Professional Documents
Culture Documents
SECTION 302
- Requires that corporate management (including CEO)
certify their organization’s internal controls on a quarterly
& annual basis
SECTION 404
- Requires the management of public companies to assess the
effectiveness of their organization’s internal controls
- An annual report must:
Understand the flow of transactions, including IT aspects, in sufficient
detail to identify points at which a misstatement could arise
Using a risk-based approach, assess both the design and operating
effectiveness of selected internal controls related to material accounts
Assess the potential for fraud in the system and evaluate the controls
designed to prevent or detect fraud
Evaluate and conclude on the adequacy of controls over the financial
statement reporting process
Evaluate entity-wide (general) controls that correspond to the
components of the COSO framework
PCAOB Standard No 5
Requires auditors to understand transaction flows, including the controls pertaining to how
transactions are initiated, authorized, recorded and reported
Evaluate entity-wide (general) controls that correspond to the components of the COSO
framework