MF0004

8/6/2019 MF0004

http://slidepdf.com/reader/full/mf0004 1/16

Master of Business Administration ² MBA Semester 3

Name: Rahul Sharma

Roll No.: 520961340

Subject: Internal Audit & Control

Subject code: MF0004

Learning Centre: 01822

Assignment No: Set 1 and 2

Sign :

Submitted by: Rahul Sharma

Dated : 4th

Dec, 2010

8/6/2019 MF0004


Assignment Set- 1

Q.1

Discuss Is Auditing is a luxury

Ans:

The general definition of an audit is an evaluation of a person, organization, system, process,

enterprise, project or product. The term most commonly refers to audits in accounting, but

similar concepts also exist in project management, quality management, and energy

conservation.

Auditing is actually a part of Accounting. It is a specialized area that deals with the

examination and review of the accounting records mainly, to find out the effectiveness of

the accounting internal control systems and procedures and also, management policies and

practices. In short not only finding errors and fraud, but to effectively assist management to

avoid or reduce such occurrences. We have internal auditors (co. employees ) and external

auditors ( generally CPA's ) with the objective of forming an independent opinion as to the

fairness, and consistency of the Statements of operation and condition of the company.Based on above informations, we can therefore conclude that Accounting, with Auditing

systems is necessary in business and guides management in the effective implementation of

its policies and procedures for the success of the company.

Accounting is the language of business used to display an entity's (person or company)

financial status through various financial statements and analysis reports.

Auditing is the evaluation of the above mentioned statements and reports within order to

ensure that they are fair and no overstatements hold been made.

Auditing is a "luxury" because it is with the sole purpose a "double-check" of sorts, making

sure that the accounting has been done correctly and honestly. That's why only a few select

people/companies will be audited each year... it is not needed and would consume way too

much time and money if EVERYONE were to be audited.

Ex. Fred owns a trunk company. An accountant goes through his records and creates

different financial statements and reports exhibiting his worth, his assets, his profitability,

etc. (this is the process of accounting) Then, these statements and reports are submitted to

banks, referred to in import tax reports, handed out to shareholders, etc. SOMETIMES, after

these decisions enjoy been made, an audit may be issued. If so, an auditor would contact

Fred and ask for the records that his accountant used and ensure that his chronicles do not

contradict what he reported on his statements and reports.

Audits are performed to ascertain the validity and reliability of information; also to provide

an assessment of a system's internal control. The goal of an audit is to express an opinion on

the person / organization / system (etc) in question, under evaluation based on work done

on a test basis.

Due to practical constraints, an audit seeks to provide only reasonable assurance that the

statements are free from material error. Hence, statistical sampling is often adopted in

audits. In the case of financial audits, a set of financial statements are said to be true and fair

when they are free of material misstatements - a concept influenced by both quantitative

(numerical) and qualitative factors.

8/6/2019 MF0004


Auditing is a vital part of accounting. Traditionally, audits were mainly associated with

gaining information about financial systems and the financial records of a company or a

business (see financial audit). However, recent auditing has begun to include non-financial

subject areas, such as safety, security, information systems performance, and environmental

concerns. With nonprofit organizations and government agencies, there has been an

increasing need for performance audits, examining their success in satisfying missionobjectives. As a result, there are now audit professionals who specialize in security audits,

information systems audits, and environmental audits.

In financial accounting, an audit is an independent assessment of the fairness by which a

company's financial statements are presented by its management. It is performed by

competent, independent and objective person(s) known as auditors or accountants, who

then issue an auditor's report based on the results of the audit.

In cost accounting, it is a process for verifying the cost of manufacturing or producing of any

article, on the basis of accounts measuring the use of material, labour or other items of cost.

In simple words the term, cost audit, means a systematic and accurate verification of the

cost accounts and records, and checking for adherence to the cost accounting objectives.

According to the Institute of Cost and Management Accountants of Pakistan, a cost audit is"an examination of cost accounting records and verification of facts to ascertain that the

cost of the product has been arrived at, in accordance with principles of cost accounting."[1]

An audit must adhere to generally accepted standards established by governing bodies.

These standards assure third parties or external users that they can rely upon the auditor's

opinion on the fairness of financial statements, or other subjects on which the auditor

expresses an opinion.

The Definition for Auditing and Assurance Standard (AAS) 1 by ICAI - "Auditing is the

independent examination of financial information of any entity, whether profit oriented or

not, and irrespective of its size or legal form, when such an examination is conducted with a

view to expressing an opinion thereon."

Integrated audits

In the US, audits of publicly traded companies are governed by rules laid down by the Public

Company Accounting Oversight Board (PCAOB), which was established by Section 404 of the

Sarbanes-Oxley Act of 2002. Such an audit is called an integrated audit, where auditors, in

addition to an opinion on the financial statements, must also express an opinion on the

effectiveness of a company's internal control over financial reporting, in accordance with

PCAOB Auditing Standard No. 5.

There are also new types of integrated auditing becoming available that use unified

compliance material (see the unified compliance section in Regulatory compliance). Due to

the increasing number of regulations and need for operational transparency, organizationsare adopting risk-based audits that can cover multiple regulations and standards from a

single audit event. This is a very new but necessary approach in some sectors to ensure that

all the necessary governance requirements can be met without duplicating effort from both

audit and audit hosting resources

Assessments

The purpose of an assessment is to measure something or calculate a value for it. Although

the process producing an assessment may involve an audit by an independent professional,

8/6/2019 MF0004


its purpose is to provide a measurement rather than to express an opinion about the

fairness of statements or quality of performance.

As a general rule, audits should always be an independent evaluation that will include some

degree of quantitative and qualitative analysis whereas an assessment infers a less

independent and more consultative approach.Types of auditors

Auditors of financial statements can be classified into two categories:

y External auditor / Statutory auditor is an independent Public accounting firm

engaged by the client subject to the audit, to express an opinion on whether the

company's financial statements are free of material misstatements, whether due to

fraud or error. For publicly-traded companies, external auditors may also be

required to express an opinion over the effectiveness of internal controls over

financial reporting. External auditors may also be engaged to perform other agreed-

upon procedures, related or unrelated to financial statements. Most importantly,

external auditors, though engaged and paid by the company being audited, are

regarded as independent auditors.The most used external audit standards are the US GAAS of the American Institute of

Certified Public Accountants; and the ISA International Standards on Auditing developed by

the International Auditing and Assurance Standards Board of the International Federation of

Accountants

y Internal auditors are employed by the organization they audit. They perform various

audit procedures, primarily related to procedures over the effectiveness of the

company's internal controls over financial reporting. Due to the requirement of

Section 404 of the Sarbanes Oxley Act of 2002 for management to also assess the

effectiveness of their internal controls over financial reporting (as also required of

the external auditor), internal auditors are utilized to make this assessment. Though

internal auditors are not considered independent of the company they perform

audit procedures for, internal auditors of publicly-traded companies are required to

report directly to the board of directors, or a sub-committee of the board of

directors, and not to management, so to reduce the risk that internal auditors will

be pressured to produce favorable assessments.

The most used Internal Audit standards are those of the Institute of Internal Auditors.

y Consultant auditors are external personnel contracted by the firm to perform an

audit following the firm's auditing standards. This differs from the external auditor,

who follows their own auditing standards. The level of independence is therefore

somewhere between the internal auditor and the external auditor. The consultant

auditor may work independently, or as part of the audit team that includes internalauditors. Consultant auditors are used when the firm lacks sufficient expertise to

audit certain areas, or simply for staff augmentation when staff are not available.

y Q uality auditors may be consultants or employed by the organization.

Q.2

What is the position of the Auditor in relation with Internal Control?

8/6/2019 MF0004


Ans:

In accounting and auditing, internal control is defined as a process effected by an

organization's structure, work and authority flows, people and management information

systems, designed to help the organization accomplish specific goals or objectives.[1] It is a

means by which an organization's resources are directed, monitored, and measured. It plays

an important role in preventing and detecting fraud and protecting the organization'sresources, both physical (e.g., machinery and property) and intangible (e.g., reputation or

intellectual property such as trademarks). At the organizational level, internal control

objectives relate to the reliability of financial reporting, timely feedback on the achievement

of operational or strategic goals, and compliance with laws and regulations. At the specific

transaction level, internal control refers to the actions taken to achieve a specific objective

(e.g., how to ensure the organization's payments to third parties are for valid services

rendered.) Internal control procedures reduce process variation, leading to more predictable

outcomes. Internal control is a key element of the Foreign Corrupt Practices Act (FCPA) of

1977 and the SarbanesOxley Act of 2002, which required improvements in internal control

in United States public corporations. Internal controls within business entities are also

referred to as operational controls.

Role of auditor in internal control

The internal auditors and external auditors of the organization also measure the

effectiveness of internal control through their efforts. They assess whether the controls are

properly designed, implemented and working effectively, and make recommendations on

how to improve internal control. They may also review Information technology controls,

which relate to the IT systems of the organization. There are laws and regulations on internal

control related to financial reporting in a number of jurisdictions. In the U.S. these

regulations are specifically established by Sections 404 and 302 of the Sarbanes-Oxley Act.

Guidance on auditing these controls is specified in PCAOB Auditing Standard No. 5 and SEC

guidance, further discussed in SOX 404 top-down risk assessment. To provide reasonable

assurance that internal controls involved in the financial reporting process are effective, they

are tested by the external auditor (the organization's public accountants), who are required

to opine on the internal controls of the company and the reliability of its financial reporting.

Internal auditing activity is primarily directed at improving internal control. Under the COSO

Framework, internal control is broadly defined as a process, effected by an entity's board of

directors, management, and other personnel, designed to provide reasonable assurance

regarding the achievement of objectives in the following internal control categories:

y Effectiveness and efficiency of operations.

y Reliability of financial reporting.

y Compliance with laws and regulations.

Management is responsible for internal control. Managers establish policies and processes

to help the organization achieve specific objectives in each of these categories. Internal

auditors perform audits to evaluate whether the policies and processes are designed and

operating effectively and provide recommendations for improvement.

8/6/2019 MF0004


In the United States, internal auditors may assist management with compliance with the

Sarbanes-Oxley Act (SOX).

Relationship between Statutory Auditor and internal Auditor:

The function of an internal auditor being an integral part of the system of internal control, it

is obligatory for a statutory auditor to examine the scope, independence and effectivenessof the work carried out by the internal auditor. CARO, 2004 also requires the statutory

auditor to comment on the internal audit system.

Though the roles and primary objectives of internal and statutory audit differs, some of their

means of achieving their respective objectives are similar. Thus, much of the work of the

internal auditor may be useful to the statutory auditor in determining the nature, timing and

extent of his audit procedures. Depending upon such evaluation, the statutory auditor may

be able to adopt less extensive procedures.

If the statutory auditor is satisfied on an examination of the work of the internal auditor,

that the internal audit has been efficient and effective, he may accept the

checking/evaluation carried out by the internal auditor in the area of internal control,

verification of assets and liabilities etc.It must however be mentioned that the area of co-operation between the statutory and

internal auditor is limited by the fact that both owe their allegiance to separate authorities,

the shareholders in the case of statutory auditor and the management in the case of internal

auditor.

Internal auditor should check if there are any proper internal control is in place within the

organization. This is a continous activity since the business environment changes. The

internal controls varies for each department e.g. Procurement, sales, collections, payables,

accounting, financial, recruitment etc.

The auditor should review there are sufficient control in all the areas of the organization and

if there are insufficient controls, the same needs to reported in the audit report. If the

internal control is weak and affects the financial position of the organization then the

auditor can qualify the report also.

Q.3

Write the Guidelines for internal check for Sales Counter?

Ans:

Internal Check is an arrangement of staff duties whereby no one person is allowed to carry

through and record every aspect of transactions so that without collusion between two or

more persons, fraud is prevented and at the same time the possibilities of errors is reduced

to a minimum.

Internal Check is a system or method introduced with defined instructions given to staff as

to their sphere of work with a view to control and verification of their work and also

maintenance of accurate records as the ultimate aim.

y To allocate duties and responsibilities to every clerk in such a way that he may be

held responsible for a particular error or fraud.

y To minimise the possibilities of errors, frauds or irregularities.

y To detect errors or frauds if they are already committed by the clerks.

y To enhance the efficiency of clerks in a business.

8/6/2019 MF0004


y To distribute work in such a way that no business transaction is left unrecorded.

y To ensure that the accounts produce reliable and adequate information.

y To exercise moral pressure over staff

Accounting procedure or physical control to safeguard assets against loss due to fraud or

other irregularities. Internal check is an element of Internal Control. Weak internal check

mechanisms mandate a greater degree of auditing procedures. An example of internal

control is segregating the record keeping for an asset and its physical custody, such as in the

case with inventory and cash. No one individual should have complete control over a

transaction from beginning to end. Internal checks make it difficult for an employee to steal

cash or other assets and concurrently cover up by entering corresponding amounts in the

accounts. An example of internal check is the establishment of input and output controls

within a data processing department. A group or person has the responsibility of checking

control totals provided by the user department with those generated during the processing

of the data. Examples of physical controls are guards and gates to restrict access.

The internal audit committee is required to maintain a file which will include the following as

evidence of the work: -

y Copy of financial statements including the breakopen schedule, canteen grossschedule, and notes to the financial statements.

y Copy of the budget

y Copy of trial balance

y Copies of the December bank reconciliation for every bank account

y Accounts receivable listing that agrees to the financial statements

y Copy of inventory working paper that agrees to the financial statements

y Copy of working papers that shows prepaid expenses (including early bird per

capita) that agrees to the financial statements

y Copy of accounts payable listing that agrees to the general ledger

y Copy of working paper that shows the deferred per capita that agrees to the general

ledger

y Copy of PST reconciliation and GST reconciliation verification that the formulas

were reviewed. This is key as GST changed this year to 6%

y Copy of wage reconciliation agreement to T4 Summary

y A copy of invoices of capital asset purchases with a copy of the general meeting

minutes approving the purchase

y A copy of any renovation expenditures that totalled over $5,000 with a copy of the

Branch Advisory approval.

Guidelines for Internal Check

1. Sufficient Staff

The principle of internal check is sufficient staff. The employees can be appointed according

to the workload. The management can determine the amount of work, which is distributes

among the departments. The persons are hired to perform their duties. The overloading can

creates trouble for management.

2. Division of Work

8/6/2019 MF0004


Division of work is a principle of internal check. The management can determine the total

amount of work. The whole work is divided among departments. The heads of such

department are responsible for completion of work according to timetable.

3. Co-Ordination

Coordination is a principle of internal check. All departmental managers are bound to

coordinates with other in order to achieve organization objectives. When there is fault in

one department, the work of other department suffers. The objectives cannot be achieved.

Internal check determines the degree of coordination among the managers.

4. Rotation of Duties

Rotation of duties is a principle of internal check. The workers feel bore by doing the same

work from year to year. There is a need of rotation of duties. It is in the interest of concern

as well as employees. The efficiency is improved due to changes is duties.

5. Recreation Leave

The recreation leave is a principle of internal check. The employee can check recreation

leave. It is necessary for mental health. He can commit fraud as the new employee in his

place can disclosed teh matter. The internal check system can work in the interest of

business. The weakness is of one person is disclosed due to leave.

6. Responsibility

The responsibility is a principle of internal check. The employee can enjoy recreation leave. It

is necessary for mental health. He can enjoy recreation leave. It is necessary for mental

health. He cannot commit fraud as the new employee in his place can disclose the matter.

There internal check system can work in the interest of business. The weakness in of one

person is disclosed due to leave.

7. Automatic Machines

The principles of internal check is that machines must be used to do accounting work if

permissible. The machines can do a lot work without delay. The changes of fraud and error

are reduced to a minimum. The working of machines improves efficiency of accounting staff.

8. Checking

The principle of internal check is to check the work of other employees. Many persons

perform the work. The officers can put his signatures to verify the work done by his

subordinate. In this way one work passes many hands. The changes of error and fraud are

minimized due to checking and counter checking.

9. Simple

The principle of internal check is simples in working the employees can understand theworking of internal check system. A person can work under the supervision of other

employees. The line of authority moves from top to bottom level. All workers can

understand their duties in the organization.

10. Documents Classification

The classification of documents is the principles of internal check. The business documents

are prepared, collected, recorded and placed in proper files. The index is prepared to

8/6/2019 MF0004


compile the data. The filing system is useful to place the latter. In case of need the

documents are traced at once.

11. Dependent Work

Dependent work is a principle of internal check. The work of one employee is dependent

upon others. One work passes in the hand of two or three persons till it is complete. Another

person checks the passes done by one person. No person is all in all to start and completethe transactions.

12. Harmony

The principles of internal check are harmony among the employees and departments. The

understanding is essential for business goals. The management is to achieve other social and

national objectives. The harmony is basis for successful internal check.

8/6/2019 MF0004


Assignment Set- 2

Q1.

Explain the meaning of flow chart. Explain different types of flow chart

Ans:

A flowchart is a type of diagram, that represents an algorithm or process, showing the steps

as boxes of various kinds, and their order by connecting these with arrows. This

diagrammatic representation can give a step-by-step solution to a given problem. Data is

represented in these boxes, and arrows connecting them represent flow / direction of flow

of data. Flowcharts are used in analyzing, designing, documenting or managing a process or

program in various fields.

A flow chart is a graphical or symbolic representation of a process. Each step in the process

is represented by a different symbol and contains a short description of the process step.

The flow chart symbols are linked together with arrows showing the process flow direction.

Examples

A simple flowchart for computing factorial N (10!)

A flowchart for computing factorial N (10!) where N! = (1*2*3*4*5*6*7*8*9*10), see image.

This flowchart represents a "loop and a half" a situation discussed in introductory

programming textbooks that requires either a duplication of a component (to be both inside

and outside the loop) or the component to be put inside a branch in the loop. (Note: Sometextbooks recommend against this "loop and a half" since it is considered bad structure,

instead a 'priming read' should be used and the loop should return back to the original

question and not above it

Uses

8/6/2019 MF0004


Flowcharts are used in mapping computer algorithms. However, with computer

advancement in the 1970s, physical flowcharts lost some significance because programming

languages made the process easier. It is common for a business to use a flowchart in the

development of new systems or software, but most often its via flowchart software. A good

example is Draw Anywhere that can be used online without downloading software. You can

also buy software such as Visio or Smart Draw, which offer more options.

Types of Flow Chart

Stern Eckert (2003) suggested that flowcharts can be modelled from the perspective of

different user groups (such as managers, system analysts and clerks) and that there are four

general types:

y Document flowcharts, showing controls over a document-flow through a system

A document flowchart traces the movement of a document, such as internal

memos, payroll information and interoffice mail, through a system. The chart is

columns that are divided by vertical lines. Each column represents a section,

employee, department or unit in a company. The flowchart shows how a document

passes from one part of the company to another. Usually, document flowcharts

contain minimal detail, just the route the document takes from one place to

another.

y Data flowcharts, showing controls over a data flows in a system

A data flowchart illustrates how data pass through a system. Symbols connote

operations involved in the flow of data and the storage, input and output materials

needed to keep the flow going. This is a good way to track where data originates and

where it ends up. Data flowcharts are more concerned with the movement of the

data than how the data is processed.

y System flowcharts showing controls at a physical or resource levelA system flowchart shows how an entire system works by demonstrating how data

flows and what decisions are made to control this event. Symbols that connote

decisions, processes, inputs and outputs and data flow are the most important

elements of a system flowchart. These differ from data flowcharts because they

show decisions, which are more detailed. System flowcharts are used in fields such

instances as aircraft control, central heating and automatic washing machines.

y Program flowchart, showing the controls in a program within a system

A program flowchart demonstrates how a program works within a system. These

flowcharts show any and all user-interaction pathways by using boxes and arrows.

These arrows and boxes form hierarchical menus. Program charts can be large and

complex. However, they are useful for mapping an entire program. One example of

program flowchart is storyboarding for a film. With all intentions mapped, people

can see exactly how a program functions.

Notice that every type of flowchart focuses on some kind of control, rather than on the

particular flow itself.

However there are several of these classifications. For example Andrew Veronis (1978)

named three basic types of flowcharts:

y the system flowchart,

8/6/2019 MF0004


y the general flowchart, and

y the detailed flowchart.

That same year Marilyn Bohl (1978) stated "in practice, two kinds of flowcharts are used in

solution planning:

y system flowcharts and

y Program flowcharts...".More recently Mark A. Fryman (2001) stated that there are more differences:

y "Decision flowcharts,

y logic flowcharts,

y systems flowcharts,

y product flowcharts, and

y Process flowcharts are just a few of the different types of flowcharts that are used in

business and government".

High-Level Flowchart

A high-level (also called first-level or top-down) flowchart shows the major steps in a

process. It illustrates a "birds-eye view" of a process, such as the example in the figure

entitled High-Level Flowchart of Prenatal Care. It can also include the intermediate outputs

of each step (the product or service produced), and the sub-steps involved. Such a flowchart

offers a basic picture of the process and identifies the changes taking place within the

process. It is significantly useful for identifying appropriate team members (those who are

involved in the process) and for developing indicators for monitoring the process because of

its focus on intermediate outputs.

Most processes can be adequately portrayed in four or five boxes that represent the major

steps or activities of the process. In fact, it is a good idea to use only a few boxes, because

doing so forces one to consider the most important steps. Other steps are usually sub-steps

of the more important ones.

Detailed FlowchartThe detailed flowchart provides a detailed picture of a process by mapping all of the steps

and activities that occur in the process. This type of flowchart indicates the steps or activities

of a process and includes such things as decision points, waiting periods, tasks that

frequently must be redone (rework), and feedback loops. This type of flowchart is useful for

examining areas of the process in detail and for looking for problems or areas of inefficiency.

For example, the Detailed Flowchart of Patient Registration reveals the delays that result

when the record clerk and clinical officer are not available to assist clients.

Deployment or Matrix Flowchart

A deployment flowchart maps out the process in terms of who is doing the steps. It is in the

form of a matrix, showing the various participants and the flow of steps among these

participants. It is chiefly useful in identifying who is providing inputs or services to whom, as

well as areas where different people may be needlessly doing the same task. See the

Deployment of Matrix Flowchart.

Q.2

What are the mandatory standards of ICAI?

Ans:

8/6/2019 MF0004


Types of Standards issued by ICAI Auditing and Assurance Standards issued by the ICAI

include the following Standards:

y Auditing and Assurance Standards(AAS)

y Statements on Auditing

y General Clarifications on AAS

y Guidance Notesy Technical Guides

Each of them has different scope and authority attached to them.

Authority Attached to Standards Authority attached to AAS, Statements on Auditing and

General Clarifications on AAS Auditing and Assurance Standards, Statements on Auditing and

General Clarifications on AAS are mandatory in nature. AAS codify the existing best practices

in the area of auditing. AASs are critical for the proper discharge of functions as auditor.

Statements on Audit are issued for compliance by Members. General Clarifications to AAS

are also issued in matters where doubts exist. Accordingly, while discharging their attest

function, it will be the duty of the members of the ICAI to ensure that these are followed in

the audit of financial information covered by their audit reports.

The nature of these Standards requires members to exercise professional judgment in

applying them, for example, a member may judge it necessary to depart from an essential

procedure laid down in these Standards to achieve more effectively the objective of the

engagement.

If, for any reason, a member has not been able to perform an audit in accordance with such

Standards, his report should draw attention to the material departures there from.

Authority Attached to Guidance Notes

Guidance Notes are designed primarily to provide guidance to members on matters which

may arise in the course of their professional work and on which they may desire assistance

in resolving issues which may pose difficulty.

Guidance Notes are recommendatory in nature. A member should ordinarily follow

recommendations in a Guidance Note except where he is satisfied that in the circumstances

of the case, it may not be necessary to do so.

If the recommendations in a Guidance Note have not been followed, the member should

consider whether keeping in view the circumstances of the case, a disclosure in his report is

necessary. Technical Guides, Studies and Other Papers Published by ASB AASB may also

publish Technical Guides, Studies and Other papers. Technical Guides are ordinarily aimed at

imparting broad knowledge about a particular aspect or an industry to the members. Studies

and other papers are aimed at promoting discussion or debate or creating awareness on

issues relating to quality control, auditing, assurance and related service, affecting the

profession.

They do not establish any basic principles or essential procedures to be followed in audit,

assurance or related services engagements.

CAS 1: Classifications of Costs

CAS 2: Capacity Determination

CAS 3: Overheads

CAS 4: Cost of Production for Captive Consumption

8/6/2019 MF0004


CAS 5: Determination of Average (Equalized) Cost of Transportation

CAS 6: Material Cost

shall be mandatory with effect from period commencing on or after 1st April 2010 for

being applied for the preparation and certification of General Purpose Cost Accounting

Statements. Since there is no statutory requirement for the application of such CostAccounting Standards for the preparation and certification of Cost Accounting Statements,

in case the cost accountant is of the opinion that the aforesaid standards have not been

complied with for the preparation of the Cost Statements, it shall be his duty to make a

suitable disclosure/qualification in his audit report/certificate

Q.3

What is SOX? Explain the main features of SOX.

Ans:

The SarbanesOxley Act of 2002, also known as the 'Public Company Accounting Reform and

Investor Protection Act' (in the Senate) and 'Corporate and Auditing Accountability and

Responsibility Act' (in the House) and commonly called SarbanesOxley, Sarbox or SOX, is a

United States federal law enacted on July 30, 2002, which set new or enhanced standards

for all U.S. public company boards, management and public accounting firms. It is named

after sponsors U.S. Senator Paul Sarbanes (D-MD) and U.S. Representative Michael G. Oxley

(R-OH).

The bill was enacted as a reaction to a number of major corporate and accounting scandals

including those affecting Enron, Tyco International, Adelphia, Peregrine Systems and

WorldCom. These scandals, which cost investors billions of dollars when the share prices of affected companies collapsed, shook public confidence in the nation's securities markets.

It does not apply to privately held companies. The act contains 11 titles, or sections, ranging

from additional corporate board responsibilities to criminal penalties, and requires the

Securities and Exchange Commission (SEC) to implement rulings on requirements to comply

with the new law. Harvey Pitt, the 26th chairman of the Securities and Exchange Commission

(SEC), led the SEC in the adoption of dozens of rules to implement the SarbanesOxley Act. It

created a new, quasi-public agency, the Public Company Accounting Oversight Board, or

PCAOB, charged with overseeing, regulating, inspecting and disciplining accounting firms in

their roles as auditors of public companies. The act also covers issues such as auditor

independence, corporate governance, internal control assessment, and enhanced financial

disclosure.The act was approved by the House by a vote of 421 in favor, 3 opposed, and 8 abstaining

and by the Senate with a vote of 99 in favor, 1 abstaining. President George W. Bush signed

it into law, stating it included "the most far-reaching reforms of American business practices

since the time of Franklin D. Roosevelt."

Debate continues over the perceived benefits and costs of SOX. Supporters contend the

legislation was necessary and has played a useful role in restoring public confidence in the

nation's capital markets by, among other things, strengthening corporate accounting

8/6/2019 MF0004


controls. Opponents of the bill claim it has reduced America's international competitive edge

against foreign financial service providers, saying SOX has introduced an overly complex

regulatory environment into U.S. financial markets. Proponents of the measure say that SOX

has been a "godsend" for improving the confidence of fund managers and other investors

with regard to the veracity of corporate financial statements.

Overview

Sarbanes-Oxley contains 11 titles that describe specific mandates and requirements for

financial reporting. Each title consists of several sections, summarized below:

TITLE I Public Company Accounting Oversight Board (PCAOB)

Title I establishes the Public Company Accounting Oversight Board (PCAOB), to provide

independent oversight of public accounting firms providing audit services ("auditors"). It also

creates a central oversight board tasked with registering auditors, defining the specific

processes and procedures for compliance audits, inspecting and policing conduct and quality

control, and enforcing compliance with the specific mandates of SOX. Title I consists of nine

sections.

TITLE II - Auditors Independence

Title II, which consists of nine sections, establishes standards for external auditor

independence, to limit conflicts of interest. It also addresses new auditor approval

requirements, audit partner rotation policy, conflict of interest issues and auditor reporting

requirements. Section 201 of this title restricts auditing companies from doing other kinds of

business apart from auditing with the same clients.

TITLE III - Corporate Responsibility

Title III mandates that senior executives take individual responsibility for the accuracy and

completeness of corporate financial reports. It defines the interaction of external auditors

and corporate audit committees, and specifies the responsibility of corporate officers for the

accuracy and validity of corporate financial reports. It enumerates specific limits on the

behaviors of corporate officers and describes specific forfeitures of benefits and civil

penalties for non-compliance. For example, Section 302 implies that the company board

(Chief Executive Officer, Chief Financial Officer) should certify and approve the integrity of

their company financial reports quarterly. This helps establish accountability. Title III consists

of eight sections.

TITLE IV - Enhanced Financial Disclosures

Title IV consists of nine sections. It describes enhanced reporting requirements for financial

transactions, including off-balance sheet transactions, pro-forma figures and stock

transactions of corporate officers. It requires internal controls for assuring the accuracy of

financial reports and disclosures, and mandates both audits and reports on those controls. It

also requires timely reporting of material changes in financial condition and specificenhanced reviews by the SEC or its agents of corporate reports.

TITLE V - Analyst Conflicts of Interest

Title V consists of only one section, which includes measures designed to help restore

investor confidence in the reporting of securities analysts. It defines the codes of conduct for

securities analysts and requires disclosure of knowable conflicts of interest.

TITLE VI - Commission Resources and Authority

8/6/2019 MF0004


Title VI consists of four sections and defines practices to restore investor confidence in

securities analysts. It also defines the SECs authority to censure or bar securities

professionals from practice and defines conditions under which a person can be barred from

practicing as a broker, adviser or dealer.

TITLE VII Studies and Reports

Title VII consists of five sections. These sections 701 to 705 are concerned with conductingresearch for enforcing actions against violations by the SEC registrants (companies) and

auditors. Studies and reports include the effects of consolidation of public accounting firms,

the role of credit rating agencies in the operation of securities markets, securities violations

and enforcement actions, and whether investment banks assisted Enron, Global Crossing

and others to manipulate earnings and obfuscate true financial conditions.

TITLE VIII Corporate and Criminal Fraud Accountability

Title VIII consists of seven sections and it also referred to as the Corporate and Criminal

Fraud Act of 2002. It describes specific criminal penalties for fraud by manipulation,

destruction or alteration of financial records or other interference with investigations, while

providing certain protections for whistle-blowers.

TITLE IX White Collar Crime Penalty Enhancement

Title IX consists of two sections. This section is also called the White Collar Crime Penalty

Enhancement Act of 2002. This section increases the criminal penalties associated with

white-collar crimes and conspiracies. It recommends stronger sentencing guidelines and

specifically adds failure to certify corporate financial reports as a criminal offense.

TITLE X Corporate Tax Returns

Title X consists of one section. Section 1001 states that the Chief Executive Officer should

sign the company tax return.

TITLE XI Corporate Fraud Accountability

Title XI consists of seven sections. Section 1101 recommends a name for this title as

Corporate Fraud Accountability Act of 2002 . It identifies corporate fraud and records

tampering as criminal offenses and joins those offenses to specific penalties. It also revises

sentencing guidelines and strengthens their penalties. This enables the SEC to temporarily

freeze large or unusual payments.