Term
|
Definition
Internal control is defined as a process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: - Reliability of financial reporting
- Effectiveness and efficiency of operations
- Compliance with applicable laws and regulations
- Safeguarding assets
|
|
|
Term
SOX: Management certification and Auditors Reporting Responsibilities |
|
Definition
A triple certification regime mandated by SOX consisits of: 1. SOX section 302: CEO/CFO are required to quarterly certify that they are responsible for internal control and that the auditors were told about all material IC weaknesses and frauds 2. SOX sex 906: If management willfully and knowingly violates the certification, they can be imprisoned for up to 20 years and fined up to $5,000,000. 3. SOX sec 404: Requires mgmt of public companies to report the effectiveness of the entitys internal control on an annual basis SEC is responsibly for setting rules to implement these requirements, PCAOB sets the auditing standards |
|
|
Term
Outcome of the auditors engagement |
|
Definition
1. Internal control deficiency: when the design or operation of a control does not allow management to prevent or detect misstatements on a timely basis 2. A significant deficiency: is an internal control deficiency that results in more than a remote likelihood that a misstatement of the annual or interim financial statements that is more than inconsequential in amount will not be prevented or detected. 3. A material weakness is a significant deficiency that results in more than a remote likeliehood that a material misstatement of the annual or interim financial statments with not be prevented or detected |
|
|
Term
,Criteria to asses the effectiveness of Internal Control
|
|
Definition
1. Control Environment: Senior management must set the right tone that positively influences the control consciousness of the employee of the entity. 2. Risk assessment: the organization's identification and analysis of relevant risks for all value-chain activities. 3. Control activities: policies and procedures that help ensure that the actions identified by the managment to identify risks are effectively carried out 4. Information systems: the systems support the indentification, capture, and exchange of informations in a form and time frame that enable people to carry out their responsibilities. 5. Monitoring: a process that assesses the quality of internal control performance over time |
|
|
Term
|
Definition
1. Proper authorization of transactions and activities 2. Segregation of duties 3. Proper design and use of documents and records 4. Safeguard assets, records, and data 5. Independent checks on performance |
|
|
