SOX FOR NPO S Focus on Control. Stephen L. Kuptz, CPA

Similar documents
Community Bankers Conference

9/17/2017. An Overview of COSO s New Framework and Implementation Guidance SPEAKER. Laura Harden, CPA History

Practical Approach to Internal Controls for Pre & Post IPOs in Hong Kong & China

FDICIA Reporting for Financial Institutions. Reporting Changes Under Part 363 and SAS 130

The Ins and Outs: Audits Under FDICIA. Jennifer Gureckis and Kaylyn Landry BerryDunn February 27, 2018

Internal Control Integrated Framework. An IAASB Overview September 2016

Internal Control Integrated Framework. An IAASB Overview September 2016

B S R & Co. LLP. Reporting on Internal. Reporting An Overview. Sarbanes Oxley Act (SOX) 28 December 2013

2013 COSO Internal Control Framework Update. September 5, 2013

COSO What s New, What s Changed, Why Does it Matter and Other Frequently Asked Questions

BUSINESS CPA EXAM REVIEW V 3.0. For Exams Scheduled After March 31, 2017

Internal Control Integrated Framework. May 2013

Nonprofit Association of the Midlands. August 26, 2014

An Update of COSO s Internal Control Integrated Framework. December 2011

Internal Financial Controls New perspectives as per Companies Act 2013 and CARO 2016

38 Years of Excellent Client Service New COSO Model and How Internal Controls Help to Reduce Opportunity for Fraud

SOX and PCAOB. Introduction. SOX Act. In what year did the Sarbanes Oxley Act pass into law?

Table of Contents. Preface xi. Acknowledgments xv. Chapter 1: What We All Share 1. Need for Control Criteria 1

Diving into the 2013 COSO Framework. Presented by: Ronald A. Conrad

In 1992, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) issued a

Auditing and Attestation (AUD) - Content Outline Effective January 2014

Chapter 1. Learning Objective 1, 2. Capital Allocation. Efficient Capital Allocation. Financial Accounting and Accounting Standards

Single Audit Update: Internal Control over Compliance and the GAO s Green Book. MSBO s 80 th Annual Conference April 19, 2018

Airports Council International-North America 2006 Economic Specialty Conference June 5, 2006

CLIENT ALERT: INTERNAL CONTROL OVER FINANCIAL REPORTING

Increasing External Auditor Reliance

The New COSO Framework: Avoiding Deficiencies and Driving Change

PART 6 - INTERNAL CONTROL

Enterprise Risk Management Integrated with Strategy & Performance

Chapter 18. Integrated Audits of Public Companies. McGraw-Hill/Irwin. Copyright 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

2013 New COSO 2013 Framework and Current Trends in Risk Management

SOX perspective of internal control & COSO, COBIT Control frameworks.

29 th Regional Conference of WIRC

What s happening at COSO & The importance of Tone at the Top

SAMPLE BEC SuperfastCPA Review Notes

The Updated COSO Internal Control Framework

INTERNAL AUDIT AND CORPORATE GOVERNANCE EFFECTIVENESS IN THE NIGERIAN OIL AND GAS SECTOR: EVIDENCE FROM SELECTED OIL AND GAS COMPANIES IN RIVERS STATE

9. Internal control Internal control, as defined in accounting and auditing, is a process for assuring achievement of an organization's objectives in

Risk management. Risk management system

Term Project. Sarbanes-Oxley Act (SOX) Hiroshi Tachibana (MBA 2 nd )

20 Years in the Making. Meet the New ICIF: Revisions to COSO s Internal Control Integrated Framework. Dr. Sandra Richtermeyer COSO Board Member

COSO Framework Update Webcast. May 23, 2013

Corporate Governance An Overview. 30 November 2010 Oliver Loch

Internal Financial Controls (IFC) ICAI Seminar October 8, 2016

John F. Buyce, CPA, CIA, CFE, CGFM Audit Director NYS OSC - State Government Accountability

COSO Updates and Expectations. IIA San Diego Chapter January 8, 2014

FINANCIAL INSTITUTIONS AUDIT COMMITTEE GUIDE FOR FINANCIAL INSTITUTIONS

IPO Readiness. Sarbanes-Oxley Compliance & Other Considerations. Presented by:

Comparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining)

Audit Training-of-Trainers Workshop, November 2014, Vienna Components of internal control within organization

Evaluating Internal Controls

Washington Metropolitan Area Transit Authority Board Action/Information Summary

Internal Financial Control (IFC)& Internal Financial Controls over Financial Reporting (IFCoFR)

Business development companies

An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements

EY Center for Board Matters. Leading practices for audit committees

An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements

Business Benefits by Aligning IT best practices

Standards for Internal Control in New York State Government 2016 Update

Single Audit and Yellow Book / Govt. Audit Standards Update Presented by: William Blend, CPA, CFE

COMPLIANCE AT LARGER INSTITUTIONS. November 11 13, Robert F. Roach Chief Compliance Officer New York University

Types of Systems Audit & Relevance. Presented By: Prasad Pendse, CISA

Assessment of the Design Effectiveness of Entity Level Controls. Office of the Chief Audit Executive

[RELEASE NOS ; ; FR-77; File No. S ]

Auditing & Assurance Services, 7e (Louwers) Chapter 2 Professional Standards

Chapter 02. Professional Standards. Multiple Choice Questions. 1. Control risk is

Government Auditing Standards

Compliance Risk Management

After completing this Session, you should be able to answer the following questions:

Chapter 2. The CPA Profession

SEC Votes to Propose Interpretive Guidance for Management to Improve Sarbanes-Oxley 404 Implementation

AN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES

Financial Internal Controls Initiative. Martha Kerner Assistant Vice Chancellor for Business Services

Checkpoint Contents Accounting, Audit & Corporate Finance Library Editorial Materials Audit and Attest PCAOB Audits Chapter 1 Overview 100 Background

AGA Gulf Region PDT COSO and the Green Book: An Enhanced Internal Control Framework

Internal Controls Optimization

CHAPTER 2 THE FINANCIAL STATEMENT AUDITING ENVIRONMENT

The Bulletin. The Updated COSO Internal Control Framework: Frequently Asked Questions. Volume 5, Issue 3. What Hasn t Changed? So Why Change?

COSO Internal Control Integrated Framework update. INTOSAI Subcommittee on Internal Control Standards

FREQUENTLY ASKED QUESTIONS ABOUT INTERNAL CONTROL OVER FINANCIAL REPORTING

SP v1 INTERNAL CONTROL POLICY

2013 INSPECTION OF ENTERPRISE CPAS, LTD.

Government Auditing Standards. Course #5145I/QAS5145I Course Material

1/12/2016. Standards for Internal Control in the Federal Government. Standards for Internal Control in the Government

Internal Control Questionnaire and Assessment

In Control: Getting Familiar with the New COSO Guidelines. CSMFO Monterey, California February 18, 2015

November 21, Office of the Secretary Public Company Accounting Oversight Board 1666 K Street, N.W. Washington, D.C.

THE CITADEL The Military College of South Carolina 171 Moultrie Street Charleston, SC MEMORANDUM 27 July 2009 NUMBER 2-5

Speech by SEC Staff: Remarks before the 2007 AICPA National Conference on Current SEC and PCAOB Developments

Session 7: Corporate Governance

Internal Control Questionnaire and Assessment

An anti-fraud strategy An effective anti-fraud strategy in fact has four main components: prevention detection deterrence response.

A Discussion About Internal Controls February 2016

Internal Control Program

The Blue Sage Group. Sarbanes-Oxley. 404 Compliance Program. The Blue Sage Group

Heads Up. Control Integrated Framework. COSO Enhances Its Internal. In This Issue: Enhancements in the 2013 Framework

Don t Leave Home Without Your SOX!

What s New in Government Internal Control Standards? Going Green

LIST OF SUBSTANTIVE CHANGES AND ADDITIONS. PPC's Guide to Audits of Nonprofit Organizations

An Overview of the 2013 COSO Framework. August 2013

Transcription:

SOX FOR NPO S Focus on Control Stephen L. Kuptz, CPA

Personal Background and Perspective SOX for NPO s Focus on Control 2

Introduction to SOX The Sarbanes Oxley Act of 2002 commonly called Sarbanes Oxley, Sarbox or SOX, is a United States federal law which set new or enhanced standards for all U.S. public company boards, management and public accounting firms. The bill was enacted as a reaction to a number of major corporate and accounting scandals including those affecting Enron, Tyco International, Adelphia, Peregrine Systems and WorldCom. The effects of SOX have now spilled over to non profits due to the financial transgressions of entities such as United Way, Red Cross and the Fiesta Bowl. SOX for NPO s Focus on Control 3

Introduction to SOX (cont d) The Sarbanes Oxley Act of 2002 was enacted to restore confidence in U.S. capital markets and public company financial reporting SOX section 404 requires public reporting companies to file a report on internal controls with their annual reports The report must state the responsibility of management for establishing and maintaining an adequate internal control structure SOX for NPO s Focus on Control 4

Results of SOX Total number of restatements over the last four years has leveled off. SOX for NPO s Focus on Control 5

Why SOX for NPO s? Highest Level of Stewardship and Accountability (ACSI, WASC, ECFA) Increases Stakeholder Confidence Mitigates Risk (Particularly COSO Framework) Provides reliable information supporting sound decision making SOX for NPO s Focus on Control 6

Board of Directors Responsibility SAS 115 Cited Deficiency: Ineffective oversight of the organization s financial reporting and internal controls by those charged with governance Auditor Significant Deficiency Comment: During the course of our audit, we determined that internal controls are now properly documented. We did not see any evidence, however, that the board has reviewed management s internal control risk assessment, nor that the board has monitored the design and effectiveness of the internal controls put in place by management in response to its risk assessment. SOX for NPO s Focus on Control 7

What Did We Do at SFC? In 2012 Adopted and implemented the requirements of section 404 of the Sarbanes Oxley Act of 2002 Based our assessment of the effectiveness of internal control on the criteria established in the December, 2011 draft COSO Internal Control Integrated Framework SOX for NPO s Focus on Control 8

What is COSO Internal Control Integrated Framework? COSO Integrated Framework provides the structure and guidance for establishing, testing, monitoring and reporting on a company s system of internal controls SOX for NPO s Focus on Control 9

What is Internal Control? A process, affected by an entity s Board of Directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of OBJECTIVES relating to operations, reporting and compliance SOX for NPO s Focus on Control 10

Internal Control Integrated Framework First published in 1992 Gained wide acceptance following financial control failures of early 2000 s Most widely used Framework in the U.S. Also widely used around the world ORIGINAL COSO CUBE Source: AICPA Learning Center 11

COSO Internal Control Integrated Framework 2013 Consists of three volumes: Executive Summary Framework and Appendices Illustrative Tools for Assessing Effectiveness of a System of Internal Control Sets out: Definition of internal control Categories of objectives Components and principles of internal control Requirements for effectiveness SOX for NPO s Focus on Control 12

Update considers changes in business and operating environments Environments changes... have driven Framework updates Expectations for governance oversight Globalization of markets and operations Changes and greater complexity in business Demands and complexities in laws, rules, regulations, and standards Expectations for competencies and accountabilities Use of, and reliance on, evolving technologies Expectations relating to preventing and detecting fraud SOX for NPO s Focus on Control 13

COSO Pyramid Objectives (3) Operations Reporting Compliance Components (5) Control Environment Risk Assessment Control Activities Information and Communication Monitoring Principles and Attributes (17) SOX for NPO s Focus on Control 14

What are Objectives? COSO sets forth three categories of internal control objectives in its May, 2013 Integrated Framework: Operations Objectives Reporting Objectives Compliance Objectives These objectives allow organizations to focus on differing aspects of internal control. They remain unchanged from the 1992 Framework SOX for NPO s Focus on Control 15

What are Objectives? Operations Objectives: Pertain to the effectiveness and efficiency of the entity s operations, including operational and financial performance goals, and safeguarding assets against loss Reporting Objectives: Pertain to internal and external financial and non financial reporting Compliance Objectives: Pertain to laws and regulations to which the entity is subject SOX for NPO s Focus on Control 16

What are Components and Principles? Control Environment Risk Assessment Control Activities Information & Communication Monitoring Activities 1. Demonstrates commitment to integrity and ethical values 2. Exercises oversight responsibility 3. Establishes structure, authority and responsibility 4. Demonstrates commitment to competence 5. Enforces accountability 6. Specifies relevant objectives 7. Identifies and analyzes risk 8. Assesses fraud risk 9. Identifies and analyzes significant change 10. Selects and develops control activities 11. Selects and develops general controls over technology 12. Deploys through policies and procedures 13. Uses relevant information 14. Communicates internally 15. Communicates externally 16. Conducts ongoing and/or separate evaluations 17. Evaluates and communicates deficiencies Source: AICPA Learning Center 17

SFC Internal Control Components Internal Control and Risk Assessment Report Address each of the 17 COSO Principles Internal Control Scoping Memorandum (SOX 404) Risk Identification and Analysis by Account and Disclosure Focus on Medium and High Risk Accounts (Cash, Receivables, Restrictions) SOX for NPO s Focus on Control 18

SFC Internal Control Components Key Controls Mapping Plan Control Owner Control Frequency (Annual, Semi, Monthly) Control Properties (Preventive, Detective, Manual, Auto, etc.) FS Assertions (Existence/Occurrence, Completeness, etc) Key Controls Summary and Testing Plan 38 Key Controls Tested Quarterly and Report to Board SOX for NPO s Focus on Control 19

Results 2012: No Audit Adjustments No Management Letter Comments 2013: No Audit Adjustments No Management Letter Comments Our Board of Directors, Management and Stakeholders can rely on the financial information we present throughout the fiscal year enabling us to make sound business decisions on a real time basis SOX for NPO s Focus on Control 20

QUESTIONS AND COMMENTS

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback