Section 404 Audits of Internal Control and Control Risk
Chapter 10
Section 404 Audits of Internal Control and Control Risk
Review Questions
10-1 Management typically has three broad objectives in designing an effective internal control system.
1. Reliability of Financial Reporting Management is responsible for preparing financial statements for investors, creditors, and other users. Management has both a legal and professional responsibility to be sure that the information is fairly presented in accordance with reporting requirements such as GAAP. The objective of effective internal control over financial reporting is to fulfill these financial reporting responsibilities.
2. Efficiency and Effectiveness of Operations Controls within an organization are meant to encourage efficient and effective use of its resources to optimize the company’s goals. An important objective of these controls is accurate financial and non-financial information about the entity’s operations for decision making.
3. Compliance with Laws and Regulations Section 404 of the Sarbanes-Oxley Act requires all public companies to issue a report about the operating effectiveness of internal control over financial reporting. In addition to the legal provisions of Section 404, public, nonpublic, and not-for-profit organizations are required to follow many laws and regulations. Some relate to accounting only indirectly, such as environmental protection and civil rights laws. Others are closely related to accounting, such as income tax regulations and fraud.
10-2 Management designs systems of internal control to accomplish three categories of objectives: financial reporting, operations, and compliance with laws and regulations. The auditor’s focus in both the audit of financial statements and the audit of internal controls is on those controls related to the reliability of financial reporting plus those controls related to operations and to compliance with laws and regulations objectives that could materially affect
Section 404 Audits of Internal Control and Control Risk
Review Questions
10-1 Management typically has three broad objectives in designing an effective internal control system.
1. Reliability of Financial Reporting Management is responsible for preparing financial statements for investors, creditors, and other users. Management has both a legal and professional responsibility to be sure that the information is fairly presented in accordance with reporting requirements such as GAAP. The objective of effective internal control over financial reporting is to fulfill these financial reporting responsibilities.
2. Efficiency and Effectiveness of Operations Controls within an organization are meant to encourage efficient and effective use of its resources to optimize the company’s goals. An important objective of these controls is accurate financial and non-financial information about the entity’s operations for decision making.
3. Compliance with Laws and Regulations Section 404 of the Sarbanes-Oxley Act requires all public companies to issue a report about the operating effectiveness of internal control over financial reporting. In addition to the legal provisions of Section 404, public, nonpublic, and not-for-profit organizations are required to follow many laws and regulations. Some relate to accounting only indirectly, such as environmental protection and civil rights laws. Others are closely related to accounting, such as income tax regulations and fraud.
10-2 Management designs systems of internal control to accomplish three categories of objectives: financial reporting, operations, and compliance with laws and regulations. The auditor’s focus in both the audit of financial statements and the audit of internal controls is on those controls related to the reliability of financial reporting plus those controls related to operations and to compliance with laws and regulations objectives that could materially affect