SlideShare ist ein Scribd-Unternehmen logo

Control Frameworks, Internal Audit, 404

T
travismd
BusinessTechnologie
1 von 3
The leading resource on corporate compliance and governance for U.S. public companies. Control Frameworks, Internal Audit, 404 By Compliance Week — February 13, 2007 At the request of subscribers, Compliance Week offers a Remediation Center, in which readers can submit questions—anonymously—to securities and accounting experts. Compliance Week’s editors will review all questions and then submit them— confidentially, of course—to specialists who can address the issues. The questions and responses will then be reprinted in a future edition of Compliance Week. Below is one of the Q&As: ABOUT THE EXPERT Travis Drouin, CPA, CIA is a partner with Moody, Famiglietti & Andronico. With extensive audit and consulting experience, Drouin oversees all of MFA’s Sarbanes-Oxley readiness projects for companies of all sizes, from accelerated filers to privately held, pre-IPO companies. Drouin Drouin also conducts internal control audits, performs financial due diligence for buy- and sell-side M&A transactions, and oversees the audit process of privately held clients in a number of industries including high technology and life sciences. He has been practicing public accounting for almost 15 years. Prior to joining the MFA team in 2001, Drouin applied his financial, operational, and technology expertise as the vice president of information systems at Bessemer Venture Partners, one of the country’s most respected venture capital firms. Drouin can be reached via email at tdrouin@mfa-cpa.com or at (978) 688-7300. QUESTION 1 How do you reconcile internal auditing being a necessary part of the control framework, when Section 404 testing performed by internal audit clearly could not be part of the control framework? That is, how can testing your control framework be part of your control framework? ANSWER 1 Travis Drouin—This question is best answered by first agreeing on what the internal audit function is within an organization. Internal auditing has existed since long before the advent of the Sarbanes-Oxley Act, and therefore should not be confused with compliance under Section 404 of SOX or the COSO framework. It might help to compare the IA function to other functional areas within an organization, such as human resources. The HR department exists to mitigate risk exposures within an organization, and serves a necessary management function within the company. The company’s management team Compliance Week can be found at http://www.complianceweek.com. Call (888) 519-9200 for more information.
and board rely on the functional areas of the business—such as human resources—to execute in a manner that promotes efficiency, mitigates risk, and contributes to the company’s strategic goals and objectives. In this regard, the IA function is no different than any other functional area of an organization. All functional areas of a company are inherently a part of the COSO control framework. The framework, however, does not state that internal audit is a necessary part of the control framework; it does require that management implement controls to test and monitor the effectiveness of the control environment. This could be accomplished in a number of ways, and the establishment of an IA function is only one of them. The IA function acts as a control environment mechanism to assuage an organization’s risk profile and to provide management with independent statistics on the effectiveness of its critical functions. Assuming that the IA function is established along the lines of good practices, and subscribes to standard protocols, it can independently test each functional area (except itself) to ensure that that function is performing well and executing its responsibilities. It is the board’s responsibility to assess the effectiveness of the IA function, and facilitate the internal management assessment process. QUESTION 2 If these are two distinct efforts, and internal audit’s Section 404 testing was found to be inadequate, shouldn’t that inadequacy then be judged as a possible impairment in management’s ability to assess controls—and, consequently, perhaps result in an unfavorable Section 404 opinion, rather than a possible material weakness required to be disclosed under Section 404? ANSWER 2 Drouin—It is important to preface this response by noting that the Securities and Exchange Commission’s recently proposed guidance in December 2006 will eliminate the auditor’s Section 404 reporting requirements relative to management’s assessment process. Still, until that happens, we will proceed under the rules that exist today. Your question implies that an outside party such as the company’s external auditor will assess the internal audit department’s Section 404 testing process, and may deem such testing to be inadequate and an impairment to management’s control evaluation process. It is management’s responsibility to ensure that the necessary 404 testing is performed to support its assessment of the company’s internal controls over financial reporting, and adequacy of such testing is arguably a matter of professional judgment. One might argue that an affirmation of an organization’s internal controls over financial reporting by way of management’s Section 404 assessment, by definition, implies that management’s 404 testing was deemed adequate by the company’s management team. It is incumbent upon the external auditor to argue that management’s internal 404 testing process, whether or not performed by the internal auditors, is insufficient, resulting in a possible material weakness disclosure. Without a specific fact pattern, covering all possible scenarios is difficult. However, consider this hypothetical fact pattern: A company assesses certain financial reporting Compliance Week can be found at http://www.complianceweek.com. Call (888) 519-9200 for more information.
controls as low-risk areas and performs limited or no testing of such areas. The external auditor then performs its audit procedures and deems one of those management-assessed low-risk areas as a high-risk audit consideration. The external auditor might then argue that management’s ability to assess its internal controls over financial reporting is inadequate. But if the risk assessment is well documented and takes into account all relevant facts and considerations, one might argue that management’s ability to assess its own internal controls is not inadequate, and the external auditor should consider its own test results of that area before deciding whether management’s assessment and testing process may lead to a material weakness disclosure. QUESTION 3 Paragraph 140 of Auditing Standard No. 2 states that the lack of an effective internal audit function or risk assessment function generally should be regarded as at least a significant deficiency. But if internal audit’s main function is 404 testing, and if you make a distinction between internal audit testing and 404 testing, then, in effect, there is no internal audit function—and if there is also no formal risk assessment function, then does a significant deficiency or worse exist by default? ANSWER 3 Your question assumes that an internal audit department that exists solely to facilitate Section 404 testing is not deemed to be an effective internal audit function, as considered in paragraph 140 of AS2. However, Paragraph 140 states, in part: The following “should be regarded as at least a significant deficiency and as a strong indicator that a material weakness in internal control over financial reporting exists: The internal audit function or the risk assessment function is ineffective at a company for which such a function needs to be effective for the company to have an effective monitoring or risk assessment component, such as for very large or highly complex companies.” A company’s audit committee can selectively direct the efforts of the internal audit function. As such, it may deem steering those efforts towards Section 404 compliance to be in the company’s best interests. One can certainly argue that the IA function exists; as to its effectiveness, and how much the organization depends on the IA function for effective monitoring of internal controls over financial reporting, that may still be a matter of debate depending on your fact pattern. Compliance Week provides general information only and does not constitute legal or financial guidance or advice. Compliance Week can be found at http://www.complianceweek.com. Call (888) 519-9200 for more information.

Empfohlen

External control in organization (corporate governance)
External control in organization (corporate governance)External control in organization (corporate governance)
External control in organization (corporate governance)Raja Matridi Aeksalo
 
Stock Based Compensation
Stock Based CompensationStock Based Compensation
Stock Based Compensationtravismd
 
Social Media Presentation To Spc
Social Media Presentation To SpcSocial Media Presentation To Spc
Social Media Presentation To Spctravismd
 
Preparing For IFRS - An Update
Preparing For IFRS - An UpdatePreparing For IFRS - An Update
Preparing For IFRS - An Updatetravismd
 
FMA of NH May 19, 2009
FMA of NH May 19, 2009FMA of NH May 19, 2009
FMA of NH May 19, 2009travismd
 
MA Privacy Law
MA Privacy LawMA Privacy Law
MA Privacy Lawtravismd
 
The Power of Networking
The Power of NetworkingThe Power of Networking
The Power of Networkingtravismd
 
FMA of NH: Safeguarding Cash
FMA of NH: Safeguarding CashFMA of NH: Safeguarding Cash
FMA of NH: Safeguarding Cashtravismd
 

Empfohlen

External control in organization (corporate governance)
External control in organization (corporate governance)External control in organization (corporate governance)
External control in organization (corporate governance)Raja Matridi Aeksalo
 
Stock Based Compensation
Stock Based CompensationStock Based Compensation
Stock Based Compensationtravismd
 
Social Media Presentation To Spc
Social Media Presentation To SpcSocial Media Presentation To Spc
Social Media Presentation To Spctravismd
 
Preparing For IFRS - An Update
Preparing For IFRS - An UpdatePreparing For IFRS - An Update
Preparing For IFRS - An Updatetravismd
 
FMA of NH May 19, 2009
FMA of NH May 19, 2009FMA of NH May 19, 2009
FMA of NH May 19, 2009travismd
 
MA Privacy Law
MA Privacy LawMA Privacy Law
MA Privacy Lawtravismd
 
The Power of Networking
The Power of NetworkingThe Power of Networking
The Power of Networkingtravismd
 
FMA of NH: Safeguarding Cash
FMA of NH: Safeguarding CashFMA of NH: Safeguarding Cash
FMA of NH: Safeguarding Cashtravismd
 
APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
Corporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information TechnologyCorporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information TechnologyData Analytics Company - 47Billion Inc.
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024Adnet Communications
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 
Financial-Statement-Analysis-of-Coca-cola-Company.pptx
Financial-Statement-Analysis-of-Coca-cola-Company.pptxFinancial-Statement-Analysis-of-Coca-cola-Company.pptx
Financial-Statement-Analysis-of-Coca-cola-Company.pptxsaniyaimamuddin
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessSeta Wicaksana
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Pereraictsugar
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckHajeJanKamps
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCRashishs7044
 
Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesKeppelCorporation
 
Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Americas Got Grants
 
8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCRashishs7044
 
Call Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North GoaCall Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North GoaCall girls in Goa, +91 9319373153 Escort Service in North Goa
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...ictsugar
 
Chapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditChapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditNhtLNguyn9
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy Verified Accounts
 
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCREnjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCRStunning ➥8448380779▻ Call Girls In Hauz Khas Delhi NCR
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
Marketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent ChirchirMarketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent Chirchirictsugar
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxmbikashkanyari
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 

Weitere ähnliche Inhalte

Kürzlich hochgeladen

APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfRbc Rbcua
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024Adnet Communications
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfKhaled Al Awadi
 
Financial-Statement-Analysis-of-Coca-cola-Company.pptx
Financial-Statement-Analysis-of-Coca-cola-Company.pptxFinancial-Statement-Analysis-of-Coca-cola-Company.pptx
Financial-Statement-Analysis-of-Coca-cola-Company.pptxsaniyaimamuddin
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessSeta Wicaksana
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Pereraictsugar
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckHajeJanKamps
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCRashishs7044
 
Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesKeppelCorporation
 
Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Americas Got Grants
 
8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCRashishs7044
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...ictsugar
 
Chapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditChapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditNhtLNguyn9
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy Verified Accounts
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
Marketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent ChirchirMarketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent Chirchirictsugar
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxmbikashkanyari
 

Kürzlich hochgeladen (20)

APRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdfAPRIL2024_UKRAINE_xml_0000000000000 .pdf
APRIL2024_UKRAINE_xml_0000000000000 .pdf
 
Corporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information TechnologyCorporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information Technology
 
TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024TriStar Gold Corporate Presentation - April 2024
TriStar Gold Corporate Presentation - April 2024
 
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdfNewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
NewBase 19 April 2024 Energy News issue - 1717 by Khaled Al Awadi.pdf
 
Financial-Statement-Analysis-of-Coca-cola-Company.pptx
Financial-Statement-Analysis-of-Coca-cola-Company.pptxFinancial-Statement-Analysis-of-Coca-cola-Company.pptx
Financial-Statement-Analysis-of-Coca-cola-Company.pptx
 
Organizational Structure Running A Successful Business
Organizational Structure Running A Successful BusinessOrganizational Structure Running A Successful Business
Organizational Structure Running A Successful Business
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Perera
 
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deckPitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
Pitch Deck Teardown: Geodesic.Life's $500k Pre-seed deck
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
 
Annual General Meeting Presentation Slides
Annual General Meeting Presentation SlidesAnnual General Meeting Presentation Slides
Annual General Meeting Presentation Slides
 
Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...Church Building Grants To Assist With New Construction, Additions, And Restor...
Church Building Grants To Assist With New Construction, Additions, And Restor...
 
8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR
 
Call Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North GoaCall Us ➥9319373153▻Call Girls In North Goa
Call Us ➥9319373153▻Call Girls In North Goa
 
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
Global Scenario On Sustainable and Resilient Coconut Industry by Dr. Jelfina...
 
Chapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditChapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal audit
 
Buy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail AccountsBuy gmail accounts.pdf Buy Old Gmail Accounts
Buy gmail accounts.pdf Buy Old Gmail Accounts
 
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCREnjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
Marketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent ChirchirMarketplace and Quality Assurance Presentation - Vincent Chirchir
Marketplace and Quality Assurance Presentation - Vincent Chirchir
 
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptxThe-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
The-Ethical-issues-ghhhhhhhhjof-Byjus.pptx
 

Empfohlen

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by HubspotMarius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTExpeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsPixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summarySpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesVit Horky
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project managementMindGenius
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36
 

Empfohlen (20)

2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 
Time Management & Productivity - Best Practices
Time Management & Productivity - Best PracticesTime Management & Productivity - Best Practices
Time Management & Productivity - Best Practices
 
The six step guide to practical project management
The six step guide to practical project managementThe six step guide to practical project management
The six step guide to practical project management
 
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...
 

Control Frameworks, Internal Audit, 404

  • 1. The leading resource on corporate compliance and governance for U.S. public companies. Control Frameworks, Internal Audit, 404 By Compliance Week — February 13, 2007 At the request of subscribers, Compliance Week offers a Remediation Center, in which readers can submit questions—anonymously—to securities and accounting experts. Compliance Week’s editors will review all questions and then submit them— confidentially, of course—to specialists who can address the issues. The questions and responses will then be reprinted in a future edition of Compliance Week. Below is one of the Q&As: ABOUT THE EXPERT Travis Drouin, CPA, CIA is a partner with Moody, Famiglietti & Andronico. With extensive audit and consulting experience, Drouin oversees all of MFA’s Sarbanes-Oxley readiness projects for companies of all sizes, from accelerated filers to privately held, pre-IPO companies. Drouin Drouin also conducts internal control audits, performs financial due diligence for buy- and sell-side M&A transactions, and oversees the audit process of privately held clients in a number of industries including high technology and life sciences. He has been practicing public accounting for almost 15 years. Prior to joining the MFA team in 2001, Drouin applied his financial, operational, and technology expertise as the vice president of information systems at Bessemer Venture Partners, one of the country’s most respected venture capital firms. Drouin can be reached via email at tdrouin@mfa-cpa.com or at (978) 688-7300. QUESTION 1 How do you reconcile internal auditing being a necessary part of the control framework, when Section 404 testing performed by internal audit clearly could not be part of the control framework? That is, how can testing your control framework be part of your control framework? ANSWER 1 Travis Drouin—This question is best answered by first agreeing on what the internal audit function is within an organization. Internal auditing has existed since long before the advent of the Sarbanes-Oxley Act, and therefore should not be confused with compliance under Section 404 of SOX or the COSO framework. It might help to compare the IA function to other functional areas within an organization, such as human resources. The HR department exists to mitigate risk exposures within an organization, and serves a necessary management function within the company. The company’s management team Compliance Week can be found at http://www.complianceweek.com. Call (888) 519-9200 for more information.
  • 2. and board rely on the functional areas of the business—such as human resources—to execute in a manner that promotes efficiency, mitigates risk, and contributes to the company’s strategic goals and objectives. In this regard, the IA function is no different than any other functional area of an organization. All functional areas of a company are inherently a part of the COSO control framework. The framework, however, does not state that internal audit is a necessary part of the control framework; it does require that management implement controls to test and monitor the effectiveness of the control environment. This could be accomplished in a number of ways, and the establishment of an IA function is only one of them. The IA function acts as a control environment mechanism to assuage an organization’s risk profile and to provide management with independent statistics on the effectiveness of its critical functions. Assuming that the IA function is established along the lines of good practices, and subscribes to standard protocols, it can independently test each functional area (except itself) to ensure that that function is performing well and executing its responsibilities. It is the board’s responsibility to assess the effectiveness of the IA function, and facilitate the internal management assessment process. QUESTION 2 If these are two distinct efforts, and internal audit’s Section 404 testing was found to be inadequate, shouldn’t that inadequacy then be judged as a possible impairment in management’s ability to assess controls—and, consequently, perhaps result in an unfavorable Section 404 opinion, rather than a possible material weakness required to be disclosed under Section 404? ANSWER 2 Drouin—It is important to preface this response by noting that the Securities and Exchange Commission’s recently proposed guidance in December 2006 will eliminate the auditor’s Section 404 reporting requirements relative to management’s assessment process. Still, until that happens, we will proceed under the rules that exist today. Your question implies that an outside party such as the company’s external auditor will assess the internal audit department’s Section 404 testing process, and may deem such testing to be inadequate and an impairment to management’s control evaluation process. It is management’s responsibility to ensure that the necessary 404 testing is performed to support its assessment of the company’s internal controls over financial reporting, and adequacy of such testing is arguably a matter of professional judgment. One might argue that an affirmation of an organization’s internal controls over financial reporting by way of management’s Section 404 assessment, by definition, implies that management’s 404 testing was deemed adequate by the company’s management team. It is incumbent upon the external auditor to argue that management’s internal 404 testing process, whether or not performed by the internal auditors, is insufficient, resulting in a possible material weakness disclosure. Without a specific fact pattern, covering all possible scenarios is difficult. However, consider this hypothetical fact pattern: A company assesses certain financial reporting Compliance Week can be found at http://www.complianceweek.com. Call (888) 519-9200 for more information.
  • 3. controls as low-risk areas and performs limited or no testing of such areas. The external auditor then performs its audit procedures and deems one of those management-assessed low-risk areas as a high-risk audit consideration. The external auditor might then argue that management’s ability to assess its internal controls over financial reporting is inadequate. But if the risk assessment is well documented and takes into account all relevant facts and considerations, one might argue that management’s ability to assess its own internal controls is not inadequate, and the external auditor should consider its own test results of that area before deciding whether management’s assessment and testing process may lead to a material weakness disclosure. QUESTION 3 Paragraph 140 of Auditing Standard No. 2 states that the lack of an effective internal audit function or risk assessment function generally should be regarded as at least a significant deficiency. But if internal audit’s main function is 404 testing, and if you make a distinction between internal audit testing and 404 testing, then, in effect, there is no internal audit function—and if there is also no formal risk assessment function, then does a significant deficiency or worse exist by default? ANSWER 3 Your question assumes that an internal audit department that exists solely to facilitate Section 404 testing is not deemed to be an effective internal audit function, as considered in paragraph 140 of AS2. However, Paragraph 140 states, in part: The following “should be regarded as at least a significant deficiency and as a strong indicator that a material weakness in internal control over financial reporting exists: The internal audit function or the risk assessment function is ineffective at a company for which such a function needs to be effective for the company to have an effective monitoring or risk assessment component, such as for very large or highly complex companies.” A company’s audit committee can selectively direct the efforts of the internal audit function. As such, it may deem steering those efforts towards Section 404 compliance to be in the company’s best interests. One can certainly argue that the IA function exists; as to its effectiveness, and how much the organization depends on the IA function for effective monitoring of internal controls over financial reporting, that may still be a matter of debate depending on your fact pattern. Compliance Week provides general information only and does not constitute legal or financial guidance or advice. Compliance Week can be found at http://www.complianceweek.com. Call (888) 519-9200 for more information.