1 / 13

Garrett L. Stauffer, CPA Partner PricewaterhouseCoopers LLP

Garrett L. Stauffer, CPA Partner PricewaterhouseCoopers LLP. Internal Control Reporting Task Force. Internal Control Reporting Task Force. Objective

mdora
Download Presentation

Garrett L. Stauffer, CPA Partner PricewaterhouseCoopers LLP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Garrett L. Stauffer, CPA Partner PricewaterhouseCoopers LLP

  2. Internal Control Reporting Task Force

  3. Internal Control Reporting Task Force Objective • In light of the Sarbanes-Oxley Act, revisit the existing audit guidance on auditing of internal controls to ensure appropriate performance and reporting guidance are available to the practitioners.

  4. Internal Control Reporting Task Force Project Timeline and Current Status • February 11 - 13, 2003 • Met with Auditing Standards Board to review draft of proposed guidance. • Board approved for exposure. • Early to mid-March 2003 • Release exposure draft for public comment (45-60 day exposure period).

  5. Internal Control Reporting Task Force Project Timeline and Current Status June 3 - 4, 2003 • Meet with Auditing Standards Board to review comments received and recommended changes. July 29 - 31, 2003 • Review final draft with Auditing Standards Board and receive approval for issuance. August 2003 • Issue final guidance.

  6. Internal Control Reporting Task Force Hurdles • Public Company Accounting Oversight Board (PCAOB) • Sarbanes-Oxley Act established the PCAOB as the authoritative body to establish auditing standards. • Proposed Section 404 guidance has not been issued in final form.

  7. Internal Control Reporting Task Force Assumptions Made in Writing Standards • Management’s and auditor’s reports will include the same objectives (Sarbanes-Oxley Act 103 aa and bb). • Criteria used by management and the auditor to assess the effectiveness of internal controls over financial reporting will be based on criteria established under due process (i.e., COSO report). • The existence of a material weakness in internal control would preclude both management and the auditor from concluding the controls are effective. • Management’s report on internal controls will disclose all significant deficiencies and material weakness.

  8. Internal Control Reporting Task Force Committee Deliverables • New Statement on Auditing Standards “Auditing an entity’s internal control over financial reporting in conjunction with the financial statement audit” • Revise Standard for Attestation Engagement (AT 501) “Reporting on an entity’s internal control over financial reporting” • Revise Statement on Auditing Standards (SAS 60) “Communication of Internal Controls related Matters Noted on an Audit”

  9. Internal Control Reporting Task Force Requirements of the Preparer Community • Adequate documentation of the design of controls • Inadequate documentation may result in: • Significant deficiency • Material weakness • Scope limitation • Sufficient evidence to support management’s assertion of effectiveness • Insufficient evidence constitutes a material weakness and results in a report qualification.

  10. Internal Control Reporting Task Force Testing Considerations Nature of Testing • Different types of testing – inquiry, observation, re-performance and a combination thereof • Inquiry alone is not adequate. Rotation of Testing • All significant locations and all significant controls must be evaluated annually • Specific controls to be tested; and the nature, timing and extent may vary from year to year. • However, some testing would be performed on significant controls each year.

  11. Internal Control Reporting Task Force Testing Considerations Multiple Locations • It may not be necessary to understand and test controls at each location • As long as those that are excluded are not capable of being material in the aggregate • Need to consider • Similarity of business operations and controls • Degree of centralization of records (Share Services) • Effectiveness of the control environment over the exercise of authority delegated to locations • Nature and amount of transactions and assets at the location • The degree the location could create an obligation on the part of the entity • The nature and extent of monitoring controls that managementhas in place over the location

  12. Internal Control Reporting Task Force Use of Internal Audit’s Work by the External Auditor • Where management uses internal audit’s work as a basis for its conclusion about effectiveness • The external auditor should not rely solely on the results of internal audit. • However, the external auditor may consider such work in determining the nature, timing and extent of his or her testing • The external auditor must perform independent test of controls related to each significant account, class of transactions, and disclosure.

  13. Agenda 1:00 - 1:10 Introduction & Overview of Annual Certification of Controls - Dave Richards 1:10 - 1:17 Methodology - Sheryl Hildebrand 1:17 - 1:24 Testing the Controls - Gary McGuire 1:24 - 1:30 FDIC Certification Experience - Brian Szabo 1:30 - 1:45 External Auditor Attestation - Gary Stauffer 1:45 - 1:50 Break 1:50 - 2:25 Questions & Answers - Panel 2:25 - 2:30 Concluding Remarks - Dave Richards

More Related