Which of the following would not be considered an effective implementation of the monitoring component of COSO’s updated Internal Control–Integrated Framework?
a. Internal audit periodically performs an evaluation of internal controls that have been documented and tested in prior years.
b. Management reviews current economic performance against expectations and investigates to determine causes of significant deviations from the expectations.
c. The company implements software that captures all instances in which the underlying program is designed to capture processed transactions that exceed company-authorized limits.
d. The company builds in edit checks to determine whether all purchases are made from authorized vendors.