Search results
Results From The WOW.Com Content Network
The COSO framework defines internal control as a process, carried out by the board of directors, the administration and other personnel of an entity, designed to provide "reasonable security" with respect to the achievement of objectives in operations, financial reporting, and compliance with applicable laws and regulations.
The 2004 update to Circular A-123 is a re-examination of the existing internal control requirements for Federal agencies and was initiated in light of the new internal control requirements for publicly traded companies contained in the Sarbanes-Oxley Act of 2002. The circular and the statute it implements, the Federal Managers’ Financial ...
Internal control, as defined by accounting and auditing, is a process for assuring of an organization's objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations and policies. A broad concept, internal control involves everything that controls risks to an organization.
These two concepts together (the account- or disclosure-related risks and control-related risks) are called "Internal Control over Financial Reporting Risk" or "ICFR" risk. A diagram was included in the guidance (shown in this section) to illustrate this concept; it is the only such diagram, which indicates the emphasis placed on it by the SEC.
SSAE 18 section 320, titled "Reporting on an Examination of Controls at a Service Organization Relevant to User Entities’ Internal Control Over Financial Reporting", defines two types of report formats, type 1 and type 2, that vary in their content, which further differentiates the level of service to be performed in an attestation engagement ...
International Standards on Auditing (ISA) are professional standards for the auditing of financial information. These standards are issued by the International Auditing and Assurance Standards Board (IAASB). According to Olung M (CAO - L), ISA guides the auditor to add value to the assignment hence building confidence of investors.
The scope of an ISAE 3402 engagement is control set of the service organization, or to be more precise the service organizations controls over services, functions performed and applications that are likely to be relevant for the customer and its auditor to evaluate the internal control over financial reporting [further explanation needed].
The auditor must test entity-level controls that are important to the auditor's conclusion about whether the company has effective internal control over financial reporting. Depending on the auditor's evaluation of the effectiveness of the entity-level controls, the auditor can increase or decrease the amount of testing that they will perform.