Mf0004 Internal Audit

MF0004 INTERNAL AUDIT & CONTROL ASSIGNMENT NAME ROLL NUMBER COURSE NAME BATCH LEARNING CENTRE LC CODE
SUBJECT : : : : : : : VINOD KURIEN 540911381 MBA 3 SEM OCTOBER 2009. AL HIKMA IAGS RAK FZE 02541
MF0004 INTERNAL AUDIT & CONTROL
ASSIGNMENT NO.
MF0001 SECURITY ANALYSIS
Page 1 of 21
SECURITY ANALYSIS & PROTFOLIO MNGMNT. ASSIGNMENT- set 1 MBA 3 SEMESTER ROLL NO. : 540911381 VINOD KURIEN
Q.1 Discuss Is Auditing is a luxury

Ans: The general definition of an audit is an evaluation of a person, organization, system, process, enterprise, project or product. The term most commonly refers to audits in accounting, but similar concepts also exist in project management, quality management, and energy conservation. Auditing is actually a part of Accounting. It is a specialized area that deals with the examination and review of the accounting records mainly, to find out the effectiveness of the accounting internal control systems and procedures and also, management policies and practices. In short not only finding errors and fraud, but to effectively assist management to avoid or reduce such occurrences. We have internal auditors (co. employees ) and external auditors ( generally CPA's ) with the objective of forming an independent opinion as to the fairness, and consistency of the Statements of operation and condition of the company. Based on above informations, we can therefore conclude that Accounting, with Auditing systems is necessary in business and guides management in the effective implementation of its policies and procedures for the success of the company. Accounting is the language of business used to display an entity's (person or company) financial status through various financial statements and analysis reports. Auditing is the evaluation of the above mentioned statements and reports within order to ensure that they are fair and no overstatements hold been made. Auditing is a "luxury" because it is with the sole purpose a "double-check" of sorts, making sure that the accounting has been done correctly and honestly. That's why only a few select people/companies will be audited each year... it is not needed and would consume way too much time and money if EVERYONE were to be audited. Ex. Fred owns a trunk company. An accountant goes through his records and creates different financial statements and reports exhibiting his worth, his assets, his profitability, etc. (this is the process of accounting) Then, these statements and reports are submitted to banks, referred to in import tax reports, handed out to shareholders, etc. SOMETIMES, after these decisions enjoy been made, an audit may be issued. If so, an auditor would contact Fred and ask for the records that his accountant used and ensure that his chronicles do not contradict what he reported on his statements and reports. Audits are performed to ascertain the validity and reliability of information; also to provide an assessment of a system's internal control. The goal of an audit is to express an opinion on the person / organization / system (etc) in question, under evaluation based on work done on a test basis. Due to practical constraints, an audit seeks to provide only reasonable assurance that the statements are free from material error. Hence, statistical sampling is often adopted in audits. In the case of financial audits, a set of financial statements are said to be true and fair when they are free of material misstatements - a concept influenced by both quantitative (numerical) and qualitative factors. Auditing is a vital part of accounting. Traditionally, audits were mainly associated with gaining information about financial systems and the financial records of a company or a business (see financial audit). However, recent auditing has begun to include non-financial subject areas, such as safety, security, information systems performance, and environmental concerns. With nonprofit organizations and government agencies, there has been an increasing need for performance audits, examining their success in satisfying mission objectives. As a result, there are now audit professionals who specialize in
Page 2 of 21
security audits, information systems audits, and environmental audits. In financial accounting, an audit is an independent assessment of the fairness by which a company's financial statements are presented by its management. It is performed by competent, independent and objective person(s) known as auditors or accountants, who then issue an auditor's report based on the results of the audit. In cost accounting, it is a process for verifying the cost of manufacturing or producing of any article, on the basis of accounts measuring the use of material, labour or other items of cost. In simple words the term, cost audit, means a systematic and accurate verification of the cost accounts and records, and checking for adherence to the cost accounting objectives. According to the Institute of Cost and Management Accountants of Pakistan, a cost audit is "an examination of cost accounting records and verification of facts to ascertain that the cost of the product has been arrived at, in accordance with principles of cost accounting."[1] An audit must adhere to generally accepted standards established by governing bodies. These standards assure third parties or external users that they can rely upon the auditor's opinion on the fairness of financial statements, or other subjects on which the auditor expresses an opinion. The Definition for Auditing and Assurance Standard (AAS) 1 by ICAI - "Auditing is the independent examination of financial information of any entity, whether profit oriented or not, and irrespective of its size or legal form, when such an examination is conducted with a view to expressing an opinion thereon." Integrated audits In the US, audits of publicly traded companies are governed by rules laid down by the Public Company Accounting Oversight Board (PCAOB), which was established by Section 404 of the Sarbanes-Oxley Act of 2002. Such an audit is called an integrated audit, where auditors, in addition to an opinion on the financial statements, must also express an opinion on the effectiveness of a company's internal control over financial reporting, in accordance with PCAOB Auditing Standard No. 5. There are also new types of integrated auditing becoming available that use unified compliance material (see the unified compliance section in Regulatory compliance). Due to the increasing number of regulations and need for operational transparency, organizations are adopting risk-based audits that can cover multiple regulations and standards from a single audit event. This is a very new but necessary approach in some sectors to ensure that all the necessary governance requirements can be met without duplicating effort from both audit and audit hosting resources Assessments The purpose of an assessment is to measure something or calculate a value for it. Although the process producing an assessment may involve an audit by an independent professional, its purpose is to provide a measurement rather than to express an opinion about the fairness of statements or quality of performance. As a general rule, audits should always be an independent evaluation that will include some degree of quantitative and qualitative analysis whereas an assessment infers a less independent and more consultative approach. Types of auditors Auditors of financial statements can be classified into two categories: External auditor / Statutory auditor is an independent Public accounting firm engaged by the client subject to the audit, to express an opinion on whether the company's financial statements are free of material misstatements, whether due to fraud or error. For publicly-traded companies, external
MF0004 INTERNAL AUDIT & CONTROL Page 3 of 21
auditors may also be required to express an opinion over the effectiveness of internal controls over financial reporting. External auditors may also be engaged to perform other agreed-upon procedures, related or unrelated to financial statements. Most importantly, external auditors, though engaged and paid by the company being audited, are regarded as independent auditors. The most used external audit standards are the US GAAS of the American Institute of Certified Public Accountants; and the ISA International Standards on Auditing developed by the International Auditing and Assurance Standards Board of the International Federation of Accountants Internal auditors are employed by the organization they audit. They perform various audit procedures, primarily related to procedures over the effectiveness of the company's internal controls over financial reporting. Due to the requirement of Section 404 of the Sarbanes Oxley Act of 2002 for management to also assess the effectiveness of their internal controls over financial reporting (as also required of the external auditor), internal auditors are utilized to make this assessment. Though internal auditors are not considered independent of the company they perform audit procedures for, internal auditors of publicly-traded companies are required to report directly to the board of directors, or a sub-committee of the board of directors, and not to management, so to reduce the risk that internal auditors will be pressured to produce favorable assessments. The most used Internal Audit standards are those of the Institute of Internal Auditors. Consultant auditors are external personnel contracted by the firm to perform an audit following the firm's auditing standards. This differs from the external auditor, who follows their own auditing standards. The level of independence is therefore somewhere between the internal auditor and the external auditor. The consultant auditor may work independently, or as part of the audit team that includes internal auditors. Consultant auditors are used when the firm lacks sufficient expertise to audit certain areas, or simply for staff augmentation when staff are not available. Quality auditors may be consultants or employed by the organization.
Q.2. What is the position of the Auditor in relation with Internal Control ?
Ans: In accounting and auditing, internal control is defined as a process effected by an organization's structure, work and authority flows, people and management information systems, designed to help the organization accomplish specific goals or objectives.[1] It is a means by which an organization's resources are directed, monitored, and measured. It plays an important role in preventing and detecting fraud and protecting the organization's resources, both physical (e.g., machinery and property) and intangible (e.g., reputation or intellectual property such as trademarks). At the organizational level, internal control objectives relate to the reliability of financial reporting, timely feedback on the achievement of operational or strategic goals, and compliance with laws and regulations. At the specific transaction level, internal control refers to the actions taken to achieve a specific objective (e.g., how to ensure the organization's payments to third parties are for valid services rendered.) Internal control procedures reduce process variation, leading to more predictable outcomes. Internal control is a key element of the Foreign Corrupt
Page 4 of 21
Practices Act (FCPA) of 1977 and the SarbanesOxley Act of 2002, which required improvements in internal control in United States public corporations. Internal controls within business entities are also referred to as operational controls. Role of auditor in internal control The internal auditors and external auditors of the organization also measure the effectiveness of internal control through their efforts. They assess whether the controls are properly designed, implemented and working effectively, and make recommendations on how to improve internal control. They may also review Information technology controls, which relate to the IT systems of the organization. There are laws and regulations on internal control related to financial reporting in a number of jurisdictions. In the U.S. these regulations are specifically established by Sections 404 and 302 of the Sarbanes-Oxley Act. Guidance on auditing these controls is specified in PCAOB Auditing Standard No. 5 and SEC guidance, further discussed in SOX 404 top-down risk assessment. To provide reasonable assurance that internal controls involved in the financial reporting process are effective, they are tested by the external auditor (the organization's public accountants), who are required to opine on the internal controls of the company and the reliability of its financial reporting. Internal auditing activity is primarily directed at improving internal control. Under the COSO Framework, internal control is broadly defined as a process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following internal control categories:
Effectiveness and efficiency of operations. Reliability of financial reporting. Compliance with laws and regulations.
Management is responsible for internal control. Managers establish policies and processes to help the organization achieve specific objectives in each of these categories. Internal auditors perform audits to evaluate whether the policies and processes are designed and operating effectively and provide recommendations for improvement. In the United States, internal auditors may assist management with compliance with the Sarbanes-Oxley Act (SOX). Relationship between Statutory Auditor and internal Auditor: The function of an internal auditor being an integral part of the system of internal control, it is obligatory for a statutory auditor to examine the scope, independence and effectiveness of the work carried out by the internal auditor. CARO, 2004 also requires the statutory auditor to comment on the internal audit system. Though the roles and primary objectives of internal and statutory audit differs, some of their means of achieving their respective objectives are similar. Thus, much of the work of the internal auditor may be useful to the statutory auditor in determining the nature, timing and extent of his audit procedures. Depending upon such evaluation, the statutory auditor may be able to adopt less extensive procedures. If the statutory auditor is satisfied on an examination of the work of the internal auditor, that the internal audit has been efficient and effective, he may accept the checking/evaluation carried out by the internal auditor in the area of internal control, verification of assets and liabilities etc. It must however be mentioned that the area of co-operation between the statutory and internal auditor is limited by the fact that both owe their allegiance to separate authorities, the shareholders in the case of statutory auditor and the management in the case of internal auditor. Internal auditor should check if there are any proper internal control is in place within the organization.
Page 5 of 21
This is a continous activity since the business environment changes. The internal controls varies for each department e.g. Procurement, sales, collections, payables, accounting, financial, recruitment etc. The auditor should review there are sufficient control in all the areas of the organization and if there are insufficient controls, the same needs to reported in the audit report. If the internal control is weak and affects the financial position of the organization then the auditor can qualify the report also.
Q.3. Write the Guidelines for internal check for Sales Counter ?
Ans: Internal Check is an arrangement of staff duties whereby no one person is allowed to carry through and record every aspect of transactions so that without collusion between two or more persons, fraud is prevented and at the same time the possibilities of errors is reduced to a minimum. Internal Check is a system or method introduced with defined instructions given to staff as to their sphere of work with a view to control and verification of their work and also maintenance of accurate records as the ultimate aim. To allocate duties and responsibilities to every clerk in such a way that he may be held responsible for a particular error or fraud. To minimise the possibilities of errors, frauds or irregularities. To detect errors or frauds if they are already committed by the clerks. To enhance the efficiency of clerks in a business. To distribute work in such a way that no business transaction is left unrecorded. To ensure that the accounts produce reliable and adequate information. To exercise moral pressure over staff Accounting procedure or physical control to safeguard assets against loss due to fraud or other irregularities. Internal check is an element of Internal Control. Weak internal check mechanisms mandate a greater degree of auditing procedures. An example of internal control is segregating the record keeping for an asset and its physical custody, such as in the case with inventory and cash. No one individual should have complete control over a transaction from beginning to end. Internal checks make it difficult for an employee to steal cash or other assets and concurrently cover up by entering corresponding amounts in the accounts. An example of internal check is the establishment of input and output controls within a data processing department. A group or person has the responsibility of checking control totals provided by the user department with those generated during the processing of the data. Examples of physical controls are guards and gates to restrict access. The internal audit committee is required to maintain a file which will include the following as evidence of the work: -
Copy of financial statements including the breakopen schedule, canteen gross schedule, and notes to the financial statements. Copy of the budget Copy of trial balance Copies of the December bank reconciliation for every bank account Accounts receivable listing that agrees to the financial statements Copy of inventory working paper that agrees to the financial statements
Page 6 of 21
Copy of working papers that shows prepaid expenses (including early bird per capita) that agrees to the financial statements Copy of accounts payable listing that agrees to the general ledger Copy of working paper that shows the deferred per capita that agrees to the general ledger Copy of PST reconciliation and GST reconciliation verification that the formulas were reviewed. This is key as GST changed this year to 6% Copy of wage reconciliation agreement to T4 Summary A copy of invoices of capital asset purchases with a copy of the general meeting minutes approving the purchase A copy of any renovation expenditures that totalled over $5,000 with a copy of the Branch Advisory approval.
Guidelines for Internal Check 1. Sufficient Staff The principle of internal check is sufficient staff. The employees can be appointed according to the workload. The management can determine the amount of work, which is distributes among the departments. The persons are hired to perform their duties. The overloading can creates trouble for management. 2. Division of Work Division of work is a principle of internal check. The management can determine the total amount of work. The whole work is divided among departments. The heads of such department are responsible for completion of work according to timetable. 3. Co-Ordination Coordination is a principle of internal check. All departmental managers are bound to coordinates with other in order to achieve organization objectives. When there is fault in one department, the work of other department suffers. The objectives cannot be achieved. Internal check determines the degree of coordination among the managers. 4. Rotation of Duties
Page 7 of 21
Rotation of duties is a principle of internal check. The workers feel bore by doing the same work from year to year. There is a need of rotation of duties. It is in the interest of concern as well as employees. The efficiency is improved due to changes is duties. 5. Recreation Leave The recreation leave is a principle of internal check. The employee can check recreation leave. It is necessary for mental health. He can commit fraud as the new employee in his place can disclosed teh matter. The internal check system can work in the interest of business. The weakness is of one person is disclosed due to leave. 6. Responsibility The responsibility is a principle of internal check. The employee can enjoy recreation leave. It is necessary for mental health. He can enjoy recreation leave. It is necessary for mental health. He cannot commit fraud as the new employee in his place can disclose the matter. There internal check system can work in the interest of business. The weakness in of one person is disclosed due to leave. 7. Automatic Machines The principles of internal check is that machines must be used to do accounting work if permissible. The machines can do a lot work without delay. The changes of fraud and error are reduced to a minimum. The working of machines improves efficiency of accounting staff. 8. Checking The principle of internal check is to check the work of other employees. Many persons perform the work. The officers can put his signatures to verify the work done by his subordinate. In this way one work passes many hands. The changes of error and fraud are minimized due to checking and counter checking. 9. Simple The principle of internal check is simples in working the employees can understand the working of internal check system. A person can work under the supervision of other employees. The line of authority moves from top to bottom level. All workers can understand their duties in the organization.
Page 8 of 21
10. Documents Classification The classification of documents is the principles of internal check. The business documents are prepared, collected, recorded and placed in proper files. The index is prepared to compile the data. The filing system is useful to place the latter. In case of need the documents are traced at once. 11. Dependent Work Dependent work is a principle of internal check. The work of one employee is dependent upon others. One work passes in the hand of two or three persons till it is complete. Another person checks the passes done by one person. No person is all in all to start and complete the transactions. 12. Harmony The principles of internal check are harmony among the employees and departments. The understanding is essential for business goals. The management is to achieve other social and national objectives. The harmony is basis for successful internal check.
Page 9 of 21
SET-2 Q1. Explain the meaning of flow chart. Explain different types of flow chart
Ans: A flowchart is a type of diagram, that represents an algorithm or process, showing the steps as boxes of various kinds, and their order by connecting these with arrows. This diagrammatic representation can give a step-by-step solution to a given problem. Data is represented in these boxes, and arrows connecting them represent flow / direction of flow of data. Flowcharts are used in analyzing, designing, documenting or managing a process or program in various fields.
A flow chart is a graphical or symbolic representation of a process. Each step in the process is represented by a different symbol and contains a short description of the process step. The flow chart symbols are linked together with arrows showing the process flow direction.
Examples
A simple flowchart for computing factorial N (10!)
Page 10 of 21
A flowchart for computing factorial N (10!) where N! = (1*2*3*4*5*6*7*8*9*10), see image. This flowchart represents a "loop and a half" a situation discussed in introductory programming textbooks that requires either a duplication of a component (to be both inside and outside the loop) or the component to be put inside a branch in the loop. (Note: Some textbooks recommend against this "loop and a half" since it is considered bad structure, instead a 'priming read' should be used and the loop should return back to the original question and not above it Uses Flowcharts are used in mapping computer algorithms. However, with computer advancement in the 1970s, physical flowcharts lost some significance because programming languages made the process easier. It is common for a business to use a flowchart in the development of new systems or software, but most often its via flowchart software. A good example is DrawAnywhere that can be used online without downloading software. You can also buy software such as Visio or SmartDraw, which offer more options. Types of Flow Chart Sterneckert (2003) suggested that flowcharts can be modelled from the perspective of different user groups (such as managers, system analysts and clerks) and that there are four general types: Document flowcharts, showing controls over a document-flow through a system A document flowchart traces the movement of a document, such as internal memos, payroll information and interoffice mail, through a system. The chart is columns that are divided by vertical lines. Each column represents a section, employee, department or unit in a company. The flowchart shows how a document passes from one part of the company to another. Usually, document flowcharts contain minimal detail, just the route the document takes from one place to another. Data flowcharts, showing controls over a data flows in a system A data flowchart illustrates how data pass through a system. Symbols connote operations involved in the flow of data and the storage, input and output materials needed to keep the flow going. This is a good way to track
Page 11 of 21
where data originates and where it ends up. Data flowcharts are more concerned with the movement of the data than how the data is processed. System flowcharts showing controls at a physical or resource level A system flowchart shows how an entire system works by demonstrating how data flows and what decisions are made to control this event. Symbols that connote decisions, processes, inputs and outputs and data flow are the most important elements of a system flowchart. These differ from data flowcharts because they show decisions, which are more detailed. System flowcharts are used in fields such instances as aircraft control, central heating and automatic washing machines. Program flowchart, showing the controls in a program within a system A program flowchart demonstrates how a program works within a system. These flowcharts show any and all user-interaction pathways by using boxes and arrows. These arrows and boxes form hierarchical menus. Program charts can be large and complex. However, they are useful for mapping an entire program. One example of program flowchart is storyboarding for a film. With all intentions mapped, people can see exactly how a program functions. Notice that every type of flowchart focuses on some kind of control, rather than on the particular flow itself. However there are several of these classifications. For example Andrew Veronis (1978) named three basic types of flowcharts: the system flowchart, the general flowchart, and the detailed flowchart.
That same year Marilyn Bohl (1978) stated "in practice, two kinds of flowcharts are used in solution planning:
system flowcharts and program flowcharts...". "Decision flowcharts, logic flowcharts, systems flowcharts, product flowcharts, and process flowcharts are just a few of the different types of flowcharts that are used in business and government".
More recently Mark A. Fryman (2001) stated that there are more differences:
Page 12 of 21
High-Level Flowchart A high-level (also called first-level or top-down) flowchart shows the major steps in a process. It illustrates a "birds-eye view" of a process, such as the example in the figure entitled High-Level Flowchart of Prenatal Care. It can also include the intermediate outputs of each step (the product or service produced), and the substeps involved. Such a flowchart offers a basic picture of the process and identifies the changes taking place within the process. It is significantly useful for identifying appropriate team members (those who are involved in the process) and for developing indicators for monitoring the process because of its focus on intermediate outputs. Most processes can be adequately portrayed in four or five boxes that represent the major steps or activities of the process. In fact, it is a good idea to use only a few boxes, because doing so forces one to consider the most important steps. Other steps are usually sub-steps of the more important ones. Detailed Flowchart The detailed flowchart provides a detailed picture of a process by mapping all of the steps and activities that occur in the process. This type of flowchart indicates the steps or activities of a process and includes such things as decision points, waiting periods, tasks that frequently must be redone (rework), and feedback loops. This type of flowchart is useful for examining areas of the process in detail and for looking for problems or areas of inefficiency. For example, the Detailed Flowchart of Patient Registration reveals the delays that result when the record clerk and clinical officer are not available to assist clients. Deployment or Matrix Flowchart A deployment flowchart maps out the process in terms of who is doing the steps. It is in the form of a matrix, showing the various participants and the flow of steps among these participants. It is chiefly useful in identifying who is providing inputs or services to whom, as well as areas where different people may be needlessly doing the same task. See the Deployment of Matrix Flowchart.
Q.2 What are the mandatory standards of ICAI ?

Ans: Types of Standards issued by ICAI Auditing and Assurance Standards issued by the ICAI include the following Standards: Auditing and Assurance Standards(AAS)
Statements on Auditing General Clarifications on AAS Guidance Notes Technical Guides Each of them has different scope and authority attached to them. Authority Attached to Standards Authority attached to AAS, Statements on Auditing and General Clarifications on AAS Auditing and Assurance Standards, Statements on Auditing and General Clarifications on AAS are mandatory in nature. AAS codify the existing best practices in the area of auditing. AASs are critical for the proper discharge of functions as auditor. Statements on Audit are issued for compliance by Members. General Clarifications to AAS are also issued in matters where doubts exist. Accordingly, while discharging their attest function, it will be the duty of the members of the ICAI to ensure that these are followed in the audit of financial information covered by their audit reports. The nature of these Standards requires members to exercise professional judgment in applying them, for example, a member may judge it necessary to depart from an essential procedure laid down in these Standards to achieve more effectively the objective of the engagement. If, for any reason, a member has not been able to perform an audit in accordance with such Standards, his report should draw attention to the material departures there from. Authority Attached to Guidance Notes Guidance Notes are designed primarily to provide guidance to members on matters which may arise in the course of their professional work and on which they may desire assistance in resolving issues which may pose difficulty. Guidance Notes are recommendatory in nature. A member should ordinarily follow recommendations in a Guidance Note except where he is satisfied that in the circumstances of the case, it may not be necessary to do so. If the recommendations in a Guidance Note have not been followed, the member should consider whether keeping in view the circumstances of the case, a disclosure in his report is necessary. Technical Guides, Studies and Other Papers Published by ASB AASB may also publish Technical Guides, Studies and Other papers. Technical Guides are ordinarily aimed at imparting broad knowledge about a particular aspect
Page 14 of 21
or an industry to the members. Studies and other papers are aimed at promoting discussion or debate or creating awareness on issues relating to quality control, auditing, assurance and related service, affecting the profession. They do not establish any basic principles or essential procedures to be followed in audit, assurance or related services engagements. CAS 1: Classifications of Costs CAS 2: Capacity Determination CAS 3: Overheads CAS 4: Cost of Production for Captive Consumption CAS 5: Determination of Average (Equalized) Cost of Transportation CAS 6: Material Cost shall be mandatory with effect from period commencing on or after 1st April 2010 for being applied for the preparation and certification of General Purpose Cost Accounting Statements. Since there is no statutory requirement for the application of such Cost Accounting Standards for the preparation and certification of Cost Accounting Statements, in case the cost accountant is of the opinion that the aforesaid standards have not been complied with for the preparation of the Cost Statements, it shall be his duty to make a suitable disclosure/qualification in his audit report/certificate
Q.3. What is SOX? Explain the main features of SOX.

Ans:
The SarbanesOxley Act of 2002, also known as the 'Public Company Accounting Reform and Investor Protection Act' (in the Senate) and 'Corporate and Auditing Accountability and Responsibility Act' (in the House) and commonly called SarbanesOxley, Sarbox or SOX, is a United States federal law enacted on July 30, 2002, which set new or enhanced standards for all U.S. public company boards, management and public accounting firms. It is named after sponsors U.S. Senator Paul Sarbanes (D-MD) and U.S. Representative Michael G. Oxley (R-OH). The bill was enacted as a reaction to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, Adelphia, Peregrine
Systems and WorldCom. These scandals, which cost investors billions of dollars when the share prices of affected companies collapsed, shook public confidence in the nation's securities markets. It does not apply to privately held companies. The act contains 11 titles, or sections, ranging from additional corporate board responsibilities to criminal penalties, and requires the Securities and Exchange Commission (SEC) to implement rulings on requirements to comply with the new law. Harvey Pitt, the 26th chairman of the Securities and Exchange Commission (SEC), led the SEC in the adoption of dozens of rules to implement the SarbanesOxley Act. It created a new, quasi-public agency, the Public Company Accounting Oversight Board, or PCAOB, charged with overseeing, regulating, inspecting and disciplining accounting firms in their roles as auditors of public companies. The act also covers issues such as auditor independence, corporate governance, internal control assessment, and enhanced financial disclosure. The act was approved by the House by a vote of 421 in favor, 3 opposed, and 8 abstaining and by the Senate with a vote of 99 in favor, 1 abstaining. President George W. Bush signed it into law, stating it included "the most far-reaching reforms of American business practices since the time of Franklin D. Roosevelt." Debate continues over the perceived benefits and costs of SOX. Supporters contend the legislation was necessary and has played a useful role in restoring public confidence in the nation's capital markets by, among other things, strengthening corporate accounting controls. Opponents of the bill claim it has reduced America's international competitive edge against foreign financial service providers, saying SOX has introduced an overly complex regulatory environment into U.S. financial markets. Proponents of the measure say that SOX has been a "godsend" for improving the confidence of fund managers and other investors with regard to the veracity of corporate financial statements.
Overview Sarbanes-Oxley contains 11 titles that describe specific mandates and requirements for financial reporting. Each title consists of several sections, summarized below: TITLE I Public Company Accounting Oversight Board (PCAOB) Title I establishes the Public Company Accounting Oversight Board (PCAOB), to provide independent oversight of public accounting firms providing audit services ("auditors"). It also creates a central oversight board tasked with registering auditors, defining the specific processes and procedures for compliance audits, inspecting and policing conduct and quality control, and enforcing compliance with the specific mandates of SOX. Title I consists of nine sections. TITLE II - Auditors Independence
Title II, which consists of nine sections, establishes standards for external auditor independence, to limit conflicts of interest. It also addresses new auditor approval requirements, audit partner rotation policy, conflict of interest issues and auditor reporting requirements. Section 201 of this title restricts auditing companies from doing other kinds of business apart from auditing with the same clients. TITLE III - Corporate Responsibility Title III mandates that senior executives take individual responsibility for the accuracy and completeness of corporate financial reports. It defines the interaction of external auditors and corporate audit committees, and specifies the responsibility of corporate officers for the accuracy and validity of corporate financial reports. It enumerates specific limits on the behaviors of corporate officers and describes specific forfeitures of benefits and civil penalties for non-compliance. For example, Section 302 implies that the company board (Chief Executive Officer, Chief Financial Officer) should certify and approve the integrity of their company financial reports quarterly. This helps establish accountability. Title III consists of eight sections. TITLE IV - Enhanced Financial Disclosures Title IV consists of nine sections. It describes enhanced reporting requirements for financial transactions, including off-balance sheet transactions, pro-forma figures and stock transactions of corporate officers. It requires internal controls for assuring the accuracy of financial reports and disclosures, and mandates both audits and reports on those controls. It also requires timely reporting of material changes in financial condition and specific enhanced reviews by the SEC or its agents of corporate reports. TITLE V - Analyst Conflicts of Interest Title V consists of only one section, which includes measures designed to help restore investor confidence in the reporting of securities analysts. It defines the codes of conduct for securities analysts and requires disclosure of knowable conflicts of interest. TITLE VI - Commission Resources and Authority Title VI consists of four sections and defines practices to restore investor confidence in securities analysts. It also defines the SECs authority to censure or bar securities professionals from practice and defines conditions under which a person can be barred from practicing as a broker, adviser or dealer. TITLE VII Studies and Reports Title VII consists of five sections. These sections 701 to 705 are concerned with conducting research for enforcing actions against violations by the SEC registrants (companies) and auditors. Studies and reports include the effects of consolidation of public accounting firms, the role of credit rating agencies in the operation of securities markets, securities violations and enforcement actions, and whether investment banks assisted Enron, Global Crossing and others to manipulate earnings and obfuscate true financial conditions. TITLE VIII Corporate and Criminal Fraud Accountability Title VIII consists of seven sections and it also referred to as the Corporate and Criminal Fraud Act of 2002. It describes specific criminal penalties for fraud by manipulation, destruction or alteration of financial records or other interference with investigations, while providing certain protections for whistleblowers. TITLE IX White Collar Crime Penalty Enhancement Title IX consists of two sections. This section is also called the White Collar Crime Penalty Enhancement Act of 2002. This section increases the criminal penalties associated with white-collar crimes and conspiracies. It recommends stronger sentencing guidelines and specifically adds failure to certify corporate financial reports as a criminal offense. TITLE X Corporate Tax Returns
Page 17 of 21
Title X consists of one section. Section 1001 states that the Chief Executive Officer should sign the company tax return. TITLE XI Corporate Fraud Accountability Title XI consists of seven sections. Section 1101 recommends a name for this title as Corporate Fraud Accountability Act of 2002 . It identifies corporate fraud and records tampering as criminal offenses and joins those offenses to specific penalties. It also revises sentencing guidelines and strengthens their penalties. This enables the SEC to temporarily freeze large or unusual payments.
Page 18 of 21
Page 19 of 21
Page 20 of 21
Page 21 of 21

Mf0004 Internal Audit

Transféré par

Informations du document

Description originale:

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Mf0004 Internal Audit

Transféré par

Droits d'auteur :

Formats disponibles

MF0004 INTERNAL AUDIT & CONTROL ASSIGNMENT NAME ROLL NUMBER COURSE NAME BATCH LEARNING CENTRE LC CODE

MF0001 SECURITY ANALYSIS

Q.1 Discuss Is Auditing is a luxury

MF0004 INTERNAL AUDIT & CONTROL

MF0004 INTERNAL AUDIT & CONTROL

MF0004 INTERNAL AUDIT & CONTROL

MF0004 INTERNAL AUDIT & CONTROL

MF0004 INTERNAL AUDIT & CONTROL

MF0004 INTERNAL AUDIT & CONTROL

MF0004 INTERNAL AUDIT & CONTROL

A simple flowchart for computing factorial N (10!)

MF0004 INTERNAL AUDIT & CONTROL

MF0004 INTERNAL AUDIT & CONTROL

MF0004 INTERNAL AUDIT & CONTROL

Q.2 What are the mandatory standards of ICAI ?

MF0004 INTERNAL AUDIT & CONTROL

Q.3. What is SOX? Explain the main features of SOX.

MF0004 INTERNAL AUDIT & CONTROL

MF0004 INTERNAL AUDIT & CONTROL

MF0004 INTERNAL AUDIT & CONTROL

MF0004 INTERNAL AUDIT & CONTROL

MF0004 INTERNAL AUDIT & CONTROL

Vous aimerez peut-être aussi