|Index| Bookshop| Other Programs | Contact |
 

 

    

CIMA Main Page

The CIMA Syllabus

Certificate in Business Accounting

Professional qualification

Managerial level

Strategic level

Management Accounting Risk and Control Strategy

Management Accounting Business Strategy

Management Accounting Financial Strategy

TOPCIMA

How to study CIMA by Distance Learning

Transition Arrangements

Entry Requirements

Exemptions

 

Sitting Exams

Exam Centres

Exam Entry & Timetable

Frequently Asked Questions

Application Form

Contact CIMA

Student Area

 

Professional Qualification - Strategic level

Management Accounting Risk and Control Strategy

First examined in May 2005

Syllabus outline

The syllabus comprises:

Topic

Study weighting
A Management Control Systems
15%
B Risk and Internal Control
20%
C Review and Audit of Control Systems
15%
D Management of Financial Risk
30%
E Risk and Control in Information Systems
20%

Learning Aims

Students should be able to:

  • evaluate and advise on management and internal control systems for a range of risks,
  • plan a review process, including an internal audit, of such systems,
  • evaluate alternatives and advise on the management of financial risks,
  • advise on the development of information systems that support the risk control environment.

Assessment Strategy

There will be a written examination paper of three hours, with the following sections.

  • Section A - 50 marks
    A maximum of four compulsory questions, totalling 50 marks, all relating to a single scenario.
  • Section B – 50 marks
    Two questions, from a choice of four, each worth 25 marks. Short scenarios will be given, to which some or all questions relate.

Learning Outcomes and Syllabus Content

A - Management Control Systems - 15%

Learning outcomes

On completion of their studies students should be able to:

  • evaluate and recommend appropriate control systems for the management of organisations;
  • evaluate the control of activities and resources within the organisation;
  • recommend ways in which the problems associated with control systems can be avoided or solved;
  • evaluate the appropriateness of an organisation’s management accounting control systems and make recommendations for improvements.
Syllabus content
  • The ways in which systems are used to achieve control within the framework of the organisation (e.g. contracts of employment, policies and procedures, discipline and reward, reporting structures, performance appraisal and feedback).
  • The application of control systems and related theory to the design of management accounting control systems and information systems in general (i.e. control system components, primary and secondary feedback, positive and negative feedback, open- and closed-loop control).
  • Structure and operation of management accounting control systems (e.g. identification of appropriate responsibility and control centres within the organisation, performance target setting, avoiding unintended behavioural consequences of using management accounting controls);
  • Variation in control needs and systems dependent on organisational structure (e.g. extent of centralisation versus divisionalisation, management through strategic business units).
  • Assessing how lean the management accounting system is (e.g. extent of the need for detailed costing, overhead allocation and budgeting, identification of non-value adding activities in the accounting function).
  • Cost of quality applied to the management accounting function and "getting things right first time".

B - Risk and Internal Control - 20%

Learning outcomes

On completion of their studies students should be able to:

  • define and identify risks facing an organisation;
  • explain ways of measuring and assessing risks facing an organisation, including the organisation’s ability to bear such risks;
  • discuss the purposes and importance of internal control and risk management for an organisation;
  • evaluate risk management strategies;
  • evaluate the essential features of internal control systems for identifying, assessing and managing risks;
  • evaluate the costs and benefits of a particular internal control system;
  • discuss the principles of good corporate governance for listed companies, particularly as regards the need for internal controls.
Syllabus content
  • Types and sources of risk for business organisations: financial, commodity price, business (e.g. fraud, employee malfeasance, loss of product reputation), technological, external (e.g. economic and political), and corporate reputation (e.g. from environmental and social performance) risks.
  • Risks associated with international operations (e.g. from cultural variations and litigation risk, to loss of goods in transit and enhanced credit risk). (Note: No specific real country will be tested).
  • Quantification of risk exposures (impact if an adverse event occurs) and their expected values, taking account of likelihood.
  • Minimising the risk of fraud (e.g. fraud policy statements, effective recruitment policies and good internal controls, such as approval procedures and separation of functions, especially over procurement and cash).
  • Fraud related to sources of finance (e.g. advance fee fraud and pyramid schemes).
  • Minimising political risk (e.g. by gaining government funding, joint ventures, local finance).
  • The principle of diversifying risk. (Note: Numerical questions will not be set.)
  • Purposes of internal control (e.g. safeguarding of shareholders’ investment and company assets, facilitation of operational effectiveness and efficiency, contribution to the reliability of reporting).
  • Issues to be addressed in defining management’s risk policy.
  • Elements in internal control systems (e.g. control activities, information and communication processes, processes for ensuring continued effectiveness etc.).
  • Operational features of internal control systems (e.g. embedding in company’s operations, responsiveness to evolving risks, timely reporting to management).
  • The pervasive nature of internal control and the need for employee training.
  • Costs and benefits of maintaining the internal control system.
  • The principles of good corporate governance for listed companies (the Combined Code) (e.g. separation of chairman and CEO roles, appointment of non-executive directors, transparency of directors’ remuneration policy, relations with shareholders, the audit committee). Examples of recommended good practice may include The King Report on Corporate Governance for South Africa, Sarbanes-Oxley Act in the USA, The Smith and Higgs Reports in the UK, etc).
  • Recommendations for internal control (e.g. The Turnbull Report).

C - Review and Audit of Control Systems - 15%

Learning outcomes

On completion of their studies students should be able to:

  • explain the importance of management review of controls;
  • evaluate the process of internal audit;
  • produce a plan for the audit of various organisational activities including management, accounting and information systems;
  • analyse problems associated with the audit of activities and systems, and recommend action to avoid or solve those problems;
  • recommend action to improve the efficiency, effectiveness and control of activities;
  • discuss the principles of good corporate governance for listed companies, for conducting reviews of internal controls and reporting on compliance;
  • discuss the importance of exercising ethical principles in conducting and reporting on internal reviews.
Syllabus content
  • The process of review (e.g. regular reporting to management on the effectiveness of internal controls over significant risks) and audit of internal controls.
  • Major tools available to assist with such a process (e.g. audit planning, documenting systems, internal control questionnaires, sampling and testing).
  • Detection and investigation of fraud.
  • Role of the internal auditor and relationship of the internal audit to the external audit.
  • Operation of internal audit, the assessment of audit risk and the process of analytical review, including different types of benchmarking, their use and limitations.
  • The principles of good corporate governance for listed companies, for the review of the internal control system and reporting on compliance.
  • Relationship of the above to other forms of audit (e.g. value-for-money audit, management audit, social and environmental audit).
  • Particular relevance of the fundamental principles in CIMA’s Ethical Guidelines to the conduct of an impartial and effective review of internal controls.
  • Application of CIMA’s Ethical Guidelines on the resolution of ethical conflicts in the context of discoveries made in the course of internal review.

D - Management of Financial Risk - 30%

Learning outcomes

On completion of their studies students should be able to:

  • identify and evaluate financial risks facing an organisation;
  • identify and evaluate appropriate methods for managing financial risks;
  • evaluate the effects of alternative methods of risk management and make recommendations accordingly;
  • calculate the impact of differential inflation rates on forecast exchange rates;
  • explain exchange rate theory;
  • recommend currency risk management strategies.
Syllabus content
  • Sources of financial risk, including those associated with international operations (e.g. hedging of foreign investment value) and trading (e.g. purchase prices and sales values).
  • Transaction, translation, economic and political risk.
  • Minimising political risk (e.g. gaining government funding, joint ventures, obtaining local finance).
  • Quantification of risk exposures and their expected values.
  • Operation and features of the more common instruments for managing interest rate risk: swaps, forward rate agreements, futures and options. (Note: Numerical questions will not be set involving FRA’s, futures or options. See the note below relating to the Black Scholes model.)
  • Illustration and interpretation of simple graphs depicting cap, collar and floor interest rate options.
  • Theory and forecasting of exchange rates (e.g. interest rate parity, purchasing power parity and the Fisher effect).
  • Operation and features of the more common instruments for managing currency risk: swaps, forward contracts, money market hedges, futures and options. (Note: The Black Scholes option pricing model will not be tested numerically, however, an understanding of the variables which will influence the value of an option should be appreciated.)
  • Principles of valuation of financial instruments for management and financial reporting purposes (IAS 39), and controls to ensure that the appropriate accounting method is applied to a given instrument.
  • Internal hedging techniques (e.g. netting and matching).

E - Risk and Control in Information Systems - 20%

Learning outcomes

On completion of their studies students should be able to:

  • evaluate and advise managers on the development of IM, IS and IT strategies that support management and internal control requirements;
  • identify and evaluate IS/IT systems appropriate to an organisation’s needs for operational and control information;
  • evaluate benefits and risks in the structuring and organisation of the IS/IT function and its integration with the rest of the business;
  • evaluate and recommend improvements to the control of information systems;
  • evaluate specific problems and opportunities associated with the audit and control of systems which use information technology.
Syllabus content
  • The importance and characteristics of information for organisations and the use of cost-benefit analysis to assess its value.
  • The purpose and content of IM, IS and IT strategies, and their role in performance management and internal control.
  • Data collection and IT systems that deliver information to different levels in the organisation (e.g. transaction processing, decision support and executive informative systems).
  • The potential ways of organising the IT function (e.g. the use of steering committees, support centres for advice and help desk facilities, end user participation).
  • The arguments for and against outsourcing.
  • The criteria for selecting outsourcing/Facilities Management partners and for managing ongoing relationships, service level agreements, discontinuation/change of supplier, hand-over considerations.
  • Methods for securing systems and data back-up in case of systems failure and/or data loss.
  • Minimising the risk of computer-based fraud (e.g., access restriction, password protection, access logging and automatic generation of audit trail).
  • Risks in IS/IT systems: erroneous input, unauthorised usage, imported virus infection, unlicensed use of software, theft, corruption of software.
  • Risks and benefits of Internet and Intranet use by an organisation.
  • Controls which can be designed into an information system, particularly one using information technology (e.g. security, integrity and contingency controls).
  • Control and audit of systems development and implementation.
  • Techniques available to assist audit in a computerised environment (computer-assisted audit techniques e.g. audit interrogation software).