Acct 310 Internal Control

advertisement
Internal Control
COSO’s Framework
Committee of Sponsoring
Organizations
• 1992 issued a white paper on
internal control
• Since this time, this framework
has been incorporated into US
auditing standards
Internal control that provides
reasonable assurance regarding
achievement of objectives in the
following categories.
• Effective and efficient operations
• Reliable financial reporting
• Compliance with applicable laws
and regulations
Components of Internal Control
•
•
•
•
•
Control Environment
Risk Assessment
Control Activities
Information and Communication
Monitoring
Control Environment
• Integrity and ethical values
• Commitment to competence
• Participation of board of directors or
audit committee
• Management’s philosophy and
operating style
• Organizational structure
• Assignment of authority and
responsibilities
• Human resource policies and practices
Risk Assessment
• Changes may occur in the operating
environment
• New personnel may become involved
• Information systems may change
• Rapid growth
• New technologies
• New products or services
• Restructuring
• Foreign operations
• New accounting pronouncements
Control Activities
•
•
•
•
•
•
Segregation of duties
Proper authorization
Assets safeguarded
Compare actual to books
Employees of integrity
Record properly and on a timely
basis
Information and Communication
• Identify and record all valid
transactions
• Provide timely description of
transactions
• Properly measure transactions
• Record transactions in a timely
manner
Monitoring
Assess controls on a timely basis
and make modifications when
appropriate.
Use internal auditors to review
Test controls
Other factors to consider
•
•
•
•
Size of organization
Ownership characteristics
Nature of business
Diversity and complexity of
activities
• Data processing methods
• Legal and regulatory environment
of the business
Under Sarbanes Oxley Act
• CEO and CFO certification
• Internal control report
• Document system so others can
review
• SEC will review every 3 years
CEO, CFO Certification
• Explicitly must evaluate and report
on effectiveness of internal control
• Disclose to audit committee any
material deficiencies in financial
controls
• Report any changes in IC
• Report any corrective actions
CEO, CFO Report
• Assess effectiveness within 90
days of filing dates
• Design disclosure controls and
procedures
“ ..are intended to cover a broader range of
information than is covered by internal
controls related to financial reporting..
They are intended to ensure that an
issuer maintains commensurate
procedures for gathering, analyzing and
disclosing all information that is required
to be disclosed…”
Internal Control Report
• A part of annual report
• Management responsible for
internal control
• States a conclusion on the
effectiveness of IC
• External auditor has to attest to
company’s internal control under
PCAOB rules
Download