Control environment: The control environment includes the governance and management functions and the attitudes, awareness, and actions of those charged with governance and management concerning the entities internal control and its importance in the entity.

Control activities: Control activities are the policies and procedures that help ensure that management directives are carried out.

Risk assessment: Risk assessment is the engagement of independent third party experts to assess the risk management processes and procedures in place in an organisation and to provide a written report on system deficiencies with appropriate recommendations

Information system: The information system relevant to financial reporting objectives, which includes the accounting system, consists of the procedures and records designed and established to initiate, record, process, and report entity transactions (as well as events and conditions) and to maintain accountability for the related assets, liabilities, and equity.