* Proposed Statement on Standards for Attestation Engagements, An Examination of an Entity's
internal Control Over Financial Reporting That Is Integrated With an Audit of Its Financial Statements (Supersedes AT Section 501.
The SEC's approval means registered audit firms are required to use the new standard for all
internal control audits no later than for fiscal years ending on or after November 15, 2007.
As you can see,
internal control continues to be a hot topic for management accountants, especially given today's business climate.
Instead, the CSA has proposed expanding Multilateral Instrument 52-109 Certification of Disclosure in Issuers' Annual and Interim Filings to require all reporting issuers, other than investment funds, in all Canadian jurisdictions, to certify in their annual CEO and CFO certifications that they have evaluated the effectiveness of their
internal control over financial reporting.
While Sarbanes-Oxley does not directly affect governments, the increased scrutiny of and renewed interest in
internal control has spilled over to the public sector.
This, along with the challenges of pulling together evidence in Indonesia of activities that had occurred nearly 10 years earlier in some instances, likely explains both the civil nature of the suit and the settlement on the basis of only the accounting and
internal control provisions.
For many, when they think of
internal control --or specifically about the Committee of Sponsoring Organization's (COSO)
Internal Control Integrated Framework--they think of Sarbanes-Oxley compliance.
The PCAOB continued this focus on
internal controls and, specifically, on the COSO framework in 2004, when it issued Auditing Standard (AS) 2, An Audit of
Internal Control over Financial Reporting Performed in Conjunction with an Audit of Financial Statements, and explicitly referenced the COSO framework as an appropriate framework to use when evaluating
internal controls.
In accordance with the FMFIA, in DoD organizations the
internal control framework and reporting process relies in great part on self-reporting from the bottom up.
Management must reassess its
internal control procedures for identifying VIEs and determine whether they should be consolidated, as well as extend its ongoing evaluation of
internal controls to include newly consolidated entities.
Recommendation: To improve
internal controls over the E-rate program, the Federal Communications Commission should develop policies and procedures to periodically monitor the
internal control structure of the E-rate program, including evaluating the costs and benefits of
internal controls, to provide continued reasonable assurance that program risks are targeted and addressed.