Question

In: Computer Science

Sarbanes–Oxley Act Compliance As a Certified Public Accountant (CPA), Certified Internal Auditor (CIA), and Certified Information...

Sarbanes–Oxley Act Compliance As a Certified Public Accountant (CPA), Certified Internal Auditor (CIA), and Certified Information Systems Auditor (CISA) you have been asked to perform an audit of company records in support of the Attest function to verify the annual statements. The inventory balances from the computerized system are reported to be $121 million, but reports from field auditors show that balances are severely overstated. In discussions with employees and managers, you find some overlap in functions with certain personnel authorized to perform functions in other departments. Also, several personnel have not taken vacations in over three years. In compliance with the Sarbanes–Oxley Act of 2002, what would be your approach for the audit assignments:

1. In no more than 750 words discuss three general control weaknesses you may test and examine in the capacity of IT Auditor. Explain what audit evidence would you gather?

Solutions

Expert Solution

The Sarbanes-Oxley Act of 2002 mandates that audit committees be directly responsible for the oversight of the engagement of the company's independent auditor, and the Securities and Exchange Commission (the Commission) rules are designed to ensure that auditors are independent of their audit clients. The purpose of this brochure is to highlight certain Commission rules and other authoritative pronouncements relevant to audit committee oversight responsibilities regarding the auditor's independence. More information on this topic is available in the Commission's rules and on the Commission's web site at www.sec.gov/about/offices/oca/ocaprof.htm.

Audit committees should also be aware that the PCAOB has Ethics and Independence Rules Concerning Independence, Tax Services, and Contingent Fees.

General Standard of Auditor Independence

The Commission's general standard of auditor independence is that an auditor's independence is impaired if the auditor is not, or a reasonable investor with knowledge of all the facts and circumstances would conclude that the auditor is not, capable of exercising objective and impartial judgment on all issues encompassed within the audit engagement. To determine whether an auditor is independent under this standard an audit committee needs to consider all of the relationships between the auditor and the company, the company's management and directors, not just those relationships related to reports filed with the Commission. The audit committee should consider whether a relationship with or service provided by an auditor:

(a) creates a mutual or conflicting interest with their audit client;
(b) places them in the position of auditing their own work;
(c) results in their acting as management or an employee of the audit client; or
(d) places them in a position of being an advocate for the audit client.

The Commission rules also address specific auditor independence issues, some of which are:

Specific Prohibited Non-audit Services

The auditor is prohibited from providing the following non-audit services to an audit client including its affiliates:

  • Bookkeeping
  • Financial information systems design and implementation
  • Appraisal or valuation services, fairness opinions, or contribution-in-kind reports
  • Actuarial services
  • Internal audit outsourcing services
  • Management functions or human resources
  • Broker-dealer, investment adviser, or investment banking services
  • Legal services and expert services unrelated to the audit

In addition to the specific prohibited services, audit committees should consider whether any service provided by the audit firm may impair the firm's independence in fact or appearance.

Pre-approval of Permitted Services

Subject to certain limited exceptions, the audit committee must pre-approve all permitted services provided by the independent auditor (i.e., tax services, comfort letters, statutory audits or other). The Commission rules include certain pre-approval requirements that the audit committee must follow. In addition, the audit committee should be informed about the services expected to be provided by the audit firm to understand whether the audit firm's independence will be impaired.

The audit committee should consider whether company policies and procedures require that all audit and non-audit services are brought before the committee for pre-approval.

Also, listing company standards require audit committees to pre-approve all audit, review and attest services regardless of whether the firm performing the services is the company's principal auditor.

Prohibited Relationships

Certain relationships between audit firms and the companies they audit are not permitted. These include:

  • Employment relationships. A one-year cooling off period is required before a company can hire certain individuals formerly employed by its auditor in a financial reporting oversight role. The audit committee should also consider whether the hiring of personnel that are or were formerly employed by the audit firm might affect the audit firm's independence.
  • Contingent Fees. Audit committees should not approve engagements that remunerate an independent auditor on a contingent fee or a commission basis. Such remuneration is considered to impair the auditor's independence.
  • Direct or material indirect business relationships. Audit firms may not have any direct or material indirect business relationships with the company, its officers, directors or significant shareholders. Thus, audit committees should consider whether the company has implemented processes that identify such prohibited relationships.
  • Certain Financial Relationships. Audit committees should be aware that certain financial relationships between the company and the independent auditor are prohibited. These include creditor/ debtor relationships, banking, broker-dealer, futures commission merchant accounts, insurance products and interests in investment companies.

Communications Between the Audit Committee and the Independent Auditor

Independence Standards Board Standard No. 1 requires that the auditor disclose to the audit committee in writing all relationships between the audit firm and the company that may reasonably be thought to bear on the audit firm's independence. Standard No. 1 also requires the auditor to confirm and discuss its independence with the audit committee. The audit committee should consider discussing the following issues with the auditor in regards to the firm's independence disclosure:

  • Processes the audit firm uses to ensure complete disclosure of all relationships with the company and its affiliates
  • Relationships the audit firm may have with officers, board members and significant shareholders
  • Relationships not included in the communication because they were deemed immaterial

Change of Independent Auditors

The auditor generally must be independent for the entire engagement period and the period covered by the financial statements being audited. Once this relationship is terminated, there is no continuing requirement for the auditor to remain independent. The auditor may generally re-issue its former opinions on the company's financial statements. However, if a restatement of the financial statements becomes necessary, the auditor must be independent to audit the restatement adjustments and re-issue its opinion. Further, if the Board is contemplating or plans a change in auditors, the audit committee must consider whether the prospective firm will be independent during the audit engagement period. That is, the prospective firm must cease all prohibited services and/or sever all prohibited relationships with the issuer prior to the beginning of the audit engagement period. Therefore, the audit committee should consider these issues before hiring a predecessor auditor or a prospective auditor to provide non-audit services to the company or its affiliates. Prospective firms can not audit financial statements of years that they were not independent.

Addressing Independence Issues

The audit committee should discuss and thoroughly investigate any potential independence impairments or issues. The audit committee should also consider seeking guidance from legal counsel, the auditor and the Office of the Chief Accountant (OCA).

note: plzzz don't give dislike.....plzzz comment if you have any problem i will try to solve your problem.....plzzz give thumbs up i am in need....


Related Solutions

Sarbanes–Oxley Act Compliance As a Certified Public Accountant (CPA), Certified Internal Auditor (CIA), and Certified Information...
Sarbanes–Oxley Act Compliance As a Certified Public Accountant (CPA), Certified Internal Auditor (CIA), and Certified Information Systems Auditor (CISA) you have been asked to perform an audit of company records in support of the Attest function to verify the annual statements. The inventory balances from the computerized system are reported to be $121 million, but reports from field auditors show that balances are severely overstated. In discussions with employees and managers, you find some overlap in functions with certain personnel...
The Sarbanes - Oxley Act (SOX) requires all public companies to have an internal control system....
The Sarbanes - Oxley Act (SOX) requires all public companies to have an internal control system. Section 404 mandates that the company's annual report include an annual internal control report.  Who has the primary responsibility for internal control? What is/are the primary purpose/goals of internal controls? What are the limitations of internal controls? What are the main components of a system of internal controls?
The Sarbanes-Oxley Act is arranged into eleven titles. As far as compliance is concerned, the most...
The Sarbanes-Oxley Act is arranged into eleven titles. As far as compliance is concerned, the most important sections within these are often considered to be 302, 401, 404, 409, 802 and 906. in your own words, what are this sections about? please no copy and paste, explain with your own words, and no handwriting please, thanks!
Lisa Deuel is a certified public accountant (CPA) and staff accountant for Bratz and Bratz, a...
Lisa Deuel is a certified public accountant (CPA) and staff accountant for Bratz and Bratz, a local CPA firm. It had been the policy of the firm to provide a holiday bonus equal to two weeks' salary to all employees. The firm's new management team announced on November 15 that a bonus equal to only one week's salary would be made available to employees this year. Lisa thought that this policy was unfair because she and her coworkers planned on...
Question: How does the Sarbanes-Oxley Act relate to internal controls?
Question: How does the Sarbanes-Oxley Act relate to internal controls?
Why is Sarbanes-Oxley Act enacted? Give three examples of changes in Sarbanes Oxley Act. If a...
Why is Sarbanes-Oxley Act enacted? Give three examples of changes in Sarbanes Oxley Act. If a stock has a beta of 1.50. How do you explain it?
Why was the Sarbanes-Oxley Act enacted? Describe three aspects of the Sarbanes-Oxley Act that are designed...
Why was the Sarbanes-Oxley Act enacted? Describe three aspects of the Sarbanes-Oxley Act that are designed to improve the financial reporting process. What are your thoughts regarding the Sarbanes-Oxley Act?
1. Sarbanes-Oxley Internal Control Report Using Wikipedia (www.wikipedia.org), look up the entry for Sarbanes-Oxley Act. Look...
1. Sarbanes-Oxley Internal Control Report Using Wikipedia (www.wikipedia.org), look up the entry for Sarbanes-Oxley Act. Look over the table of contents and find the section that describes Section 404. Section 404 requires management's internal control report to: a.State the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting. b.State the responsibility of auditors for establishing and maintaining an adequate internal control structure and procedures for financial reporting. c.Contain an assessment, as of...
In order to preserve auditor independence, the Sarbanes–Oxley Act of 2002 restricts the types of nonaudit...
In order to preserve auditor independence, the Sarbanes–Oxley Act of 2002 restricts the types of nonaudit services that auditors can perform for their public‐company audit clients. The list includes nine types of services that are prohibited because they are deemed to impair an auditor's independence. Included in the list are the following: Financial information systems design and implementation Internal audit outsourcing Describe how an auditor's independence could be impaired if she performed IT design and implementation functions for her audit...
What is the Sarbanes - Oxley Act and is it important?
What is the Sarbanes - Oxley Act and is it important?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT