Escolar Documentos
Profissional Documentos
Cultura Documentos
Reports Section 401 Disclosures in Periodic Reports Section 404 Management Assessment of Internal Controls Section 409 Real Time Issuer Disclosures Section 802 Criminal Penalties for Altering Documents
accounting and publicly traded securities Assure ethical business practices through of executives awareness and accountability
External Auditors
Internal Auditors
Boards of Director and their committees Top Executives
Regulators
is comprised of at least one financial expert, and if not, why. Disclosure of material changes in the financial condition or operations of the issuer
The CEO and CFO must certify in each periode filing that the financial information : does not contain any untrue statement of a material fact And fairly presents in all material respects the financial condition and results of operations of the issuer
cost? Do our LIABILITIES report all of the amounts we expect to pay out? Is all REVENUE we reported really earned? Have we recorded all of our EXPENSES for the period? Have we described the critical ASSUMPTIONS underlying our financial reports, and have we described any significant CONTINGENCES?
adequate internal control over financial reporting for the company Identify the framework used by management to evaluate the effectiveness of this internal control Assessment of the internal control as of the end of the Companys most recent year
It is a process that provides reasonable assurance regarding the reliability of financial reporting for external purposes, includes: Provide the maintenance of records that reflect the Companys transactions Provide assurance that transactions are recorded in accordance with GAAP Provide assurance that assets are protected against theft or fraud
(accounts or disclosures) Identifying material financial statement risks within these accounts or disclosures Determining which Entity Level Controls would address these risks with sufficient precision Determining which Transaction Level Controls would address these risks in the absence of precise Entity Level Controls Determining the nature, extent, and timing of evidence gathered to complete the assessment of in-scope controls
Include; Controls related to the control environment Controls over management override The companys risk assessment process Centralized processing & controls including shared service environments Controls to monitor results of operations Controls to monitor other controls, including IA function, AC, and self-assessment programs Controls over the period-end financial reporting process Policies that address significant business control and risk management practices
Controls that apply to all systems components, processes, and data for a given organization or Information Technology Objective: to ensure the proper development and implementation of applications, as well as the integrity of programs, data files , and computer operations
Most common ITGC: Data center security controls Computer oepration controls Program Change management controls System development life cycle controls
Sources: Auditing Standard no. 5 Sarbanes Oxley Act 2002 Sarbanes Oxley for Dummies Various sources from Internet