Scribd Logo
Upload

Welcome to Scribd!

  • February 5 Notes

    Uploaded by

    Jenevieve Limqueco
    10 views1 page
    notes

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    notes

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    10 views1 page

    February 5 Notes

    Uploaded by

    Jenevieve Limqueco
    notes

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Jenevieve Limqueco (11117818)

    February 6, 2014

    The 2002 Sarbanes-Oxley (SOX) Act established a new corporate governance rules like the creation of PCAOB, increased the accountability of for company officers & BOD, increased the penalties for white collar crime, % many more. Under section 302, the management must state in their quarterly & annual FS: 1) certify the IC over financial reporting. 2) State the responsibility for IC design. 3) Provide reasonable assurance as to the reliability of the financial reporting process. And lastly, disclose any recent material changes in IC. Under section 404, management must state in their annual report on IC effectiveness: 1) state the responsibility for establishing & maintaining adequate financial reporting IC. 2) Assess IC effectiveness. 3) Reference the external auditors attestation report on managements IC assessment. 4) Provide explicit conclusions on the effectiveness of financial reporting IC. And lastly, 5) identify the framework management used to conduct their IC assessment. Before SOX was enacted, audits do not need IC test only be familiarized with it. But after SOX was enacted, audits should include IC tests. There are 2 types of audit tests to be used in testing the IC: 1) Test of controls are tests to determine if appropriate IC are in place & functioning effectively. 2) Substantive testing is the detailed examination of account balances & transactions. Modern financial reporting is driven by IT. IT initiates, authorizes, records, & reports the effects of financial transactions. The COSO identifies 2 groups of IT controls: 1) Application controls is applied to specific applications & programs, and ensure data validity, completeness, & accuracy. And, 2) General controls is applied to all systems and address IT governance & infrastructure, security of operating systems & databases, and application & program acquisition & development. Disaster Recovery Planning (DRP) identify: 1) Actions before, during, & after the disaster. 2) Disaster recovery team. 3) Priorities for restoring critical applications.

    You might also like