留学会计专业Essay代写范文:The Sarbanes-Oxley Act: Evaluation of Section 103
本文是留学会计专业的Essay代写范例,题目是“The Sarbanes-Oxley Act: Evaluation of Section 103(萨班斯-奥克斯利法案:对第103条的评估)”,萨班斯-奥克斯利法案是对内部和外部审计师、高管和董事会的重大改变之一。内部审计员对其审计委员会和外部审计员负有更大的责任。内部审计可以创建道德规范程序,执行适当的内部控制,以评估风险,并有助于发现和预防欺诈。审计师不能接受管理层对公司内部控制有效性得出结论的责任。管理层不能根据审计人员的测试结果来断言设计和操作的有效性。最终,审计师和管理层共同工作,但独立确定内部控制过程是准确平衡的。该公司确保更好的控制程序可以减少欺诈行为。
Abstract摘要
The Sarbanes-Oxley Act was one of major change for internal and external auditors, executives and boards of directors. Internal auditors have greater responsibilities to their audit committees and external auditors. Internal auditing can create ethics programs and perform proper internal control to assess risk as well as be instrumental in detecting and preventing fraud. Auditors cannot accept management’s responsibility to reach conclusions on the effectiveness of the company’s internal controls. Management cannot base its assertions about design and operating effectiveness on the results of the auditor’s tests. Ultimately, auditors and management work together but independently to determine the internal controls process is accurately balanced. The company ensuring better control processes could reduce fraud.
Auditing, Quality Control, and Independence
Standards and Rules
Business fraud is a major concern in the accounting profession and in the business community. The current audit process emphasizes the independent auditor’s responsibility for detecting and deterring fraud. Executives of public companies are subject to new fraud prevention measures enacted under the Sarbanes-Oxley Act of 2002 and administered by the Securities and Exchange Commission (SEC). Congress enacted the Sarbanes-Oxley Act of 2002 in response to highly publicized business failures, allegations of corporate fraud and financial statements restatements. “It is the most extensive overhaul of securities law since the 1930’s, and was the result of corporate and accounting scandals, including, Enron, Worldcom, Tyco, Xerox, Sunbeam, Adelphia and Arthur Anderson” (Linsley, 2003). If management has the ability to manipulate the financials in order to affect stock prices, then opportunities give them the incentive to do so. Large grants of stock options give large incentives to management and the risk of manipulation increases. The interest of management in their own personal wealth was more intense and lead to manipulating the financials to ensure their own profit was maximized.
Cynthia Glassman, Commissioner of the Security and Exchange Commission, in a speech given in Washington D.C., on September 27, 2002 specifically includes the requirement that the CEO and the Board put in place procedures to “ensure that they hear bad news,” and “not to create an environment in which senior officials are afraid to discuss or act on potentially serious misconduct that comes to their attention.” (Linsley, 2003).
2002年9月27日,美国证券交易委员会委员辛西娅·格拉斯曼在华盛顿特区的一次演讲中明确提出,首席执行官和董事会应制定相应的程序,“确保他们听到坏消息”。“不要创造一种环境,让高级官员不敢讨论或对他们可能注意到的严重不当行为采取行动。””(格鲁,2003)。
The law changes the behavior of those in charge to reduce risk exposure in a number of ways. One of the most important ways is the risk that is created directly by their behavior; basically, the management, the board, and the auditors could themselves be a major source of the risk.
There is no doubt thatthe Sarbanes-Oxley Act was one of the major changes for internal and external auditors as well as the board of directors and executives of companies. The corporate world is dependent on high-quality and high-functioning Chief Financial Officers; The reports that Chief Financial Officers are now required to prepare and submit will take time and effort and a fair amount of cost. A company that has proper internal controls in place will ultimately say that it is worth every penny due to the rules and regulations that are now required for the Sarbanes-Oxley Act. Internal auditors are in the best position to alert senior management to potential issues before they become larger problems. Sarbanes-Oxley Act has ensured that the Chief Financial Officer is either more knowledgeable or at the very least wants to be more knowledgeable about the internal controls within the company. If there is a particular control that is not gaining the needed result then a change can be made prior to the end of the year when a negative opinion from an outside auditor could make things worse. Many companies started out by taking a short-term approach to the compliance standards and now are struggling to maintain compliance with the regulations. “Meeting these regulatory requirements is the new reality, but the running of a better business over the long-term should be the objective” (Heffes, 2004).
毫无疑问,萨班斯-奥克斯利法案是公司内部和外部审计师以及董事会和高管的主要变化之一。企业界依赖于高质量、高功能的首席财务官;现在要求首席财务长编写和提交的报告将花费时间和精力和相当多的费用。一家拥有适当内部控制的公司最终会说,由于萨班斯-奥克斯利法案(Sarbanes-Oxley Act)现在要求的规则和规定,它的每一分钱都是值得的。内部审计员是在潜在问题变成更大的问题之前提醒高级管理层的最佳人选。萨班斯-奥克斯利法案确保了首席财务官对公司内部控制的了解或至少希望了解得更多。如果有一个特定的控制没有获得所需的结果,那么可以在年底之前做出改变,因为来自外部审计师的负面意见可能会使事情变得更糟。许多公司开始时采取了遵从性标准的短期方法,现在正努力保持对法规的遵从性。“满足这些监管要求是新的现实,但长期经营更好的业务应该是目标”(Heffes, 2004)。
Another issue that Chief Financial Officers are tasked with is achieving lean operations through aggressive cost-cutting, which sometimes means that cutting costs may jeopardize compliance or cause a material breakdown in controls and can result in the company’s competitiveness being diminished. One approach to this issue is to identify the most effective and efficient controls that are needed to achieve compliance. Risk-based considerations are used to drive efficiently and realizes that not all accounts, transaction and risks are equally important. Another approach would be a balanced control design and basically treat each control as an equal regardless of the risk consideration. However, both of these approaches are a continuous process and should be integrated into the regular routines of the business.
The Sarbanes-Oxley internal control provisions impose significant responsibilities on both the management and the auditor. Management will be forced to take ownership of the process of identifying, documenting, and evaluating significant controls. Management will also need to determine the areas of the company that need to be evaluated. Auditors providing an opinion on the effectiveness of the company’s internal controls is a significant responsibility. Both management and auditors recognize that the internal control process will be valuable for several reasons. The Sarbanes-Oxley Act places legal restraints on certain behaviors, makes responsibilities more obvious, and requires that certain information be made public. Some of this affects external auditors; however, the majority affects both internal and external auditors. Thus, auditors have been drawn into a greater risk management role as a result of Sarbanes-Oxley. Basically, the management designs and implements the system of internal controls and the auditor review and make suggestions for improving the controls and process. Strong internal controls make fraud difficult to commit and make fraud discovery likely. However, managers who are intent on committing fraud have an incentive to design weaknesses into the system of controls because the benefits to fraud are more enticing to dishonest managers when the system of controls is weak. The possibility of management override potentially alters the auditor’s testing and evaluation because the evaluation of internal controls provide information about the manager’s incentives and opportunity to commit fraud because a weaker system of internal control makes fraud less difficult to commit.
Auditing审计
Certified Public Accountants who audit public companies, usually as an external auditor, jobs have been significantly impacted due to the Sarbanes-Oxley Act. There are now specific rules for key proposals on responsibilities to test controls and evaluate internal control deficiencies and the extent that auditors can be involved. Other areas of concern for external auditors include their role to detect fraud, the retention of records, registering with the PCAOB, audit partner rotation to ensure objectiveness, and the restrictions on non-audit services that the auditor can provide to the company. One of the goals of Sarbanes-Oxley is to remove the conflict of interest where revenue from non-audit services may provide an incentive to give unjustified assertions for fear of losing the revenue. According to Heffes and Gimpert, internal auditors should be able to define and identify errors, omissions and/or process failures before they get out of hand and no area of the business should be exempt from some sort of independent assessment; while, external auditors are looking at materiality and processes that are financial statement-related (2006). Internal auditors are mostly concerned with operational activities which are the real risk to the company; while, external auditors are more concerned with financial risks which are also important to a company. Internal audit departments vary in size from five to 10 people for a Fortune 500 company to possibly 50 internal auditors at a Fortune 100 company.
审计上市公司的注册会计师,通常是一名外部审计师,由于萨班斯-奥克斯利法案(Sarbanes-Oxley Act),工作岗位受到了严重影响。现在对于测试控制和评价内部控制缺陷的责任以及审计员可以参与的程度的关键建议有具体的规则。外部审计师关注的其他领域包括他们的角色,以发现欺诈,保留记录,注册PCAOB,审计合作伙伴轮转,以确保客观性,以及限制非审计服务,审计人员可以提供给公司。《萨班斯-奥克斯利法》的目标之一是消除利益冲突,即来自非审计服务的收入可能会刺激人们出于担心失去收入而给出不合理的断言。根据Heffes和gimert的观点,内部审计师应该能够在错误、遗漏和/或过程失败失控之前定义和识别它们,并且任何业务领域都不应该免于某种独立评估;同时,外部审计师正在关注与财务报表相关的重要性和过程(2006)。内部审计师主要关注对公司构成真正风险的经营活动;而外部审计人员更关注财务风险,财务风险对公司也很重要。内部审计部门的规模各不相同,从财富500强企业的5到10人,到财富100强企业的可能50名内部审计人员。
The lack of sufficient internal controls can cause companies to be exposed to fraud, error and even misappropriation of company funds. These issues could potentially represent a substantial cost to the company. Internal auditors should use their knowledge to help put into place the kinds of policies and procedures that are going to drive employees to the right kinds of behaviors. Oftentimes the internal auditors assist in training about risk assessment and ethical behavior leading to getting involved and helping to structure the training. However, the internal auditor is an independent, objective assessor of the results, activities and processes of the company and should be an excellent source of information to the audit committee and management. As the audit committee and management are required to take more responsibility and to provide more documentation with limited time, they will want more assurance from the internal auditors that their statements are free of misstatements and that internal controls are suitable. The auditor must attest to management’s assessment of the effectiveness of a company’s internal controls using standards that the Public Company Accounting Oversight Board (PCAOB) issued. The auditor’s assessment and management’s assertion should be kept separate and should not be based upon each other to ensure that the audit is objective. Auditors must determine whether the control is properly designed to prevent or detect material misstatements on a timely basis, see how the control was applied and who applied it, and form an opinion of the effectiveness of the company’s internal controls. The auditor may consider the results of management’s tests of controls but should never rely on them solely. Third parties and internal auditors should adhere to this method as well.
Quality Control质量控制
The auditor incurs costs for performing audit work and could also face potential litigation and reputation harm if fraud occurs and is not detected during the audit process. The auditor chooses the amount of control tests and the amount of substantive tests to minimize total costs, which include the cost to perform the audit work and the expected cost of an audit failure. The costs of performing audit work are the costs of internal control testing and the substantive testing. If the manager commits a fraud that goes undetected by the auditor, the auditor suffers a penalty comparable to the amount of the fraud which could be substantial.
如果在审计过程中发生舞弊而未被发现,审计师会因执行审计工作而产生成本,还可能面临潜在的诉讼和声誉损害。审计员选择控制测试的数量和实质性测试的数量,以最小化总成本,其中包括执行审计工作的成本和审计失败的预期成本。实施审计工作的成本包括内部控制检验成本和实质性检验成本。如果经理有舞弊行为,而审计师没有发现,那么审计师将受到与舞弊金额相当的惩罚,这可能是重大的。
The IRS revised Schedule M-3 form for C corporations to increase the transparency between financial statement income and tax return income and ultimately to help the IRS identify tax returns for examination. This was the beginning of the tax form revisions-the IRS has now revised similar forms for partnerships, S corporations and other tax payers that do not use Form 1120. The majority of tax payers are now facing similar reporting burdens to ensure that the company meets compliance standards set forth from the Sarbanes-Oxley Act.
According to the article in the Journal of Accountancy, cycle rotation was used as a way to test controls prior to Sarbanes-Oxley Act; this involved testing controls in several of a company’s transaction cycles while doing a sample transaction to confirm the absence of control changes in the remaining cycles (2003). Now auditors must report on the effect of internal control over financial reporting. Auditors will need to obtain more evidence about the effectiveness of controls and perform substantive procedures due to the limitations of internal controls and risk of management override.
根据《会计杂志》上的文章,在萨班斯-奥克斯利法案之前,周期轮换被用作一种测试控制的方法;这涉及在公司的几个事务周期中测试控制,同时做一个示例事务,以确认在其余的周期中没有控制更改(2003)。现在审计人员必须报告内部控制对财务报告的影响。由于内部控制的局限性和管理层不遵守规定的风险,审计员将需要获得更多关于控制有效性的证据,并执行实质性程序。
Regardless of the reason, numerous or repeated deficits may lead to a significant issue; although, individually insignificant, numerous control deficits having a common feature or aspect may also lead to significant issue. A large misstatement that the auditor finds, but the company does not find, usually is a material weakness in controls. A material weakness prevents an unqualified opinion that controls are effective. Inadequate company documentation of controls could result in a material weakness. According to the article in Practical Accountant, the Public Company Accounting Oversight Board’s (PCAOB) monitoring revealed that some audits performed under certain circumstances were not as effective or efficient as intended, and as the board expects they can be in the future given the benefits of experience, adequate time, and resources (2006).
无论何种原因,大量或重复的赤字都可能导致重大问题;尽管个别无关紧要,但许多具有共同特征或方面的控制缺陷也可能导致重大问题。审计人员发现但公司没有发现的重大错报,通常是控制方面的重大弱点。一个实质性的弱点阻止了一个毫无保留的观点,即控制是有效的。不充分的公司控制文件可能导致重大缺陷。根据这篇文章在实际会计,公众公司会计监督委员会(PCAOB)监测表明,一些审计在某些情况下不执行有效或高效的目的,以及董事会预计他们在未来可以给经验的好处,有足够的时间和资源(2006)。
According to Epps and Messier, engagement quality review is an important part of the audit process that is designed to provide quality control for audit engagements and to serve as an evaluation of the performance of the audit engagement partner and engagement team (2007). The Securities and Exchange Commission (SEC) has stated frustration with the performance of engagement quality reviewers on audit engagements. The SEC has increased the responsibility level on the engagement quality reviewer where financial statements have been issued with material misstatements.
The importance of engagement quality reviews is identified in Section 103 of the
Sarbanes-Oxley Act of 2002 which mandated that the Public Company Accounting
Oversight Board (PCAOB) develop an auditing standard to address engagement quality
review. The PCAOB noted that inclusion of Section 103 in SOX “signals Congressional
intent that existing requirements for such reviews be evaluated” (PCAOB 2004, 2).
One of the objectives of this research is to determine the consistency of engagement quality partner guidance included in the audit manuals of the major public accounting firms. This analysis will be helpful to the PCAOB and the auditing profession moving forward with developing and auditing standard for engagement quality review. Another objective is to conduct a task analysis of engagement quality reviews in order to develop a series of questions and concerns for future research. Better task descriptions will provide improvement for judgement research and increased understanding of the profession. There are differences between firms in the assignment of engagement auditors, the level of participation of the concurring partner in audit planning, the content and comprehensiveness of the audit, and the level of involvement of the concurring partners during the audit engagement.
本研究的目标之一是确定审计业务质量合伙人指南的一致性,包括在审计手册的主要会计师事务所。这一分析将有助于PCAOB和审计行业制定审计业务质量审查的审计标准。另一个目标是对敬业质量评价进行任务分析,以便为未来的研究提出一系列问题和关注。更好的任务描述将改善判断研究和增加对专业的理解。各事务所在业务审计人员的分配、合并合伙人对审计计划的参与程度、审计的内容和全面性以及合并合伙人在审计业务中的参与程度方面存在差异。
In the past, the SEC allows companies to establish their own policies and procedures related to the qualifications of the concurrent reviewers; the nature, extent and timing of the review; and the required documentation to evidence compliance with company policy and procedures for engagement quality reviews. However, now the SEC has established guidance on the responsibilities of the concurring partner as an objective reviewer of the audit engagement. This guidance states that the concurring partner should provide negative assurance to the firm that audit complies with generally accepted accounting principles (GAAP) and generally accepted auditing standards (GAAS). Therefore, the concurring partner serves as a final quality control instrument.
Independence Standards and Rules独立标准与规则
Prior to the Sarbanes-Oxley Act, risk management was considered to be an optional business activity, which a company could implement if it thought that the benefits outweighed the cost. It is the responsibility of the company to set expectations by policies and procedures that drive people to do the right thing, communicate to ensure that expectations are known throughout the company, proper training to ensure that employees are comfortable with their day-to-day tasks, and being able to hold people accountable for meeting the expectations that have been set forth. Most companies have several forms of controls documentation such as policy and accounting manuals, flowcharts and decision tables to ensure proper authorization. Companies often believe that it is usually more efficient to prevent rather than to detect and correct a material misstatement. However, a well-run control system should have a good mix of both controls. “To ensure a comprehensive and consistent process, many auditors are recommending clients establish project teams reporting directly to the Chief Executive Officer or Chief Financial Officer; The Chief Financial Officer, Controller or Internal Audit Director should head the team, which should consist minimally of adequately trained personnel from accounting, internal audit, information systems, finance, operations, legal and human resources” (McConnell, Banks, 2003).
在萨班斯-奥克斯利法案(Sarbanes-Oxley Act)出台之前,风险管理被认为是一种可选的业务活动,如果公司认为收益大于成本,就可以实施风险管理。公司有责任通过政策和程序来设定期望,以推动员工做正确的事情,沟通以确保整个公司都知道期望,适当的培训以确保员工适应他们的日常工作,能够让员工为达到既定的期望而负责。大多数公司都有几种形式的控制文件,如政策和会计手册、流程图和决策表,以确保适当的授权。公司通常认为,预防而不是发现和纠正重大错报通常更有效。然而,一个运行良好的控制系统应该很好地混合这两种控制方式。“为了确保一个全面和一致的过程,许多审计师建议客户建立项目团队,直接向首席执行官或首席财务官报告;首席财务官,财务总监或内部审计主任应该领导这个团队,这个团队应该由最低限度的受过充分培训的人员,从会计,内部审计,信息系统,财务,运营,法律和人力资源”(McConnell, Banks, 2003)。
The auditor’s assessment and management’s assertion should be kept separate and should not be based upon each other to ensure that the audit is objective. Auditors may help to gather or prepare information, but management is responsible for documenting controls. Auditors may also help clients evaluate controls effectively. Management must accept responsibility for the effectiveness of its internal controls, support this evaluation with sufficient evidence and present a written assertion about the effectiveness to be included with the auditor’s findings report as a representation letter or as a separate report to accompany the auditor’s report. Management must also document antifraud programs and controls over significant non-routine and non-systematic transactions, as well as, controls over the period-end financial reporting process. Management’s failure to allow the auditor enough time to properly assess any changes that have been made in the control process could lead to a negative opinion being listed in the auditor’s report. “Management has the responsibility to catch their own frauds, and if they don’t catch themselves they are culpable because they didn’t catch themselves” (Linsley, 2003).
Many companies have complained about that the extraordinary requirements of Sarbanes-Oxley involving documentation and testing of internal controls. Prior to Sarbanes-Oxley, documentation was typically not extensive and neither the company nor the auditor was required to test controls. With the implementation of Sarbanes-Oxley many companies were forced to put into place new controls, provide a narrative about all controls, indicate in written form anytime a control is performed and then test whether the controls are working. However, Sarbanes-Oxley was enacted to reduce fraud and audit failures related to fraud and directly affects three audit performance measures: expected fraud, audit risk, and expected undetected fraud. Expected fraud is the amount of fraud multiplied by the probability that the manager is dishonest. Audit risk is the probability that a material misstatement occurs and is not detected by the audit process. Expected undetected fraud is the amount of fraud committed in balance multiplied by audit risk. For the same reason that expected fraud decreases, audit risk increases. Sarbanes-Oxley affects the amount of expected undetected fraud only if there is a corresponding increase in the auditor’s liability parameter. If the auditor’s liability increases under Sarbanes-Oxley, the probability of undetected fraud goes up while the amount of fraud goes down at a greater rate.
许多公司都抱怨萨班斯-奥克斯利法案的特殊要求涉及文件编制和内部控制测试。在萨班斯-奥克斯利法案之前,文件通常不广泛,公司和审计师都不需要测试控制。随着萨班斯-奥克斯利法案(Sarbanes-Oxley)的实施,许多公司被迫实施新的控制措施,对所有的控制措施提供说明,以书面形式指出何时实施控制措施,然后测试这些控制措施是否有效。然而,萨班斯-奥克斯利法案的颁布是为了减少舞弊和与舞弊相关的审计失败,并直接影响三个审计绩效指标:预期舞弊、审计风险和预期未被发现的舞弊。预期欺诈是欺诈的数量乘以经理不诚实的概率。审计风险是重大错报发生且未被审计过程发现的概率。预期未被发现的舞弊是舞弊数额的余额乘以审计风险。由于预期舞弊减少的相同原因,审计风险增加。《萨班斯-奥克斯利法》仅在审计师的负债参数相应增加时才会影响预计未被发现的欺诈金额。如果根据萨班斯-奥克斯利法案,审计师的负债增加,未被发现的欺诈行为的概率增加,而欺诈行为的数量则以更大的速度下降。
留学生论文相关专业范文素材资料,尽在本网,可以随时查阅参考。本站也提供多国留学生课程作业写作指导服务,如有需要可咨询本平台。
