Ramifications of the New COSO Framework & Recent PCAOB Actions
|
|
- Miranda Cain
- 6 years ago
- Views:
Transcription
1 Ramifications of the New COSO Framework & Recent PCAOB Actions
2 Panelists Moderator Bob Meyer, Senior Vice President of Finance & Corporate Controller, American Tower Joann Cangelosi, Partner, Grant Thornton LLP Lori Silverstein, Vice President, Controller, Boston Properties Marc Panucci, Partner, PriceWaterhouseCoopers 2
3 Discussion Topics The COSO 2013 framework and implications on a company s internal controls Update on PCAOB initiatives and actions Trends in auditing 3
4 The COSO 2013 Framework Key differences between the 2013 framework and the original 1992 framework 5 framework components 17 principles 81 points of focus Transitioning to the new framework Timing Methodology Key areas of focus Where you can find more information 4 4
5 PCAOB Initiatives and Actions The Public Company Accounting Oversight Board issued a Staff Consultation Paper on standard-setting activities related to auditing accounting estimates and fair value measurements for public comment on August 19, An update on the proposal to change the auditor's reporting model issued in 2013 Feedback on recent PCAOB reviews Where you can find more information 5 5
6 Disclaimer NAREIT does not intend this presentation to be a solicitation related to any particular company, nor does it intend to provide investment, legal or tax advice. Investors should consult with their own investment, legal or tax advisers regarding the appropriateness of investing in any of the securities or investment strategies discussed in this presentation. Nothing herein should be construed to be an endorsement by NAREIT of any specific company or products or as an offer to sell or a solicitation to buy any security or other financial instrument or to participate in any trading strategy. NAREIT expressly disclaims any liability for the accuracy, timeliness or completeness of data in this presentation. Unless otherwise indicated, all data are derived from, and apply only to, publicly traded securities. Any investment returns or performance data (past, hypothetical, or otherwise) are not necessarily indicative of future returns or performance. For more information, visit: 6
7 No. US August 22, 2014 At a glance The staff of the PCAOB s Office of the Chief Auditor is evaluating whether existing PCAOB standards relating to auditing accounting estimates and fair value measurements can and should be improved. PCAOB issues staff consultation paper seeking comment on auditing accounting estimates and fair value measurements What happened? On August 19, 2014, the Public Company Accounting Oversight Board ( PCAOB ) issued for public comment a staff consultation paper on standard-setting activities related to auditing accounting estimates and fair value measurements. The staff consultation paper discusses and solicits comment on certain issues related to auditing accounting estimates and fair value measurements in order to assist the PCAOB staff in evaluating whether the existing PCAOB auditing standards can and should be improved. The PCAOB staff is specifically seeking feedback on: (i) the potential need for changes to the PCAOB s existing auditing standards to better address changes in the financial reporting frameworks related to accounting estimates and fair value measurements, (ii) current audit practices that have evolved to address issues relating to auditing accounting estimates and fair value measurements, (iii) a possible approach to changing existing auditing standards, and the requirements of a potential new standard, and (iv) relevant economic data about potential economic impacts to inform the PCAOB's economic analysis associated with standard setting in this area. Overview of the approach being considered by the PCAOB staff Although the PCAOB staff identified a number of alternative approaches that the PCAOB may wish to consider, the PCAOB staff is considering developing a single standard related to auditing accounting estimates and fair value measurements instead of separate standards that exist today. The staff consultation paper discusses that the potential new standard could be designed to: Align with the PCAOB s risk assessment standards Generally retain the approaches to internal control and substantive testing from the existing standards, but include requirements that apply to both accounting estimates and fair value measurements Establish more specific audit requirements related to the use of third parties in developing accounting estimates and fair value measurements, and Create a more comprehensive standard related to auditing accounting estimates and fair value measurements to promote greater consistency and effectiveness in application Use of third parties A new standard could include the existing requirement related to testing assumptions for fair value measurements developed by a company s specialist, but apply it more broadly to information provided for accounting estimates. As such, if a company uses a specialist to develop an accounting estimate, a new standard could direct the auditor to test that information as if it were produced by the company. In this case, the auditor would be National Professional Services Group CFOdirect Network In brief 1
8 required, as applicable, to evaluate the appropriateness of the methods, test the data used, and evaluate the reasonableness of significant assumptions, with respect to the information provided by the specialist. Additionally, the PCAOB staff is considering how a potential new standard could address audit evidence obtained from third-party sources, such as pricing services and brokerdealers. Given the differences in how values of financial instruments are derived and obtained, the PCAOB staff is exploring whether a new standard should set forth specific requirements for evaluating information from third-party pricing sources as part of evaluating the reliability and relevance of the evidence. For example, to evaluate reliability, the auditor could take into account the methods used by a third-party in determining fair value and whether the methodology used is in conformity with the applicable financial reporting framework. As it relates to evaluating the relevance, the auditor could determine, among other matters, when there are no transactions either for the asset or liability or comparable assets or liabilities, how the information was developed, including whether the inputs developed represent the assumptions that market participants would use when pricing the asset or liability, if applicable. Why is this important? Financial statements and disclosures of most companies include accounting estimates and fair value measurements. What's next? Comments on the staff consultation paper are due on November 3, Additionally, the PCAOB announced it will host a meeting of its Standing Advisory Group ( SAG ) on October 2, 2014, in Washington, D.C., to discuss matters related to auditing accounting estimates and fair value measurements. The agenda and meeting logistics will be announced closer to the meeting date. Questions? PwC clients who have questions about this In brief should contact their engagement partner. Engagement teams who have questions should contact the National Professional Services Group ( ). Authored by: Neil Weingarten Partner Phone: neil.weingarten@us.pwc.com Sarah Kenny Director Phone: sarah.kenny@us.pwc.com 2014 PricewaterhouseCoopers LLP, a Delaware limited liability partnership. All rights reserved. PwC refers to the United States member firm, and may sometimes refer to the PwC network. Each member firm is a separate legal entity. Please see for further details. This content is for general information purposes only, and should not be used as a substitute for consultation with professional advisors. To access additional content on financial reporting issues, visit PwC s online resource for financial executives.
9 Corporate Governor Providing vision and advice for management, boards of directors and audit committees Summer 2014 New COSO Framework links IT and business process Michael Rose, Partner, Business Advisory Services In May 2013, the Committee of Sponsoring Organizations of the Treadway Commission (COSO), a joint initiative of private sector organizations dedicated to providing thought leadership on enterprise risk management, internal control and fraud deterrence, issued its updated Internal Control Integrated Framework 1 (2013 Framework). The 2013 Framework is expected to be used by most public companies listed in the United States as well as other companies in various jurisdictions starting Dec. 31, 2014, and possibly earlier, in assessing the effectiveness of their internal control over financial reporting (ICFR) and by auditors in reporting on ICFR when required. 1 See for more information. The 2013 Framework does not fundamentally alter the key concepts of the original 1992 Framework consisting of five components: control environment, risk assessment, control activities, information and communication, and monitoring. Instead, it clarifies and builds on core strengths by (1) formalizing the concepts embedded within the five components into 17 principles, (2) considering changes in business and operating environments, and (3) expanding the financial reporting objective to address other important forms of reporting 2. The 2013 Framework also includes points of focus that describe each principle s characteristics and help users evaluate whether a principle is present and functioning. Points of focus aren t explicit requirements. You don t need a separate evaluation of points of focus in order to demonstrate that a relevant principle is present and functioning. Management may determine that some points of focus are not suitable or relevant; they may also identify and consider others based on company circumstances. Points of focus may be particularly helpful in assisting management and auditors in evaluating principles that weren t as thoroughly developed in the 1992 Framework, such as those relating to fraud prevention and to the use of IT.
10 New COSO Framework links IT and business process Principle 11 points of focus The 2013 Framework recognizes the importance of technology in achieving operations and compliance objectives, as well as reporting objectives. Principle 11 and its points of focus address the importance of IT controls. 1. Determines dependency between the use of technology in business processes and technology general controls Management must understand the linkages between its business processes, general technology controls and controls that are automated in its control activities. Control activities are the tasks that ensure the existing technology continues to function as originally designed. Technology general controls are also referred to as general computer controls, general controls or IT controls. The overall reliability of technology in business processes, which would include automated controls (controls embedded in an application), will result from an effective design upfront, and then continued execution of general control activities over technology from an operating effectiveness perspective. Technology general controls operating as designed will support automated controls and ensure that they are functioning properly. An example of an automated control would be the three-way match among purchasing, receiving and invoicing. The technology general controls determine that the correct files are being matched and the process is complete and accurate. In addition, the security control activities make sure that only authorized individuals have access to the files. Principle 11 The organization selects and develops general control activities over technology to support the achievement of objectives. The following points of focus highlight important characteristics relating to this principle: Determines dependency between the use of technology in business processes and technology general controls Establishes relevant technology infrastructure control activities Establishes relevant security management process control activities Establishes relevant technology acquisition, development and maintenance process control activities The COSO model for technology general controls touches all five components of the 2013 Framework, as evidenced in the following list. The emphasis here is illustrative as it relates to the five components. Control environment Tone from the top, IT governance identifying controls as important Technology policies and procedures and information security policies Various committees established for technology governance 2 Read more about the new framework and 17 principles in CorporateGovernor Summer See advisory/2013/bas-grc-updated-coso-framework.aspx for details. 2 CorporateGovernor Summer 2014
11 New COSO Framework links IT and business process Risk assessment IT risk assessments link to corporate and business risk assessments IT controls determined for high-risk business units and functions IT risk assessment for IT information security identifying threats and matching to vulnerabilities Risk assessment for business continuity Control activities Approval of IT plans and system architecture Committee approval for change management Compliance with information and security standards Information and communication IT corporate communications Best-practice IT communication Review of user access to information and reports IT and security training Monitoring Review of periodic technology assessments Review of technology organization Review of high-risk IT areas Review of technology metrics Additional control activities may be selected or designed to be used in the mitigation of specific risks in the overall use of technology processes. 2. Establishes relevant technology infrastructure control activities Technology general controls include control activities over technology infrastructure, networks, operating systems, data management and applications. They apply to mainframe computers, clients/servers, desktops, end-user computing, portable computers and mobile device technology to operational technology. The control activities over each of these will depend on a number of factors, including risk as it relates to the underlying business processes, complexity of technology and overall outside threats. The technology general controls could be manual or automated. Following are control activities over newer technologies. These are some areas of interest with some control objectives attached, and are not meant to be all-inclusive. End-user computing (EUC) Identification of all EUC as it relates to critical business processes in the organization Monitored security and access to where the EUC is located Integrity of change management process for changes made, tested, reviewed and approved Accuracy and completeness of all information in the EUC Mobile devices Mobile device policies and procedures are in place Access control and encryption for mobile devices are in place and provide adequate coverage Non-company owned mobile devices are segregated for data in a complete and effective manner Mobile device incident management processes and controls are in place and effectively functioning 3 CorporateGovernor Summer 2014
12 New COSO Framework links IT and business process Cloud Prepare a clear governance model to follow, including policies and procedures Assess service levels, infrastructure and applications used, and related metrics and outcomes Understand cloud vendor management ability, including people s skills and competencies, processes and technology Review cloud security and compliance requirements Agree on service-level metrics, outcomes and effectiveness of services Identify where risks are present and integrate into existing risk assessment Review results criteria periodically, and have a mechanism to document exceptions and gaps and a process to correct issues 3. Establishes relevant security management process control activities The security management process includes all control activities over access to an organization s technology, including transaction processing, data, operating systems, network applications and physical access. Security controls over access prevent the unauthorized access and use of systems, changes to the system, and changes to data and program integrity from common error or malicious intent. It protects against segregation of duties to eliminate an individual having access to incompatible functions within the system, and it also reduces the likelihood of fraud Security risks are both internal and external. External threats can come in many different forms, depend on telecommunication networks and use the Internet. A company has customers, employees, vendors and others using its system. The pervasive use of technology in business operations presents significant threats on a daily basis. Internal threats come from within the organization through former or disgruntled employees who have extensive knowledge of the organization s security system and are better equipped because of this to succeed. Here are a few preventive actions to consider: External cybersecurity threats Establish cybersecurity governance, including policies and procedures Classify all information based on its restriction of privacy Determine what applications use highly private information Perform a vulnerability analysis on these higher-risk applications Identify potential threats to these applications Understand vendor access and determine safeguards Perform a risk assessment regarding the highest risks based on the above Determine where investments are needed to protect private information Identify and treat attacks and breaches in a timely and appropriate manner Monitor cybersecurity activity and report to senior management 4 CorporateGovernor Summer 2014
13 New COSO Framework links IT and business process Internal threats Develop policies and procedures regarding employees access to data and applications and termination of those rights when employees leave the organization Identify all employees that have access to incompatible data and applications in high-risk transactions When access can t be changed, provide a monitoring process/review of transactions those employees perform Periodically review access rights of employees 4. Establishes relevant technology acquisition, development and maintenance process control activities The technology general controls should support the life cycle of technology throughout acquisition, development and maintenance. Organizations rarely use one methodology for all systems development projects, and they choose a methodology based on factors such as size of the project. The chosen methodology should provide controls over changes to technology: acquiring the appropriate approvals for a change, reviewing the change, testing results and implementing a process to make sure the changes are completed properly. The methodology provides a structure for system design and implementation. It outlines requirements such as documentation, approvals and controls over the technology life cycle. Organizations need some basic controls that are similar in all systems acquisition and development work. User requirements are always documented and results measured. A formal process should be followed for system design to determine that user requirements and controls are designed in the system. System development is carried out in a formal manner to ensure that design features are included in the final product. Testing should include users, the functionality is reviewed and system interfaces operate as intended. Maintenance processes should ensure that changes in application systems are controlled and change management has a validation process. All outsourced system development work would be reviewed and determined to have a similar set of controls over the entire process. All work must be under project management control, whether it s developed in-house or outsourced. A communication and reporting mechanism must be in place to ensure that all projects are completed in a timely manner and on budget. 5 CorporateGovernor Summer 2014
14 New COSO Framework links IT and business process Conclusion COSO recognizes the importance of technology in achieving operations and compliance objectives, and it wrote Principle 11 of the 2013 Framework to link business processes to technology general controls. The points of focus can help users evaluate whether the principle is present and functioning properly. While these points of focus aren t explicit requirements, use them as a tool to thoroughly address your IT controls. IT controls are pervasive throughout an organization, so it is critical to have a strong control environment across all business units. Contact Michael Rose Partner, Business Advisory Services T E michael.rose@us.gt.com Editor Evangeline Umali Hannum E evangeline.umalihannum@ us.gt.com About the newsletter CorporateGovernor is published by Grant Thornton LLP. The people in the independent firms of Grant Thornton International Ltd provide personalized attention and the highest-quality service to public and private clients in more than 100 countries. Grant Thornton LLP is the U.S. member firm of Grant Thornton International Ltd, one of the world s leading organizations of independent audit, tax and advisory firms. Grant Thornton International Ltd and its member firms are not a worldwide partnership, as each member firm is a separate and distinct legal entity. Content in this publication is not intended to answer specific questions or suggest suitability of action in a particular case. For additional information about the issues discussed, consult a Grant Thornton LLP client service partner or another qualified professional. Connect with us linkd.in/grantthorntonus Grant Thornton refers to Grant Thornton LLP, the U.S. member firm of Grant Thornton International Ltd (GTIL). GTIL and its member firms are not a worldwide partnership. All member firms are individual legal entities separate from GTIL. Services are delivered by the member firms. GTIL does not provide services to clients. GTIL and its member firms are not agents of, and do not obligate, one another and are not liable for one another s acts or omissions. Please visit grantthornton.com for details Grant Thornton LLP All rights reserved U.S. member firm of Grant Thornton International Ltd
Corporate Governor. Providing vision and advice for management, boards of directors and audit committees Winter 2015
Corporate Governor Providing vision and advice for management, boards of directors and audit committees Winter 2015 COSO 2013 framework boosts fraud risk assessment and prevention Fraud is among the most
More informationSTANDING ADVISORY GROUP MEETING
1666 K Street, NW Washington, D.C. 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8430 www.pcaobus.org STANDING ADVISORY GROUP MEETING PRESENTATION AUDITING IMPLICATIONS OF COSO PROJECT TO UPDATE
More informationPresent and functioning: Fine-tuning your ICFR using the COSO update
Present and functioning: Fine-tuning your ICFR using the COSO update November 2014 With the COSO s 1992 Control Framework being superseded by the 2013 updated edition on December 15, 2014, now is the time
More informationAUDITING. Auditing PAGE 1
AUDITING Auditing 1. Professionalism The International Professional Practices Framework (IPPF) is the conceptual framework that organizes authoritative guidance promulgated by The Institute of Internal
More informationImplementing the new revenue guidance in the manufacturing industry
Implementing the new revenue guidance in the manufacturing industry A progress check for management and audit committees Background As the effective date for the new revenue guidance in ASC 606, Revenue
More informationSarbanes-Oxley Act of 2002 Can private businesses benefit from it?
Sarbanes-Oxley Act of 2002 Can private businesses benefit from it? As used in this document, Deloitte means Deloitte Tax LLP, which provides tax services; Deloitte & Touche LLP, which provides assurance
More informationBeyond Compliance. Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404
Beyond Compliance Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404 Note to Readers Regarding This First Edition April 2003: This document was published
More informationA Discussion About Internal Controls February 2016
A Discussion About Internal Controls February 2016 What we will cover today 001 Introductions 002 Defining Internal Controls 003 COSO Internal Controls Integrated Framework 004 Approach to Designing Internal
More informationCOSO 2013: Updated internal control framework
COSO 2013: Updated internal control framework Athens, 10 October 2013 Background COSO's structure and mission COSO 1 is a joint initiative of five sponsoring organizations - American Accounting Association
More informationIAASB Main Agenda (March 2016) Agenda Item. Initial Discussion on the IAASB s Future Project Related to ISA 315 (Revised) 1
Agenda Item 3-A Initial Discussion on the IAASB s Future Project Related to ISA 315 (Revised) 1 Objectives of the IAASB Discussion The objective of this agenda item are to: (a) Present initial background
More informationThe importance of a solid data foundation
The importance of a solid data foundation Prepared by: Michael Faloney, Director, RSM US LLP michael.faloney@rsmus.com, +1 804 281 6805 February 2015 This is the first of a three-part series focused on
More informationIAASB CAG Public Session (March 2016) Agenda Item. Initial Discussion on the IAASB s Future Project Related to ISA 315 (Revised) 1
Agenda Item C.1 Initial Discussion on the IAASB s Future Project Related to ISA 315 (Revised) 1 Objectives of the IAASB CAG Discussion The objective of this agenda item are to: (a) Present initial background
More informationReport on Inspection of Deloitte LLP (Headquartered in Toronto, Canada) Public Company Accounting Oversight Board
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org Report on 2014 (Headquartered in Toronto, Canada) Issued by the Public Company Accounting Oversight
More informationREPORT 2016/033 INTERNAL AUDIT DIVISION
INTERNAL AUDIT DIVISION REPORT 2016/033 Advisory engagement on the Statement on Internal Control project at the United Nations Joint Staff Pension Fund 25 April 2016 Assignment No. VS2015/800/01 CONTENTS
More information[RELEASE NOS ; ; FR-77; File No. S ]
SECURITIES AND EXCHANGE COMMISSION 17 CFR PART 241 [RELEASE NOS. 33-8810; 34-55929; FR-77; File No. S7-24-06] Commission Guidance Regarding Management s Report on Internal Control Over Financial Reporting
More information) ) ) ) ) ) ) ) ) ) ) )
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8430 www.pcaobus.org PROPOSED AUDITING STANDARD RELATED TO COMMUNICATIONS WITH AUDIT COMMITTEES AND RELATED AMENDMENTS
More informationToday s CFO: Changing the game plan for tomorrow
Risk Technology Today s CFO: Changing the game plan for tomorrow Investment Strategy As businesses evolve, the scope of the CFO s role is expanding. CFOs now have to balance competing demands on their
More informationMinimizing fraud exposure with effective ERP segregation of duties controls
Minimizing fraud exposure with effective ERP segregation of duties controls Prepared by: Luke Leaon, Manager, RSM US LLP luke.leaon@rsmus.com, +1 612 629 9072 Adam Harpool, Manager, RSM US LLP adam.harpool@rsmus.com,
More informationEffective implementation of COSO s new anti-fraud guidance
Effective implementation of COSO s new anti-fraud guidance In September 2016, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) published a new Fraud Risk Management Guide (Anti-fraud
More informationSTARWOOD HOTELS & RESORTS WORLDWIDE, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS
STARWOOD HOTELS & RESORTS WORLDWIDE, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS Starwood Hotels & Resorts Worldwide, Inc. (the Company ) has determined that it is of the utmost importance
More informationSTANDARD-SETTING AGENDA OFFICE OF THE CHIEF AUDITOR JUNE 30, 2016
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202)862-8430 http://www.pcaobus.org STANDARD-SETTING AGENDA OFFICE OF THE CHIEF AUDITOR JUNE 30, 2016 The Public Company Accounting
More informationManaging Fraud Risk: New Professional Guidance
Managing Fraud Risk: New Professional Guidance Mohammed Ahmed & Toby J.F. Bishop Deloitte Financial Advisory Services LLP September 10, 2007 Objectives Make you aware of the new guidance Show how you can
More informationAN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES
1666 K Street, NW Washington, D.C. 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8430 www.pcaobus.org PRELIMINARY STAFF VIEWS AN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL
More informationCLAconnect.com/creditunions. Impact the Future of Credit Unions
CLAconnect.com/creditunions Impact the Future of Credit Unions We Believe Enabling your success means a better world for all of us, but now, more than ever, a greater number of operational, regulatory,
More informationReport on Inspection of KPMG AG Wirtschaftspruefungsgesellschaft (Headquartered in Berlin, Federal Republic of Germany)
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org Report on 2016 (Headquartered in Berlin, Federal Republic of Germany) Issued by the Public Company
More informationReport on Inspection of KAP Purwantono, Sungkoro & Surja (Headquartered in Jakarta, Republic of Indonesia)
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org Report on 2015 Inspection of KAP Purwantono, (Headquartered in Jakarta, Republic of Indonesia)
More informationInternal Financial Controls New perspectives as per Companies Act 2013 and CARO 2016
New perspectives as per Companies Act 2013 and CARO 2016 1 Contents: Background Meaning of IFC IFC on Financial Reporting Why IFC? Regulatory mandate Role of various authorities Components of IFC IFC under
More informationCOSO Updates and Expectations. IIA San Diego Chapter January 8, 2014
COSO Updates and Expectations IIA San Diego Chapter January 8, 2014 Agenda Overview of 2013 Internal Control-Integrated Framework and Companion Guidance 2013 Framework General Enhancements by Component
More informationComparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining)
Comparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining) Topic AS No. 5 AS No. 2 Objective of ICFR Audit Planning the ICFR Audit Integration
More informationPublic Company Accounting Oversight Board
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org Report on 2008 (Headquartered in New York, New York) Issued by the Public Company Accounting
More informationIIROC 2015 Financial Administrators Section Conference
IIROC 2015 Financial Administrators Section Conference September 11, 2015 kpmg.ca Presenters Chris Cornell KPMG Partner, Financial Services Steven Sharma KPMG Partner, Financial Services 2 Agenda Current
More informationSAMPLING AND ERROR EVALUATION RSM US LLP. All Rights Reserved.
SAMPLING AND ERROR EVALUATION SAMPLING Sampling Factors to consider when sampling Population size and aggregate balance Tolerable misstatement Expected error Assurance factors Significant risk Reliance
More informationIT GOVERNANCE. WITH ROBERT GOODSELL, MANAGING DIRECTOR JOE BRUTSCHE, DIRECTOR PwC. April 4, 2013
IT GOVERNANCE WITH ROBERT GOODSELL, MANAGING DIRECTOR JOE BRUTSCHE, DIRECTOR PwC April 4, 2013 Agenda The challenge IT Governance defined IT Governance components Next steps Questions THE CHALLENGE The
More informationNegotiating in a Sarbanes-Oxley World
Negotiating in a Sarbanes-Oxley World Richard Pennington, J.D., C.P.M., Consultant SCOPEVision Consulting Ltd 303/324-7333, rpennington@scopevisionconsulting.com 91 st Annual International Supply Management
More informationSARBANES-OXLEY COMPLIANCE MANAGING CHANGING EXPECTATIONS January 20, 2017
SARBANES-OXLEY COMPLIANCE MANAGING CHANGING EXPECTATIONS January 20, 2017 Pat Mitchell Managing Director Internal Audit, Risk, Business & Technology Consulting CHANGES IN THE COST AND SCOPE OF SOX COMPLIANCE
More informationDoc P-Card Services Provider RFP
1 of 9 2/29/2016 4:55 PM Go To Dashboard Help Keith Haran Doc706066747 - P-Card Services Provider RFP Prev Next Exit On this page you create the information that participants will read and respond to during
More informationSpeech by SEC Staff: Remarks before the 2007 AICPA National Conference on Current SEC and PCAOB Developments
Home Previous Page Speech by SEC Staff: Remarks before the 2007 AICPA National Conference on Current SEC and PCAOB Developments by Josh Jones Professional Accounting Fellow, Office of the Chief Accountant
More informationERP IMPLEMENTATION RISK
ERP IMPLEMENTATION RISK Kari Sklenka-Gordon, Director at RSM National ERP Risk Advisory Leader March 2017 2015 2016 RSM US LLP. All Rights Reserved. Speaker Kari Sklenka-Gordon National RSM ERP Risk Advisory
More informationRisk culture. Building great organisations and growing your foundation for success CAPABILITY STATEMENT 2016
Risk culture Building great organisations and growing your foundation for success CAPABILITY STATEMENT 2016 What the regulators are saying about risk culture 2 3 An effective risk culture guides and facilitates
More informationSee your auditor clearly. Transparency report: How we perform quality audit engagements
See your auditor clearly. Transparency report: How we perform quality audit engagements February 2014 Table of contents 1) A message from the CEO and Managing Partner Assurance 2 2) Quality control policies
More informationInternal audit strategic planning Making internal audit s vision a reality during a period of rapid transformation
2015 State of the Internal Audit Profession Study Internal audit strategic planning Making internal audit s vision a reality during a period of rapid transformation 68% of companies have gone through or
More information3. STRUCTURING ASSURANCE ENGAGEMENTS
3. STRUCTURING ASSURANCE ENGAGEMENTS How do standards and guidance help professional accountants provide assurance? What are the practical considerations when structuring an assurance engagement? 3. STRUCTURING
More information2017 Private Company Audit Committee Outlook
2017 Private Company Audit Committee Outlook What s on your audit committee agenda? Private company audit committees have full agendas and finite resources, which can make keeping abreast of certain items
More informationRisk Management For and By the BOT. Secured BOT Series
Secured BOT Series 2018 Contents Risk Management For and By the BOT Setting context for RPA Risk Management Deloitte's Risk Framework For RPA Risk Management For the BOT Risk Management By the BOT How
More informationInternal Financial Controls (IFC) ICAI Seminar October 8, 2016
Internal Financial Controls (IFC) 1 ICAI Seminar October 8, 2016 Financial Reporting Assertions 3 Effective Internal Controls over Financial Reporting All Significant Accounts considered Minor or few internal
More informationAssessment of the Design Effectiveness of Entity Level Controls. Office of the Chief Audit Executive
Assessment of the Design Effectiveness of Entity Level Controls Office of the Chief Audit Executive February 2017 Cette publication est également disponible en français. This publication is available in
More informationYour unique family, our unique approach.
Your unique family, our unique approach. Because KPMG knows every family is different, we provide bespoke advice to establish and operate your family office and grow and preserve your legacy. KPMG Enterprise
More informationAudit and Advisory Services Integrity, Innovation and Quality. Audit of Internal Controls over Financial Reporting
Audit and Advisory Services Integrity, Innovation and Quality Audit of Internal Controls over Financial Reporting October 2015 Table of Contents i Audit of Internal Controls over Financial Reporting EXECUTIVE
More informationRising to the challenge Delivering Internal Audit excellence
www.pwc.co.uk Rising to the challenge Delivering Internal Audit excellence Internal Audit. Expect More. November 2016 Welcome Lindsey Paterson Scotland Internal Audit Government and Public Sector Leader
More informationReport on Inspection of K. R. Margetson Ltd. (Headquartered in Vancouver, Canada) Public Company Accounting Oversight Board
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org Report on 2016 (Headquartered in Vancouver, Canada) Issued by the Public Company Accounting
More informationSTANDARD-SETTING UPDATE OFFICE OF THE CHIEF AUDITOR SEPTEMBER 30, 2017
1666 K Street NW Washington, DC 20006 Office: (202) 207-9100 Fax: (202) 862-8430 www.pcaobus.org STANDARD-SETTING UPDATE OFFICE OF THE CHIEF AUDITOR SEPTEMBER 30, 2017 The ("PCAOB" or "Board") seeks to
More informationReport on. Issued by the. Public Company Accounting Oversight Board. June 16, 2016 THIS IS A PUBLIC VERSION OF A PCAOB INSPECTION REPORT
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org Report on 2015 Inspection of Paredes, Zaldívar, Burga & Asociados Sociedad Civil de (Headquartered
More informationSTANDING ADVISORY GROUP MEETING OCA CURRENT STANDARDS-SETTING AGENDA OCTOBER 14-15, 2009
1666 K Street, NW Washington, D.C. 20006 Telephone: (202) 207-9100 Facsimile: (202)862-8430 www.pcaobus.org STANDING ADVISORY GROUP MEETING OCA CURRENT STANDARDS-SETTING AGENDA OCTOBER 14-15, 2009 The
More informationSTANDARD-SETTING UPDATE OFFICE OF THE CHIEF AUDITOR DECEMBER 31, 2017
1666 K Street NW Washington, DC 20006 Office: (202) 207-9100 Fax: (202) 862-8430 www.pcaobus.org STANDARD-SETTING UPDATE OFFICE OF THE CHIEF AUDITOR DECEMBER 31, 2017 The ("PCAOB" or "Board") seeks to
More information2013 COSO Internal Control Framework Update. September 5, 2013
2013 COSO Internal Control Framework Update September 5, 2013 Agenda 2013 COSO IC Framework Topic Minutes The update process 5 What is not changing / What is changing 5 The 17 principles and changes to
More informationABA Section of Business Law. Internal Control Reporting Under Section 404: An Update and Current Assessment. November 19, 2004
ABA Section of Business Law Internal Control Reporting Under Section 404: An Update and Current Assessment November 19, 2004 Thomas L. Riesenberg and Linda L. Griggs, Cochairs Table of Contents 2.1 Auditing
More informationMake the complex manageable
Make the complex manageable Deal Advisory / Global We help create clear Solvency Strategies. Realizing value through insolvency. / 1 Your vision. Our proven capabilities. Insolvencies can test the limits
More informationInternal Audit How the Internal Audit Function Facilitates Internal Controls. Office of the City Auditor City of Tallahassee
Internal Audit How the Internal Audit Function Facilitates Internal Controls Office of the City Auditor City of Tallahassee 1 Internal Audits and Internal Controls Session Purpose: How does an internal
More informationWORLD-CLASS AUDIT REGULATION November Big Four Inspections Report.
WORLD-CLASS AUDIT REGULATION November 2017 2017 Big Four Inspections Report www.cpab-ccrc.ca CANADIAN PUBLIC ACCOUNTABILITY BOARD ABOUT CPAB The Canadian Public Accountability Board (CPAB) is Canada s
More informationQuality Assessments what you need to know
Quality Assessments what you need to know Patty Miller, Partner Deloitte & Touche LLP Cavell Alexander, VP-Internal Audit Intermountain Healthcare Overview of requirements Scope of assessment Approaches
More informationProposed Attestation Requirements for FR Y-14A/Q/M reports. Overview and Implications for Banking Institutions
Proposed Attestation Requirements for FR Y-14A/Q/M reports Overview and Implications for Banking Institutions O Background n September 16, 2015, the Board of Governors of the Federal Reserve System ( Federal
More informationReport on Inspection of KPMG Auditores Consultores Ltda. (Headquartered in Santiago, Republic of Chile)
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org Report on 2016 (Headquartered in Santiago, Republic of Chile) Issued by the Public Company Accounting
More informationOffice of the Secretary Public Company Accounting Oversight Board 1666 K Street, N.W. Washington, D.C Dear Office of the Secretary:
November 3, 2014 EXECUTIVE DIRECTOR Cynthia M. Fornelli GOVERNING BOARD Chairman Robert E. Moritz, Chairman and Senior Partner PricewaterhouseCoopers LLP Vice Chair Charles M. Allen, CEO Crowe Horwath
More informationGeneral Data Protection Regulation (GDPR) Meeting the new requirements
General Data Protection Regulation (GDPR) Meeting the new requirements Data protection rules are changing In a nutshell Predating social media, cloud computing and geolocation services, the law needs to
More informationJune PwC s Data and Analytics Survey 2016 Big Decisions
June 2016 PwC s Data and Analytics Survey 2016 Big Decisions Are executives using Data & Analytics to make big decisions? In May 2014, we surveyed 1,135 senior executives on the ways they were making big
More informationAuditing Standards and Practices Council
Auditing Standards and Practices Council PHILIPPINE STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT PHILIPPINE STANDARD ON AUDITING
More informationINTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT CONTENTS
INTERNATIONAL STANDARD ON AUDITING 315 UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT (Effective for audits of financial statements for periods beginning
More informationHeads Up. Control Integrated Framework. COSO Enhances Its Internal. In This Issue: Enhancements in the 2013 Framework
June 10, 2013 Volume 20, Issue 17 Heads Up In This Issue: Enhancements in the 2013 Framework Effective Systems of Internal Control COSO Transition Guidance and Impact on Other COSO Documents Internal Control
More informationUse of data and technology in the audit
www.pwc.com Use of data and technology in the audit Len Combs Partner PwC PCAOB SAG Meeting May 24, 2017 The views expressed are my own personal views and do not reflect those of the PCAOB, members of
More informationImplementing Analytics in Internal Audit. Jordan Lloyd Senior Manager Ravindra Singh Manager
Implementing Analytics in Internal Audit Jordan Lloyd Senior Manager Ravindra Singh Manager What does Success Look Like To deliver successful analytical insight as an everyday part of the audit process
More informationSeptember 9, 2016 kpmg.ca
IIROC 2016 Financial Administrators Section Conference September 9, 2016 kpmg.ca Presenters The contacts at KPMG in connection with this presentation are: Chris Cornell KPMG Partner, Financial Services
More informationCOSO Internal Control Integrated Framework Proposed Update
COSO Internal Control Integrated Framework Proposed Update Presented by: Dustin Birashk September 20, 2012 1 DISCLOSURE STATEMENT The material appearing in this presentation is for informational purposes
More information) ) ) ) ) ) ) ) ) ) ) ) REPORTING ON WHETHER A PREVIOUSLY REPORTED MATERIAL WEAKNESS CONTINUES TO EXIST. PCAOB Release No July 26, 2005
1666 K Street, NW Washington, D.C. 20006 Telephone: (202) 207-9100 Facsimile: (202)862-8430 www.pcaobus.org REPORTING ON WHETHER A PREVIOUSLY REPORTED MATERIAL WEAKNESS CONTINUES TO EXIST ) ) ) ) ) ) )
More informationNavigating the New Health Economy
Navigating the New Health Economy How non-traditional healthcare players are using the HITRUST CSF to drive their security programs forward Speakers Dennis Quandt Risk Assurance Director, PwC Boston, MA
More informationInternal Audit Challenges & Opportunities Speaker: Laurie Shen, Director, Grant Thornton LLP
Internal Audit Challenges & Opportunities Speaker: Laurie Shen, Director, Grant Thornton LLP March 28, 2012-1 - Speaker Introduction Laurie Shen is a Director at Grant Thornton's Northeast Internal Audit
More informationProtecting Fixed Assets: Internal Controls for Non Profits
Protecting Fixed Assets: Internal Controls for Non Profits 25 September 2012 Community Sector Council Newfoundland and Labrador (CSC) Darlene Scott, Senior Program Associate darlenescott@cscnl.ca www.communitysector.nl.ca
More informationReport on Inspection of PricewaterhouseCoopers Audit (Headquartered in Neuilly-Sur-Seine, French Republic)
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org Report on 2015 (Headquartered in Neuilly-Sur-Seine, French Republic) Issued by the Public Company
More informationFINANCIAL INSTITUTIONS AUDIT COMMITTEE GUIDE FOR FINANCIAL INSTITUTIONS
FINANCIAL INSTITUTIONS AUDIT COMMITTEE GUIDE FOR FINANCIAL INSTITUTIONS Dear clients and friends of the firm, Corporate governance is a significant area of focus for stakeholders of financial institutions.
More informationCloud Computing Opportunities & Challenges
Cloud Computing Opportunities & Challenges AICPA & CPA/SEA Interchange State Regulatory & Legislative Affairs Emerging Technologies July 11, 2017 Presented by Donny C. Shimamoto, CPA.CITP, CGMA 1 Unless
More informationSarbanes-Oxley Compliance Kit
Kit February 2018 This product is NOT FOR RESALE or REDISTRIBUTION in any physical or electronic format. The purchaser of this template has acquired the rights to use it for a SINGLE Disaster Recovery
More informationData protection in light of the GDPR
Data protection in light of the GDPR How to protect your organization s most sensitive data Why is data protection important? Your data is one of your most prized assets. Your clients entrust you with
More informationThe New COSO Framework: Avoiding Deficiencies and Driving Change
The New COSO Framework: Avoiding Deficiencies and Driving Change Session #308 Speaker Introductions Kimberley Mobley, CPA, CISA Ryan Isbell, CPA Greg Daniel, CISA, CRMA Partner Controller Manager Johnson
More informationThe SEC Is Open for Business: Takeaways from the AICPA s 2017 Conference on Current PCAOB and SEC Developments
December 8, 2017 The SEC Is Open for Business: Takeaways from the AICPA s 2017 Conference on Current PCAOB and SEC Developments One of the key messages conveyed by the Staff (the Staff ) of the SEC s Division
More informationInternational Finance Corporation
International Finance Corporation Corporate Governance and Internal Audit Overview Bob Lamm Independent Senior Advisor Center for Corporate Governance Deloitte LLP Neil White Global IA Analytics Leader
More informationThe Strategic Potential of Internal Audit
June 2017 The Strategic Potential of Internal Audit Deliver Greater Value to Senior Management and Boards A white paper by William C. Watts, CIA Audit / Tax / Advisory / Risk / Performance Smart decisions.
More informationAgenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)
The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview
More informationMarch 2017 WORLD-CLASS AUDIT REGULATION Annual Inspections Report.
WORLD-CLASS AUDIT REGULATION March 2017 2016 Annual Inspections Report www.cpab-ccrc.ca CANADIAN PUBLIC ACCOUNTABILITY BOARD ABOUT CPAB The Canadian Public Accountability Board (CPAB) is Canada s audit
More informationEnhancing Audit Committee Excellences through Internal Audit. 21 November 2017
Enhancing Audit Committee Excellences through Internal Audit 21 November 2017 Sharpen and Strengthen Excellences of Audit Committee Recent Trends and Emerging Challenges Global and Emerging Trends Roles
More informationOFFICE OF THE CHIEF AUDITOR STANDARD-SETTING AGENDA MARCH 2012
1666 K Street, NW Washington, D.C. 20006 Telephone: (202) 207-9100 Facsimile: (202)862-8430 www.pcaobus.org OFFICE OF THE CHIEF AUDITOR STANDARD-SETTING AGENDA MARCH 2012 As part of developing and periodically
More informationReport on Inspection of Deloitte & Associes (Headquartered in Neuilly-sur-Seine, French Republic) Public Company Accounting Oversight Board
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org Report on 2015 (Headquartered in Neuilly-sur-Seine, French Republic) Issued by the Public Company
More informationSecuring Capabilities in the Cloud: Security and Privacy in the Evolution of Cloud Computing
The Dbriefs Technology Executive series presents: Securing Capabilities in the Cloud: Security and Privacy in the Evolution of Cloud Computing Vikram Bhat and Irfan Saif, Deloitte & Touche LLP June 2,
More informationBOARD GUIDELINES ON SIGNIFICANT CORPORATE GOVERNANCE ISSUES
BOARD GUIDELINES ON SIGNIFICANT CORPORATE GOVERNANCE ISSUES Management and the Board of Directors ( Board ) of Nabors Industries Ltd. (the Company ) are committed to conducting business consistent with
More informationOSHKOSH CORPORATION BOARD OF DIRECTORS AUDIT COMMITTEE CHARTER. As Amended as of May 9, 2016
OSHKOSH CORPORATION BOARD OF DIRECTORS AUDIT COMMITTEE CHARTER As Amended as of May 9, 2016 Purpose The purpose of the Audit Committee of the Board of Directors ( Audit Committee ) shall include assisting
More informationIAASB Main Agenda (December 2009) Agenda Item. Engagements to Compile Financial Information Issues and IAASB Task Force Proposals I.
Agenda Item 3-A Engagements to Compile Financial Information Issues and IAASB Task Force Proposals I. Objective 1. The objective of this Paper is to consider significant issues to be addressed in the revision
More informationPUBLIC COMPANY ACCOUNTING OVERSIGHT BOARD
1666 K Street, N.W. Washington, DC 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8433 www.pcaobus.org PUBLIC COMPANY ACCOUNTING OVERSIGHT BOARD ) ) In the Matter of ) PCAOB Release No.104-2013-087
More informationSource-to-pay: Delivering value beyond savings
Source-to-pay: Delivering value beyond savings December 2016 kpmg.com Transforming the source-to-pay process Because the source-to-pay (S2P) process crosses three organizations procurement, finance, and
More informationThe Future of Internal Auditing:
Internal Audit The Future of Internal Auditing: Changing Internal Audit s Value Proposition October 12, 2010 Istanbul, Turkey Presented by: Naman Parekh Partner, Agenda Background of the 2012 Study Key
More informationVENDOR RISK MANAGEMENT FCC SERVICES
VENDOR RISK MANAGEMENT FCC SERVICES Introductions Chris Tait, CISA, CFSA, CCSK, CCSFP Principal, Financial Services Baker Tilly Russ Sommers, CPA, CISA Senior Manager, Financial Services Baker Tilly Agenda
More informationThe importance of the right reporting, analytics and information delivery
The importance of the right reporting, and information delivery Prepared by: Michael Faloney, Director, RSM US LLP michael.faloney@rsmus.com, +1 804 281 6805 Introduction This is the second of a three-part
More informationEnterprise Risk Management Defined and Explained
Enterprise Risk Management Defined and Explained Council of Engineering and Scientific Society Executives ACCESSE16 July 27, 2016 Paul Klein Managing Director Not-for-Profit Atlantic Coast Market Territory
More information