The PCAOB'sAuditing Standard No. 5 (AS5)outlines the process for "An Audit of Internal Control over Financial Reporting (ICFR) That Is Integrated with an Audit of Financial Statements."Paragraph 24of this document lists eight entity-level controls.Entity-level controls are comparable to the pervasive controls covered in this chapter.Match one of AS5's entity-level controls with a specific control plan below.

Entity-Level Controls from AS5

A. A report of all employees not taking required vacation days.

B. Report highlighting credit sales, returns, and allowances over the complete & entire reporting period, including 30 days after the close of a financial reporting period.

C. Program change controls.

D. Access control and monitoring software.

E. Supervision.

F. Development of a business interruption plan.

G. Use of control frameworks such as those provided by COSO and COBIT.

H. Budgetary controls.

Match:

1. Controls related to the control environment.

2. Controls over management override.

3. The company's risk assessment process.

4. Centralized processing and controls, including shared service environments.

5. Controls to monitor the results of operations.

6. Controls to monitor other controls, including activities of the internal audit function, the audit committee and self-assessment programs.

7. Controls over the period-end financial reporting process.

8. Policies that address significant business control and risk management practices.