Search results

Internal Control – Integrated Framework (COSO Report, 1992) defines internal control, suggests a framework for internal control, and presents criteria to use in evaluating controls. The document also provides guidance to management developing a report on controls for use by external parties. SSAE 2, “Reporting on an Entity′s Internal Control Structure over Financial Reporting” (1993) offers assistance to the practitioner reporting on management′s assertion regarding internal control over financial reporting. Discusses and provides an example of management′s report on internal control prepared according to COSO. Also discusses the accountant′s examination under SSAE guidance of management′s assertions and subsequent report and provides an example of the accountant′s report. Concludes by discussing the new business opportunities for the accountant which may result from external reporting on internal controls over financial reporting.

This paper examines the role of professional associations, governmental agencies, and international accounting and auditing bodies in promulgating standards to deter and detect fraud, domestically and abroad. Specifically, it focuses on the role played by the US Securities and Exchange Commission (SEC), the American Institute of Certified Public Accountants (AICPA), the Institute of Internal Auditors (IIA), the Institute of Management Accountants (IMA), the Association of Certified Fraud Examiners (ACFE), the US Government Accounting Office (GAO), and other national and foreign professional associations, in promulgating auditing standards and procedures to prevent fraud in financial statements and other white‐collar crimes. It also examines several fraud cases and the impact of management and employee fraud on the various business sectors such as insurance, banking, health care, and manufacturing, as well as the role of management, the boards of directors, the audit committees, auditors, and fraud examiners and their liability in the fraud prevention and investigation.

Professional accounting associations in various countries and governmental and other quasi‐official bodies have played an important role not only in the evolution of internal control reporting on a global scale, but also in educating management, investors, financial institutions, accountants, auditors, and other interested parties highlighting the pervasiveness of the effects of a sound internal control structure in corporate reporting as well as other aspects of an organization′s success. These associations include the Institute of Internal Auditors (IIA), the American Institute of Certified Public Accountants (AICPA), the General Accounting Office (GAO), the Securities and Exchange Commission (SEC), the Cadbury Committee, the Institute of Chartered Accountants of England and Wales (ICAEW), the Scottish Institute of Chartered Accountants (SICA), the Canadian Institute of Chartered Accountants (CICA), and others. Business failures, management fraud, corporate misconduct, international bribery, and notorious business scandals in all sectors of business have prompted the US government to take drastic action on internal control reporting to safeguard public interest. Several professional and government committees were formed to study this precarious situation: the Treadway Commission, the Committee of Sponsoring Organizations (COSO) of the Treadway Commission, the Packard Commission, the Cohen Commission, the Adams Commission in Canada, the Cadbury Committee in the UK, and others. The principal motivation for the changing dynamics has been growing public pressure for greater corporate accountability. The government′s pressure on the accounting profession and management of public corporations has been pivotal in spearheading internal control reporting. Examines the role of professional associations, governmental agencies, and others in promulgating standards for internal control reporting, and the impact of legislation on this aspect of internal auditing in the USA and worldwide.

The purpose of this paper is to analyze how the COBIT framework, integrated within the internal control framework, enables improvement in the quality of financial reporting while helping to reduce or eliminate the material weaknesses (MWs) of internal control over financial reporting (ICFR). The Control Objectives for Information and Related Technology (COBIT) model is a framework for information technology (IT) management and IT governance. It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. Preliminarily, the analysis in this paper illustrates how the Committee of Sponsoring Organizations (COSO) framework impacts on the MWs, highlighting strengths and weaknesses. This paper shows how these limits can be overcome with the use of the COBIT framework.

This is a conceptual paper that aims to highlight the relationship between COBIT and COSO, by illustrating how the IT processes reduce or eliminate the main MW categories.

The analysis indicates that the implementation of the COBIT framework, or more generally the adoption of effective IT controls, provides important benefits to the entire company or organization. IT control objectives have a direct impact on the IT control weaknesses and indirectly on the other categories of material weaknesses.

The adoption of the framework allows managers to implement effective ICFR. In particular, the COBIT approach provides managers with a more evolved tool in terms of compliance with the Sarbanes–Oxley Act requirements. This framework also improves the reliability of financial reporting in relation to the requirements of Public Company Accounting Oversight Board’s Auditing Standards No. 2 and 5.

The analysis provides an interdisciplinary approach, connecting accounting and information systems themes, and suggest solutions and tools than can help managers to address the internal control weaknesses. This paper addresses an area of relevance to both practitioners and academics and expands existing accounting literature.

The purpose of this paper is to test whether firms audited by the same Big 4 audit firm (Big 4 continuing clients) are more/less likely to report material weaknesses (systemic material weaknesses) in internal controls over a financial reporting than those audited by the same Non‐Big 4 audit firm (Non‐Big 4 continuing clients) over the period 2005‐2008. It also investigates whether the number of material weaknesses and that of systemic material weaknesses varies among the two groups.

Logistic regression and count regression analysis for panel data tests the hypotheses using all firms that had SOX 404 filings and that were audited by the same auditor over the period 2005‐2008 (1,668 firms; 6,672 firm‐year observations).

Findings document that Big 4 continuing clients are less likely to report material weaknesses and systemic material weaknesses than Non‐Big 4 continuing clients, especially during the first two years of investigation. Results also demonstrate that the number of material weaknesses and that of systemic material weaknesses reported by Big 4 continuing clients is significantly lower than that reported by Non‐Big 4 continuing clients, primarily for the years 2005 and 2006.

Findings support the risk avoidance perspective where large audit firms avoid riskier clients due to potential litigation costs and/or due to potential sanctions by the Public Company Accounting Oversight Board (PCAOB). Results also suggest that smaller audit firms did not extensively test the quality of internal controls prior to the year 2004. They highlight that the enactment of SOX 404 and the establishment of the PCAOB heightened audit firms focus on internal controls and raised their sensitivity to audit risk arising from weaknesses in internal controls over financial reporting.

With computer technology fast becoming the engine that drives productivity, IT systems have become more pervasive in the daily operations of many businesses. Large, as well as small, businesses in the USA now rely heavily on IT systems to function effectively and efficiently. However, past studies have shown CEOs do not always understand how reliant their business is on IT systems. To the authors’ knowledge, no research has not yet examined if financial markets understand how IT affects the performance of businesses. The paper aims to discuss these issues.

In this study, the authors utilize the event study method to examine how financial markets interpret weaknesses in businesses IT systems. The authors examine this in the context of the Sarbanes-Oxley Act – Section 404 requirements and utilize the internal reporting requirement in the annual financial statement filing with the Securities Exchange Commission as a proxy to evaluate how the financial markets interpret IT weaknesses.

Using an event study, the authors show that the market does not necessarily understand and respond to the effects of IT weaknesses on overall financial performance of firms and thus challenge the efficient market hypothesis theory.

A second contribution is methodological in nature. IS researchers thus far have been using limited market benchmarks, statistical tests, and event windows in their respective event studies of market performance. This study shows shortcomings of that approach and the necessity of expanding usage of available event analysis tools. The authors show that using more than one market benchmark and statistical test across multiple time frames uncovers the effects that using a single benchmark and test over a single window would have overlooked.

In 2001, the US moved to regulate internal control reporting by management and auditors. While some jurisdictions have followed the lead of the US, many others have not. An important question, therefore, is the relevance of internal control to stakeholders. The more specific issue of the benefits of US-style regulation of internal control reporting is also topical. We review studies on the determinants of internal control quality and its economic consequences for stakeholders including investors, creditors, managers, auditors and financial analysts. We extend previous reviews by focusing on US studies published since 2013 as well as all non-US studies investigating IC quality including countries regulating IC disclosure as well as unregulated settings and both developed and developing economies. In doing so, we identify research questions where evidence remains mixed and new directions in which there are research opportunities.

Three main insights arise from our analysis. First, evidence on the economic consequences of internal control quality suggests that the quality of internal control can have a significant effect on decision making by users of financial information. Second, the results of research on the empirical association between ownership structure, certain board characteristics and internal control quality is generally mixed. Empirical evidence concerning the association between audit committee characteristics and internal control quality generally supports a positive and significant association. Finally, while studies in non-US jurisdictions are increasing, opportunities remain to explore the determinants and consequences of internal control in other jurisdictions. Our review provides evidence for policy makers of whether there are benefits from requiring management and auditors to report on internal control over financial reporting.

This research study aims to examine how differences in opinions on the material weaknesses identified in the auditor's assessment of the financial statements, and the auditor's assessment of internal control affect investment analysts' assessment of the financial strength of the company and willingness to recommend the stock for purchase to clients. It also aims to examine how the auditor's opinion on management's assessment of internal control affects investment analysts' assessment, providing additional evidence of the appropriateness of the elimination of this requirement under Auditing Standard No. 5.

The paper examines these research questions using data from a laboratory experiment with investment analysts as participants in the study.

The findings indicate that adverse audit opinions on the effectiveness of internal control result in investment analysts making a higher assessment of company risk, a lower assessment of the strength of internal control over financial reporting, and a marginally significant difference in the likelihood of recommending stock to their client.

These findings provide evidence that auditors' assessment of internal control risk provides information to investment analysts.

This study contributes to the literature by examining the implications of Section 404 of the Sarbanes‐Oxley Act on the judgment of users of financial statements.

The Dodd–Frank Act of 2010 exempts small, non-accelerated filers from compliance with Sarbanes–Oxley Act (SOX) Section 404b internal control audits. However, these firms are required to comply with other internal control regulations, namely, SOX Sections 302 and 404a, starting in 2002 and 2007, respectively. A small number of these firms also voluntarily adopted (and sometimes dropped) Section 404b during 2004-2010. The purpose of this study is to investigate the impact of a series of internal control regulations introduced by SOX on the financial reporting quality of small firms.

The research design for this study is empirical. Using unsigned and signed discretionary accruals as measures of financial reporting quality, the authors compare the financial reporting quality for adopters and non-adopters across four regulation regimes over the period 2000-2010: PRESOX, SOX 302, SOX 404a and SOX 404b.

The results indicate that most of the adopters and non-adopters benefited from SOX 302 and 404a compared with the PRESOX period. However, only the non-adopters gained incrementally when moving from SOX 302 to SOX 404a. Also, Section 404b benefited firms with material weaknesses, as well as firms without material weaknesses that had the lowest reporting quality, in the PRESOX period.

This study helps inform the important policy debate on whether to increase the threshold that is used for the SOX 404b exemption. It shows incremental benefits for firms that adopted Section 404b audits, even when they were complying with Section 302 and Section 404a. Consequently, extending the exemption to more companies would result in a loss of the reporting quality benefit of 404b.

This study contributes to the literature by focusing exclusively on non-accelerated filers and by examining differences across four regulation regimes over a long window compared to prior studies. It provides evidence that the financial reporting benefit of SOX 404b is not transitional, but rather extends for a few years even after some firms discontinued the 404b audits.

Part IV provides readers with the extant requirements for the application of materiality to recognition, measurement, presentation, and disclosure in the financial statements. This part also includes a detailed critical review of the recent Practice Statement on materiality, the FASB’s proposed ASU on the notes and the amendments to the Conceptual Framework proposed by the IASB and the FASB.

The part expands to issues that are typical of Management Commentary, including the SEC guidance on materiality in Management Discussion and Analysis.

It informs about the complexities and subtle differences between financial statements and bookkeeping and the different standards of reasonableness versus materiality.

A section moves from materiality to material misstatements and covers the application of materiality in auditing.

Another section goes in depth on internal control over financial reporting, showing the linkages between materiality and risk appetite and risk tolerance and the related application guidance.