SOX Audit Environment

Similar documents
B S R & Co. LLP. Reporting on Internal. Reporting An Overview. Sarbanes Oxley Act (SOX) 28 December 2013

Report on Inspection of Deloitte LLP (Headquartered in Toronto, Canada) Public Company Accounting Oversight Board

Report on Inspection of KPMG Auditores Consultores Ltda. (Headquartered in Santiago, Republic of Chile)

Report on Inspection of KPMG AG Wirtschaftspruefungsgesellschaft (Headquartered in Berlin, Federal Republic of Germany)

Report on. Issued by the. Public Company Accounting Oversight Board. June 16, 2016 THIS IS A PUBLIC VERSION OF A PCAOB INSPECTION REPORT

Sarbanes Oxley Impact on Supply Chain Management

Corporate Governance Principles of Auditing: An Introduction to International Standards on Auditing - Ch 14

Report on Inspection of K. R. Margetson Ltd. (Headquartered in Vancouver, Canada) Public Company Accounting Oversight Board

Report on Inspection of KAP Purwantono, Sungkoro & Surja (Headquartered in Jakarta, Republic of Indonesia)

2016 INSPECTION OF BHARAT PARIKH & ASSOCIATES CHARTERED ACCOUNTANTS. Preface

Report on Inspection of Deloitte & Associes (Headquartered in Neuilly-sur-Seine, French Republic) Public Company Accounting Oversight Board

IPO Readiness. Sarbanes-Oxley Compliance & Other Considerations. Presented by:

Report on Inspection of KPMG Audit Limited (Headquartered in Hamilton, Bermuda) Public Company Accounting Oversight Board

See your auditor clearly. Transparency report: How we perform quality audit engagements

Report on Inspection of Navarro Amper & Co. (Headquartered in Taguig City, Republic of the Philippines)

Report on Inspection of Grant Thornton Auditores Independentes (Headquartered in Sao Paulo, Federative Republic of Brazil)

Increasing External Auditor Reliance

OFFICE OF THE CHIEF AUDITOR STANDARD-SETTING AGENDA MARCH 2012

Report on Inspection of KPMG SAS (Headquartered in Bogota, Republic of Colombia) Public Company Accounting Oversight Board

NORFOLK SOUTHERN CORPORATION. Committee s Role and Purpose

AN ASSESSMENT OF THE COSTS AND BENEFITS ASSOCIATED WITH THE IMPLEMENTATION OF SARBANES OXLEY SECTION 404 IN A SOUTH AFRICAN CONTEXT

Report on Inspection of PricewaterhouseCoopers Audit (Headquartered in Neuilly-Sur-Seine, French Republic)

Inspection of Petrie Raymond, Chartered Accountants L.L.P. (Headquartered in Montreal, Canada) Public Company Accounting Oversight Board

GRANITE CONSTRUCTION INCORPORATED AUDIT/COMPLIANCE COMMITTEE CHARTER

AUDIT COMMITTEE CHARTER

Auditing Standard 16

September 9, 2016 kpmg.ca

Guide to the Sarbanes-Oxley Act: Internal Control Reporting Requirements

Purchase Order Settings in SAP SRM

SAP CRM/BW - Business Partner Enhancement and BW Extraction

Public Company Accounting Oversight Board

WELLS FARGO & COMPANY AUDIT AND EXAMINATION COMMITTEE CHARTER

Using the Switch Document for Change of Supplier Process (Utility Industry)

The Enterprise SOA Implementation Lifecycle Explained

AN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES

4. Organic documents. Please provide an English translation of the company s charter, by-laws and other organic documents.

Sheryl Vacca, CHC-F, CCEP-F, CHRC, CCEP-I, CHPC. SVP/Chief Compliance & Audit Officer University of California

STANDING ADVISORY GROUP MEETING OCA CURRENT STANDARDS-SETTING AGENDA OCTOBER 14-15, 2009

Sarbanes-Oxley Act of 2002 Can private businesses benefit from it?

Chapter 2 The Public Accounting Profession

How to Restart a Failed Process Chain if Repeat Option is not Applicable

Special Inspection of Seale and Beers, CPAs, LLC (Headquartered in Las Vegas, Nevada) Public Company Accounting Oversight Board

AUDIT COMMITTEE CHARTER REINSURANCE GROUP OF AMERICA, INCORPORATED. the audits of the Company s financial statements;

FREQUENTLY ASKED QUESTIONS ABOUT INTERNAL CONTROL OVER FINANCIAL REPORTING

CORPORATE GOVERNANCE KING III COMPLIANCE REGISTER 2017

PPG INDUSTRIES, INC. AUDIT COMMITTEE CHARTER

Report on Inspection of Deloitte, S.L. (Headquartered in Madrid, Kingdom of Spain) Public Company Accounting Oversight Board

Chapter 1. Learning Objective 1, 2. Capital Allocation. Efficient Capital Allocation. Financial Accounting and Accounting Standards

Beyond Compliance. Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404

SARBANES-OXLEY COMPLIANCE MANAGING CHANGING EXPECTATIONS January 20, 2017

Sarbanes-Oxley Compliance Kit

Audit Committee of the Board of Directors Charter CNL HEALTHCARE PROPERTIES II, INC.

Automatic Packaging in SNC A Case Study

AMERICAN EXPRESS COMPANY AUDIT AND COMPLIANCE COMMITTEE CHARTER (as amended and restated as of September 26, 2017)

Evaluating Internal Controls

Assurance Services. thinking strategically to your best advantage

For the first time in the history of corporate financial reporting and. Management Reporting on Internal Control. Use of COSO 1992 in.

SAP for Insurance Part 1

PCA08 Public Company Accounting Oversight Board

Operational Due Diligence Spotlight on the On-Site Visit

Proposed Attestation Requirements for FR Y-14A/Q/M reports. Overview and Implications for Banking Institutions

) ) ) ) ) ) See Section 104(g)(2) of the Act, 15 U.S.C. 7214(g)(2); PCAOB Rule

The Audit Committee of the Supervisory Board of CB&I

New Role of Audit Committee: A Post-Financial Crisis Analysis

AICPA STANDARDS FOR PERFORMING AND REPORTING ON PEER REVIEWS. Effective for Peer Reviews Commencing on or After January 1, 2009

1. Number. Except as otherwise permitted by the applicable NASDAQ rules, the Audit Committee shall consist of at least three members of the Board.

Exception Handling in Service-Oriented Architecture

UNIVERSITY OF ILLINOIS AT URBANA-CHAMPAIGN

DAVITA INC. AUDIT COMMITTEE CHARTER

Speech by SEC Staff: Remarks before the 2007 AICPA National Conference on Current SEC and PCAOB Developments

Internal Control & Sarbanes-Oxley Act. ERPANET Workshop. Antwerp, April 14, PwC

Enhancing Audit Quality and Transparency

The views expressed in these slides are solely the views of the Investor Advisory Group members who prepared them and do not necessarily reflect the

Integration of Multiple Campaigns Functionality of SAP CRM 2007 to ECC 5.0 or lower

Chapter 4. Audit regulation

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS OF MULESOFT, INC.

) ) ) ) ) ) ) ) ) ) II.

Setup Matrix Generation in a Complex Manufacturing Environment

Reporting Data in Alternate Unit of Measure in BI 7.0

Report on Limited Inspection of KPMG LLP. Public Company Accounting Oversight Board

Ethical leadership and corporate citizenship. Applied. Applied. Applied. Company s ethics are managed effectively.

STANDARD ON QUALITY CONTROL (SQC) 1

) ) ) ) ) ) ) ) ) ) II.

Audit Committee Compensation and Aggressive Accounting Practices: An Analysis after the Implementation of The Sarbanes Oxley Act of 2002

Delta Dental of Michigan, Ohio, and Indiana. Compliance Plan

King IV Application Register

McGraw-Hill/Irwin. Copyright 2013 by The McGraw-Hill Companies, Inc. All rights reserved.

SNP: CTM Concepts, Demand Prioritization and Supply Categorization

Corporate Governance Update. SOX 404 and Internal Controls

Business Process Management with JRULE

STANDARD-SETTING UPDATE OFFICE OF THE CHIEF AUDITOR DECEMBER 31, 2017

The Role of ISO in Strategic Asset Lifecycle Information Management

MiMedx Group, Inc. Code of Business Conduct and Ethics

Sarbanes-oxley Ongoing Compliance Guide Key. Key Processes And Summary Checklists

CORPORATE COMPLIANCE PROGRAM CHARTER

SOUTHWEST AIRLINES CO. AUDIT COMMITTEE CHARTER

Re: PCAOB Rulemaking Docket Matter No. 37

Comparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining)

Reliable Financial Reporting. Evaluating Deficiencies in Internal Control Over Financial Reporting

Compliance Program Effectiveness Guide

Transcription:

SOX Audit Environment Summary This article gives an overview of the independent audit board, auditors and also their relationship with the management. The objectives of audit are also listed as well as a sample questionnaire for the auditors and a sample representation of management to the auditors. Author: Charukesh R Gaikwad Company: HCL technologies Ltd. Created on: 9 July 2007 Author Bio Charukesh R Gaikwad is working as a GRC specialist in HCL Technologies Ltd. 2007 SAP AG 1

Table of Contents SOX Audit... 2 The Independent Audit Board... 2 Objectives of an Audit... 2 Auditors... 2 Relationship between Audit Firms/Committee and Executive Management... 2 Focus and Sample Questionnaire for the Auditors:... 3 Management Representation to Auditors:... 3 PCAOB... 4 Related Content... 4 Disclaimer and Liability Notice... 5 SOX Audit The Independent Audit Board One of the most significant reforms introduced by SOX is the advent of the independent audit board. SOX require corporations to have audit committees made up solely of independent directors. The audit committee is responsible for obtaining information from management relevant to the audit and otherwise assisting in the audit process. It s viewed as an important part of a company s internal control because it provides a company presence entirely independent from management and interfaces with the independent auditors (external) Objectives of an Audit Primary audit objectives are to: Raise the risk and control assessment and design skills of all staff Provide accurate and complete information to the Officers, the Board and external stakeholders on the state of risk and control management systems Assist staff at all levels to design and maintain better, more optimal risk and control management frameworks. Auditors Auditors are measured on, and accountable for, achievement of the primary objectives noted above. Auditors are the traditional inspectors of information within a company. They re responsible for testing the accounting data gathered from management and from rank-and-file employees. Auditors should be skilled and knowledgeable risk and control design analysts. These skills should extend to customer service, product quality, environmental compliance, fraud prevention and detection, and safety, as well as traditional financial reporting objectives. Auditors may be either internal employees of a company or independent auditors working for an outside firm. Both internal and independent auditors adhere to Generally Accepted Accounting Principles (GAAP). Relationship between Audit Firms/Committee and Executive Management There should be no conflicts of interests arising from close relationships between audit firms and the companies they audit; SOX prohibits auditors from performing certain non audit services to clients they audit. Ensuring auditor s independence is critical aspect of SOX The Sarbanes-Oxley Act has placed a spotlight on the audit committee as Guardians of Corporate Governance and Investor Interest In turn the relationship between the audit committee and the Executive 2007 SAP AG 2

Management has changed as both group assume increase responsibility for oversight of the financial reporting process, the assurance of accuracy and transparency of financial statements and risk management. In order to provide effective oversight the audit committee should expect management particularly the CFO to provide the information needed to help members expand their knowledge and awareness of the company s financial reporting process, including identifying risk and understanding control surrounding these risks. Focus and Sample Questionnaire for the Auditors: Firms dealing with SOX routinely cite three principal areas of focus by public accounting and auditing firms: strategic, tactical, and operational. The area cited as the most difficult by most firms is operational, because this is where non-compliance with SOX is most often found by auditors. Involving interviews that are focused on controls, tests, and documentation are conducted. Full management support can result in a more effective and focused audit committee and lead to identification of process efficiencies, more effective risk management and compliance cost reduction. To attain such a level of effectiveness the CFO should provide audit committee members with the necessary information to appropriately answer the following questions. Once beyond the initial walkthrough, audit firms are routinely embedding lessons learned about the environment into automated electronic (and nonelectronic) operational tests for subsequent use by the audit firm. Parson Consulting, Confidence Newsletter Qtr 1 2006, Providing Effective Oversight list some Questions like: What is the company s Risk Management strategy? How long has it been since you revived it? Does your company segregate non-financial risk (Operational, brand name, goodwill, market)? What is the strategy for such risks? How do you identify and measure the risks/threats that could impact on the achievement of your Business objective? What are the major risks of your company? What are its short term and long term implications? Does your risk management process integrate with SOX compliance? What is the Risk tolerance of your company and how it is determine? How risk mitigation is done in your company? Are the risks insured? How effective is your control framework and what is the cost you pay for it? Can you eliminate some control so as to reduce the overall cost but keeping the residual risk constant? How does your risk management plan maximize the Shareholders value? Many more questions can be asked considering the responses to the initial questions. The motive is to extract substantial information so as to gain proper insight of the company s financial reporting. Generally Interviews are designed to determine the following: The performance results of their firm The business pressures and strategic actions their company was taking The process maturities at their firm The enabling technologies being employed Internal and external auditors should not ignore breakthroughs in quality management and risk management. Management Representation to Auditors: Tim J. Leech s Sarbanes-Oxley Sections 302 & 404.A White Paper Proposing Practical, Cost Effective Compliance Strategies (April 2003, CARDdecisions.com ) has given a number of sample representations. Attachment 9 gives Sample Management Representation to Auditors as follows: 2007 SAP AG 3

We, the undersigned, acknowledge to the Audit Committee that we have: (1) Responsibility for developing and maintaining internal controls and disclosure controls that provide reasonable assurance that ABC s financial statements and supplemental SEC disclosures present fairly the results of operation and the financial position of ABC Inc. in accordance with generally accepted accounting principles and other applicable SEC regulation. (2) Responsibility for overseeing that the organization has cost effective risk and control management systems that provide reasonable assurance ABC s external disclosure objectives will be achieved. (3) Reviewed the significant control and risk issues identified by work units and management through the company's risk and control self-assessment process, and the significant issues identified by our Internal Audit department and our External Auditor that have been brought to our attention. We have initiated steps to adjust controls in areas where the error rates and/or residual risks identified related to the non-achievement of ABC s disclosure objectives were considered to be excessive and/or unacceptable. (4) Reviewed our process to manage risk and control and this year s report on our risk management process prepared by our Internal Audit for the Audit Committee. We are satisfied that our risk and control assessment framework process provides you, our Audit Committee, and our External Auditors with a reliable and materially complete report on the status of risk and controls related to our external disclosure objectives as required by sections 302 and 404 of the Sarbanes-Oxley Act of 2002. CEO CFO PCAOB SOX establishes a five-member Public Company Accounting Oversight Board (PCAOB) that lets auditors know what they re supposed to be evaluating and sets rules about the relationships and ties auditors can have with the companies they audit. The PCAOB has the following responsibilities: To oversee the audit of public companies To establish audit report standards and rules To register audit firms The SEC oversees the PCAOB Inspections of audit firms Auditors must submit to continuing inspections by the PCAOB. Firms that provide audit reports for more than 100 public companies get inspected once a year. Firms that audit fewer than 100 companies get reviewed every three years. Title I of SOX also empowers the PCAOB to impose disciplinary or remedial sanctions upon audit firms. Related Content Confidence Newsletter Qtr1 2006 The SOX Saga Sarbanes-Oxley Sections 302 &404.A white paper proposing practical cost effective compliance strategies 2007 SAP AG 4

Disclaimer and Liability Notice This document may discuss sample coding or other information that does not include SAP official interfaces and therefore is not supported by SAP. Changes made based on this information are not supported and can be overwritten during an upgrade. SAP will not be held liable for any damages caused by using or misusing the information, code or methods suggested in this document, and anyone using these methods does so at his/her own risk. SAP offers no guarantees and assumes no responsibility or liability of any type with respect to the content of this technical article or code sample, including any liability resulting from incompatibility between the content within this document and the materials and services offered by SAP. You agree that you will not hold, or seek to hold, SAP responsible or liable with respect to the content of this document. 2007 SAP AG 5

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback