of the internal controls to ensure that they are functioning as intended and are meeting the company's risk management objectives.
Step-by-step explanation: