Entity level controls as per companies act
Answers
Answered by
0
Entity-level controls are internal controls that help ensure that management directives pertaining to the entire entity are carried out. They are the second level of a top-down approach to understanding the risks of an organization. Generally, entity refers to the entire company.
Regulation surrounding entity-level controls
*Sarbanes-Oxley Act of 2002Edit
As a result of several accounting and auditing scandals, congress passed the Sarbanes-Oxley Act of 2002. Section 404 of the act requires company management to assess and report on the effectiveness of the company's internal control. It also requires the company's independent auditor to attest to management's disclosures regarding the effectiveness of internal control. The act also created the Public Company Accounting Oversight Board (PCAOB).[1]
*PCAOB Auditing Standard No. 5Edit
The Public Company Accounting Oversight Board (PCAOB) became the primary regulator of audits of publicly traded companies.[2] In June 2007, the PCAOB adopted Auditing Standard No. 5 (AS5).[3] This standard contains the standards over performing an audit of internal control over financial reporting that is integrated with an audit of financial statements.
The auditor must test entity-level controls that are important to the auditor's conclusion about whether the company has effective internal control over financial reporting. Depending on the auditor's evaluation of the effectiveness of the entity-level controls, the auditor can increase or decrease the amount of testing that they will perform.
Entity-level controls vary greatly in nature and precision. Their effect on the audit plan varies according to how precise they are.
TypeDescriptionAudit EffectIndirectSome entity-level controls have an indirect effect on the chances of detecting or preventing a misstatement on a timely basis. They do not directly relate to risks at the financial statement assertion level.Affect control selection, and the nature, timing, and extent of the procedures performed.MonitoringSome entity-level controls monitor the effectiveness of other controls. They could be designed to identify breakdowns of lower level controls. These controls are not precise enough by themselves to specifically address the assessed risk at the relevant assertion level.Reduce the testing of other controls if operating effectively.PreciseSome entity-level controls are precise enough to prevent or detect misstatements on a timely basis.If the control sufficiently addresses the risk, then additional tests of controls relating to that risk are not necessary
Regulation surrounding entity-level controls
*Sarbanes-Oxley Act of 2002Edit
As a result of several accounting and auditing scandals, congress passed the Sarbanes-Oxley Act of 2002. Section 404 of the act requires company management to assess and report on the effectiveness of the company's internal control. It also requires the company's independent auditor to attest to management's disclosures regarding the effectiveness of internal control. The act also created the Public Company Accounting Oversight Board (PCAOB).[1]
*PCAOB Auditing Standard No. 5Edit
The Public Company Accounting Oversight Board (PCAOB) became the primary regulator of audits of publicly traded companies.[2] In June 2007, the PCAOB adopted Auditing Standard No. 5 (AS5).[3] This standard contains the standards over performing an audit of internal control over financial reporting that is integrated with an audit of financial statements.
The auditor must test entity-level controls that are important to the auditor's conclusion about whether the company has effective internal control over financial reporting. Depending on the auditor's evaluation of the effectiveness of the entity-level controls, the auditor can increase or decrease the amount of testing that they will perform.
Entity-level controls vary greatly in nature and precision. Their effect on the audit plan varies according to how precise they are.
TypeDescriptionAudit EffectIndirectSome entity-level controls have an indirect effect on the chances of detecting or preventing a misstatement on a timely basis. They do not directly relate to risks at the financial statement assertion level.Affect control selection, and the nature, timing, and extent of the procedures performed.MonitoringSome entity-level controls monitor the effectiveness of other controls. They could be designed to identify breakdowns of lower level controls. These controls are not precise enough by themselves to specifically address the assessed risk at the relevant assertion level.Reduce the testing of other controls if operating effectively.PreciseSome entity-level controls are precise enough to prevent or detect misstatements on a timely basis.If the control sufficiently addresses the risk, then additional tests of controls relating to that risk are not necessary
Similar questions