chapter 4 internal control bus 319 accounting information systems
Post on 20-Dec-2015
224 views
TRANSCRIPT
Foreign Corrupt Practice Act of 1977
A process designed by, or under the supervision of, the issuer’s principal executive and principal financial officers, … , to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with GAAP and includes those policies and procedures that:
Foreign Corrupt Practice Act of 1977
1. Pertain to the maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the issuer;
2. Provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the issuer are being made only in accordance with authorizations of management and directors of the registrant; and
3. Provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the issuer’s assets that could have a material effect on the financial statements.
What is the Sarbanes-Oxley Act of 2002
• Management must:– assess and test the effectiveness of the internal controls– report their findings on the effectiveness of the internal controls
• The independent auditor must:– assess and test the effectiveness of the internal controls– report their findings on the effectiveness of the internal controls
Brown’s Taxonomy of Risk – Strategic Risk
• Strategic Risk
– Legal and regulatory risk–Business strategy risk
COSO Internal Control Framework
• Control environment• Risk Assessment• Control Activities• Information & communications• Monitoring
Control Activities
• Adequate documentation• Background checks• Backup computer files• Backup power supplies• Bank reconciliation• Batch control totals• Data encryption• Document matching• Edit checks• Firewalls
• Insurance and bonding• Internal audit• Limit checks• Lockbox systems• Physical security• Preformatted data screens
• Prenumbered documents• restrictive endorsement• Daily deposit of checks• Segregation of duties• Training