Internal Control Audit and Compliance: Documentation and Testing Under the New COSO Framework

Internal Control Audit and Compliance: Documentation and Testing Under the New COSO Framework

Graham, Lynford

79,04 €(IVA inc.)

Ease the transition to the new COSO framework with practical strategyInternal Control Audit and Compliance provides complete guidance toward the latest framework established by the Committee of Sponsoring Organizations (COSO). With clear explanations and expert advice on implementation, this helpful guide shows auditors and accounting managers how to document and test internal controls over financial reporting with detailed sections covering each element of the framework. Each section highlights the latest changes and new points of emphasis, with explicit definitions of internal controls and how they should be assessed and tested. Coverage includes easing the transition from older guidelines, with step–by–step instructions for implementing the new changes. The new framework identifies seventeen new principles, each of which are explained in detail to help readers understand the new and emerging best practices for efficiency and effectiveness.The revised COSO framework includes financial and non–financial reporting, as well as both internal and external reporting objectives. It is essential for auditors and controllers to understand the new framework and how to document and test under the new guidance. This book clarifies complex codification and provides an effective strategy for a more rapid transition.Understand the new COSO internal controls frameworkDocument and test internal controls to strengthen business processesLearn how requirements differ for public and non–public companiesIncorporate improved risk management into the new frameworkThe new framework is COSO?s first complete revision since the release of the initial framework in 1992. Companies have become accustomed to the old guidelines, and the necessary procedures have become routine – making the transition to align with the new framework akin to steering an ocean liner. Internal Control Audit and Compliance helps ease that transition, with clear explanation and practical implementation guidance. INDICE: PrefaceAcknowledgementsChapter 1 What We All ShareNeed for Control CriteriaOverview of the COSO Internal Control Integrated FrameworkHolistic, Integrated ViewThe Revised COSO Internal Controls FrameworkWhat We Must DoBasic Scoping and Strategies for MaintenanceWhere We DepartThe Triangle of EfficiencyControls versus ProcessesThe Debate ContinuesOrganization of This BookAppendix 1A The COSO 17 PrinciplesChapter 2 Setting the Scope of Your Documentation Project: Identifying the CoreStart with Business ObjectivesAfter the Initial YearMapping the Entity to the Financial Statements: The Ins and OutsConsider Risks, Not Just Quantitative MeasuresInherent and Control RiskOverstatement and UnderstatementDoes In Scope Imply Extensive Testing?A ConsolationBe Careful Out There!Appendix 2A Summary of Scoping InquiriesChapter 3 The Risk Assessment ComponentRisk Assessment Principles in COSOCost ControlThe BasicsLikelihood, Magnitude, Velocity and PersistenceSeparate Assessments of Inherent and Control RisksThe Role of AssertionsThe AssertionsPrinciples 6 and 7 Specify Suitable Objectives; Identify and Analyze RiskIdentifying RisksExternal Sources of Risk InformationInternal and External Reporting RisksCompliance RisksDisclosed Material Weaknesses in Risk AssessmentPrinciple 8: Assess Fraud RiskAuditor Responsibility to Detect FraudAnti–Fraud Controls for Management to ConsiderTies to Other Principles and ComponentsPrinciple 9: Identify and Assess Significant ChangeGathering Information to Support the Risk Assessment and Consider ChangeAppendix 3A SAS 99 Exhibit: Management Antifraud Programs and ControlsAppendix 3B Understanding Fraud Risk AssessmentAppendix 3C A Sample Organizational Code of Conduct from the AICPA CPA?s Handbook of Fraud and Commercial Crime Prevention Appendix 3D Financial Executives International Code of Ethics StatementChapter 4 Control EnvironmentCommitment to Integrity and Ethical ValuesBoard of Directors (Governance) Demonstrates Independence from Management and Exercises Oversight of the Development and Performance of Internal ControlManagement Establishes with Board Oversight, Structures, Reporting Lines, and Appropriate Authorities and Responsibilities in the Pursuit of Objectives.Commitment to Attract, Develop, and Retain Competent Individuals in Alignment with ObjectivesThe Organization Holds Individuals Accountable for their Internal Control Responsibilities in the Pursuit of ObjectivesAppendix 4A Understanding and Awareness of Control ResponsibilitiesChapter 5 Control ActivitiesSelects and Develops Control Activities to Mitigate Risk and Achieve ObjectivesSelects and Develops General Controls over TechnologyDeploys Through Policies and ProceduresSumming UpAppendix 5A Linking Common Control Activities and AssertionsAppendix 5B Linkage of Principles to Controls, Policies and ProceduresChapter 6 Information and CommunicationGenerates Relevant InformationCommunicates InternallyCommunicates ExternallyChapter 7 MonitoringSelect, Develop and Perform Ongoing and/or Separate EvaluationsEvaluate and Communicate Deficiencies as AppropriateChapter 8 Evidence and TestingSufficient EvidenceGathering InformationTesting and SamplingNon–sampling SituationsConfusion of Sample Size Guidance in Practice TodayInformation Technology General Controls (ITGC)Security and AccessAppendix 8A Sample Size TutorialChapter 9 Developing Questionnaires and Conducting InterviewsSurveys of EmployeesConducting InterviewsManagement Inquiries Sample QuestionsAppendix 9A Sample Practice AidsChapter 10 Assessing the Severity of Identified Controls DeficienciesIt?s InevitableAlignment of Public and Private Company Standards for Assessing Deficiency SeverityControl Deficiencies and DefinitionsKey Factors When Assessing the Severity of a DeficiencyConditions Indicating Control DeficienciesExamples of Evaluating the Severity of DeficienciesOverall AssessmentAppendix 10A A Framework for Evaluating Control Exceptions and DeficienciesAppendix 10B Assessing the Potential Magnitude of a Control DeficiencyChapter 11 Reporting RequirementsNon–Public Entity ReportingPublic Company Annual and Quarterly Reporting RequirementsReporting on Management?s Responsibilities for Internal ControlRequired Company and Auditor CommunicationsReporting the Remediation of WeaknessesCoordinating with the Independent Auditors and Legal CounselAppendix 11A Illustrative AICPA Report on Internal ControlsChapter 12 Project Management and Tools Assessment DesignProject ManagementStructuring the Project TeamTools Assessment DesignFeatures of a Good Tools SolutionValue of a Pilot ProjectCoordinating with the Independent AuditorsChapter 13 Illustrative Forms and TemplatesA Historical Perspective2013 Framework ExamplesAppendix 13A Information Gathering Form Principle FocusedAppendix 13B Information Gathering Form – RevenueAppendix 13C Walkthrough Documentation FormAppendix 13D Information Technology General Controls Assessment FormAppendix 13E Documentation of Financial Reporting Software and SpreadsheetsAppendix 13F Sampling Form for Tests of ControlsAppendix 13G Summary of Internal Control DeficienciesAppendix 13H Control Environment Component Evaluation SummaryChapter 14 Summing UpAbout the AuthorIndex

  • ISBN: 978-1-118-99621-8
  • Editorial: John Wiley & Sons
  • Encuadernacion: Cartoné
  • Páginas: 416
  • Fecha Publicación: 25/02/2015
  • Nº Volúmenes: 1
  • Idioma: Inglés