Download Internal Controls and Management Responsibility: Sarbanes-Oxley Act and Auditor's Role and more Quizzes Auditing in PDF only on Docsity! TERM 1 Management's IC Responsibility DEFINITION 1 * The Sarbanes-Oxley Act of 2002 INCREASES management's responsibilities for maintaining effective internal controls. Management of Issuers must: 1. Accept responsibility for IC effectiveness 2. Evaluate the effectiveness of internal controls using suitable criteria which MUST be identified in their report: ordinarily [not required] this is the "Internal Control - Integrated Framework" [created by COSO] - A lot of people were involved in putting this together [all about CRIME - 5 ele TERM 2 Management of ________ _______ & _________. DEFINITION 2 Management of Internal Control & Reporting * Management responsible for effectiveness of both TERM 3 Management's Report on Internal Control USING THE COSO I/C FRAMEWORK [the I/C framework selected MUST be included] DEFINITION 3 * What you will see in every 10K * When client takes responsibility, COSO report on internal control is the benchmark used * Balance Sheet says "as of" and here we are saying that these controls are effective "as of the last day of the year" - Controls could be bad all year, but what matters is their state "as of the last day of the year" TERM 4 Internal Control Deficiencies DEFINITION 4 They are weaknesses in internal controls ... A. Control Deficiencies - Don't even have a control for it - More insignificant than anything - just mention it to management B. Significant Deficiencies - A potential problem - A Judgement Call: A checkbox rather than a signature because you do not know who authorized and may notice a significant increase in write-offs. * The allowance account may be understated, but definitely a mess or "nightmare" C. Material Weaknesses TERM 5 One material weakness you get ... DEFINITION 5 An adverse opinion -> but it doesn't mean it will have an affect on the financial statement opinion - "As of December 31" so if you change it on December 30, there is no problem TERM 6 Internal Control Deficiencies: Control Deficiency [CD] DEFINITION 6 exists when the design or operation of a control doesn't "allow" management/employees to prevent or detect misstatements on a timely basis [e.g., a place for credit approval is not indicated on the sales order, write-offs for bad debt accounts are normal]. TERM 7 Internal Control Deficiencies: Significant Deficiency [SD] DEFINITION 7 is a control deficiency or a combo of control deficiencies that is less severe than a material weakness yet important enough to merit attention by those responsible for oversight of the financial reporting [e.g., credit approvals are occasionally unauthorized, write-offs are slightly above normal]. - none of these means a material problem TERM 8 Internal Control Deficiencies: Material Weakness DEFINITION 8 control deficiency or a combo of control deficiencies or significant deficiencies such that there is a reasonable or probable possibility that a material misstatement will not be prevented or detected on a timely basis [e.g., credit approvals are frequently unauthorized, write-offs are excessive] * other examples: F/S restatements, ID of fraud, material misstatements not caught by ICs, ineffective oversight by the audit committee]. * A material weakness results in the auditors giving an Adverse Opinion TERM 9 Only a ________ ________ will result in an _______ Opinion. DEFINITION 9 Only a material weakness will result in an adverse opinion. TERM 10 Can have an adverse opinion on internal controls and ... DEFINITION 10 an unqualified opinion for financial statements.