留學會計專業Essay代寫范文:The Sarbanes-Oxley Act: Evaluation of Section 103
本文是留學會計專業的Essay代寫范例,題目是“The Sarbanes-Oxley Act: Evaluation of Section 103(薩班斯-奧克斯利法案:對第103條的評估)”,薩班斯-奧克斯利法案是對內部和外部審計師、高管和董事會的重大改變之一。內部審計員對其審計委員會和外部審計員負有更大的責任。內部審計可以創建道德規范程序,執行適當的內部控制,以評估風險,并有助于發現和預防欺詐。審計師不能接受管理層對公司內部控制有效性得出結論的責任。管理層不能根據審計人員的測試結果來斷言設計和操作的有效性。最終,審計師和管理層共同工作,但獨立確定內部控制過程是準確平衡的。該公司確保更好的控制程序可以減少欺詐行為。
Abstract摘要
The Sarbanes-Oxley Act was one of major change for internal and external auditors, executives and boards of directors. Internal auditors have greater responsibilities to their audit committees and external auditors. Internal auditing can create ethics programs and perform proper internal control to assess risk as well as be instrumental in detecting and preventing fraud. Auditors cannot accept management’s responsibility to reach conclusions on the effectiveness of the company’s internal controls. Management cannot base its assertions about design and operating effectiveness on the results of the auditor’s tests. Ultimately, auditors and management work together but independently to determine the internal controls process is accurately balanced. The company ensuring better control processes could reduce fraud.
Auditing, Quality Control, and Independence
Standards and Rules
Business fraud is a major concern in the accounting profession and in the business community. The current audit process emphasizes the independent auditor’s responsibility for detecting and deterring fraud. Executives of public companies are subject to new fraud prevention measures enacted under the Sarbanes-Oxley Act of 2002 and administered by the Securities and Exchange Commission (SEC). Congress enacted the Sarbanes-Oxley Act of 2002 in response to highly publicized business failures, allegations of corporate fraud and financial statements restatements. “It is the most extensive overhaul of securities law since the 1930’s, and was the result of corporate and accounting scandals, including, Enron, Worldcom, Tyco, Xerox, Sunbeam, Adelphia and Arthur Anderson” (Linsley, 2003). If management has the ability to manipulate the financials in order to affect stock prices, then opportunities give them the incentive to do so. Large grants of stock options give large incentives to management and the risk of manipulation increases. The interest of management in their own personal wealth was more intense and lead to manipulating the financials to ensure their own profit was maximized.
Cynthia Glassman, Commissioner of the Security and Exchange Commission, in a speech given in Washington D.C., on September 27, 2002 specifically includes the requirement that the CEO and the Board put in place procedures to “ensure that they hear bad news,” and “not to create an environment in which senior officials are afraid to discuss or act on potentially serious misconduct that comes to their attention.” (Linsley, 2003).
2002年9月27日,美國證券交易委員會委員辛西婭·格拉斯曼在華盛頓特區的一次演講中明確提出,首席執行官和董事會應制定相應的程序,“確保他們聽到壞消息”。“不要創造一種環境,讓高級官員不敢討論或對他們可能注意到的嚴重不當行為采取行動。””(格魯,2003)。
The law changes the behavior of those in charge to reduce risk exposure in a number of ways. One of the most important ways is the risk that is created directly by their behavior; basically, the management, the board, and the auditors could themselves be a major source of the risk.
There is no doubt thatthe Sarbanes-Oxley Act was one of the major changes for internal and external auditors as well as the board of directors and executives of companies. The corporate world is dependent on high-quality and high-functioning Chief Financial Officers; The reports that Chief Financial Officers are now required to prepare and submit will take time and effort and a fair amount of cost. A company that has proper internal controls in place will ultimately say that it is worth every penny due to the rules and regulations that are now required for the Sarbanes-Oxley Act. Internal auditors are in the best position to alert senior management to potential issues before they become larger problems. Sarbanes-Oxley Act has ensured that the Chief Financial Officer is either more knowledgeable or at the very least wants to be more knowledgeable about the internal controls within the company. If there is a particular control that is not gaining the needed result then a change can be made prior to the end of the year when a negative opinion from an outside auditor could make things worse. Many companies started out by taking a short-term approach to the compliance standards and now are struggling to maintain compliance with the regulations. “Meeting these regulatory requirements is the new reality, but the running of a better business over the long-term should be the objective” (Heffes, 2004).
毫無疑問,薩班斯-奧克斯利法案是公司內部和外部審計師以及董事會和高管的主要變化之一。企業界依賴于高質量、高功能的首席財務官;現在要求首席財務長編寫和提交的報告將花費時間和精力和相當多的費用。一家擁有適當內部控制的公司最終會說,由于薩班斯-奧克斯利法案(Sarbanes-Oxley Act)現在要求的規則和規定,它的每一分錢都是值得的。內部審計員是在潛在問題變成更大的問題之前提醒高級管理層的最佳人選。薩班斯-奧克斯利法案確保了首席財務官對公司內部控制的了解或至少希望了解得更多。如果有一個特定的控制沒有獲得所需的結果,那么可以在年底之前做出改變,因為來自外部審計師的負面意見可能會使事情變得更糟。許多公司開始時采取了遵從性標準的短期方法,現在正努力保持對法規的遵從性。“滿足這些監管要求是新的現實,但長期經營更好的業務應該是目標”(Heffes, 2004)。
Another issue that Chief Financial Officers are tasked with is achieving lean operations through aggressive cost-cutting, which sometimes means that cutting costs may jeopardize compliance or cause a material breakdown in controls and can result in the company’s competitiveness being diminished. One approach to this issue is to identify the most effective and efficient controls that are needed to achieve compliance. Risk-based considerations are used to drive efficiently and realizes that not all accounts, transaction and risks are equally important. Another approach would be a balanced control design and basically treat each control as an equal regardless of the risk consideration. However, both of these approaches are a continuous process and should be integrated into the regular routines of the business.
The Sarbanes-Oxley internal control provisions impose significant responsibilities on both the management and the auditor. Management will be forced to take ownership of the process of identifying, documenting, and evaluating significant controls. Management will also need to determine the areas of the company that need to be evaluated. Auditors providing an opinion on the effectiveness of the company’s internal controls is a significant responsibility. Both management and auditors recognize that the internal control process will be valuable for several reasons. The Sarbanes-Oxley Act places legal restraints on certain behaviors, makes responsibilities more obvious, and requires that certain information be made public. Some of this affects external auditors; however, the majority affects both internal and external auditors. Thus, auditors have been drawn into a greater risk management role as a result of Sarbanes-Oxley. Basically, the management designs and implements the system of internal controls and the auditor review and make suggestions for improving the controls and process. Strong internal controls make fraud difficult to commit and make fraud discovery likely. However, managers who are intent on committing fraud have an incentive to design weaknesses into the system of controls because the benefits to fraud are more enticing to dishonest managers when the system of controls is weak. The possibility of management override potentially alters the auditor’s testing and evaluation because the evaluation of internal controls provide information about the manager’s incentives and opportunity to commit fraud because a weaker system of internal control makes fraud less difficult to commit.
Auditing審計
Certified Public Accountants who audit public companies, usually as an external auditor, jobs have been significantly impacted due to the Sarbanes-Oxley Act. There are now specific rules for key proposals on responsibilities to test controls and evaluate internal control deficiencies and the extent that auditors can be involved. Other areas of concern for external auditors include their role to detect fraud, the retention of records, registering with the PCAOB, audit partner rotation to ensure objectiveness, and the restrictions on non-audit services that the auditor can provide to the company. One of the goals of Sarbanes-Oxley is to remove the conflict of interest where revenue from non-audit services may provide an incentive to give unjustified assertions for fear of losing the revenue. According to Heffes and Gimpert, internal auditors should be able to define and identify errors, omissions and/or process failures before they get out of hand and no area of the business should be exempt from some sort of independent assessment; while, external auditors are looking at materiality and processes that are financial statement-related (2006). Internal auditors are mostly concerned with operational activities which are the real risk to the company; while, external auditors are more concerned with financial risks which are also important to a company. Internal audit departments vary in size from five to 10 people for a Fortune 500 company to possibly 50 internal auditors at a Fortune 100 company.
審計上市公司的注冊會計師,通常是一名外部審計師,由于薩班斯-奧克斯利法案(Sarbanes-Oxley Act),工作崗位受到了嚴重影響。現在對于測試控制和評價內部控制缺陷的責任以及審計員可以參與的程度的關鍵建議有具體的規則。外部審計師關注的其他領域包括他們的角色,以發現欺詐,保留記錄,注冊PCAOB,審計合作伙伴輪轉,以確保客觀性,以及限制非審計服務,審計人員可以提供給公司。《薩班斯-奧克斯利法》的目標之一是消除利益沖突,即來自非審計服務的收入可能會刺激人們出于擔心失去收入而給出不合理的斷言。根據Heffes和gimert的觀點,內部審計師應該能夠在錯誤、遺漏和/或過程失敗失控之前定義和識別它們,并且任何業務領域都不應該免于某種獨立評估;同時,外部審計師正在關注與財務報表相關的重要性和過程(2006)。內部審計師主要關注對公司構成真正風險的經營活動;而外部審計人員更關注財務風險,財務風險對公司也很重要。內部審計部門的規模各不相同,從財富500強企業的5到10人,到財富100強企業的可能50名內部審計人員。
The lack of sufficient internal controls can cause companies to be exposed to fraud, error and even misappropriation of company funds. These issues could potentially represent a substantial cost to the company. Internal auditors should use their knowledge to help put into place the kinds of policies and procedures that are going to drive employees to the right kinds of behaviors. Oftentimes the internal auditors assist in training about risk assessment and ethical behavior leading to getting involved and helping to structure the training. However, the internal auditor is an independent, objective assessor of the results, activities and processes of the company and should be an excellent source of information to the audit committee and management. As the audit committee and management are required to take more responsibility and to provide more documentation with limited time, they will want more assurance from the internal auditors that their statements are free of misstatements and that internal controls are suitable. The auditor must attest to management’s assessment of the effectiveness of a company’s internal controls using standards that the Public Company Accounting Oversight Board (PCAOB) issued. The auditor’s assessment and management’s assertion should be kept separate and should not be based upon each other to ensure that the audit is objective. Auditors must determine whether the control is properly designed to prevent or detect material misstatements on a timely basis, see how the control was applied and who applied it, and form an opinion of the effectiveness of the company’s internal controls. The auditor may consider the results of management’s tests of controls but should never rely on them solely. Third parties and internal auditors should adhere to this method as well.
Quality Control質量控制
The auditor incurs costs for performing audit work and could also face potential litigation and reputation harm if fraud occurs and is not detected during the audit process. The auditor chooses the amount of control tests and the amount of substantive tests to minimize total costs, which include the cost to perform the audit work and the expected cost of an audit failure. The costs of performing audit work are the costs of internal control testing and the substantive testing. If the manager commits a fraud that goes undetected by the auditor, the auditor suffers a penalty comparable to the amount of the fraud which could be substantial.
如果在審計過程中發生舞弊而未被發現,審計師會因執行審計工作而產生成本,還可能面臨潛在的訴訟和聲譽損害。審計員選擇控制測試的數量和實質性測試的數量,以最小化總成本,其中包括執行審計工作的成本和審計失敗的預期成本。實施審計工作的成本包括內部控制檢驗成本和實質性檢驗成本。如果經理有舞弊行為,而審計師沒有發現,那么審計師將受到與舞弊金額相當的懲罰,這可能是重大的。
The IRS revised Schedule M-3 form for C corporations to increase the transparency between financial statement income and tax return income and ultimately to help the IRS identify tax returns for examination. This was the beginning of the tax form revisions-the IRS has now revised similar forms for partnerships, S corporations and other tax payers that do not use Form 1120. The majority of tax payers are now facing similar reporting burdens to ensure that the company meets compliance standards set forth from the Sarbanes-Oxley Act.
According to the article in the Journal of Accountancy, cycle rotation was used as a way to test controls prior to Sarbanes-Oxley Act; this involved testing controls in several of a company’s transaction cycles while doing a sample transaction to confirm the absence of control changes in the remaining cycles (2003). Now auditors must report on the effect of internal control over financial reporting. Auditors will need to obtain more evidence about the effectiveness of controls and perform substantive procedures due to the limitations of internal controls and risk of management override.
根據《會計雜志》上的文章,在薩班斯-奧克斯利法案之前,周期輪換被用作一種測試控制的方法;這涉及在公司的幾個事務周期中測試控制,同時做一個示例事務,以確認在其余的周期中沒有控制更改(2003)。現在審計人員必須報告內部控制對財務報告的影響。由于內部控制的局限性和管理層不遵守規定的風險,審計員將需要獲得更多關于控制有效性的證據,并執行實質性程序。
Regardless of the reason, numerous or repeated deficits may lead to a significant issue; although, individually insignificant, numerous control deficits having a common feature or aspect may also lead to significant issue. A large misstatement that the auditor finds, but the company does not find, usually is a material weakness in controls. A material weakness prevents an unqualified opinion that controls are effective. Inadequate company documentation of controls could result in a material weakness. According to the article in Practical Accountant, the Public Company Accounting Oversight Board’s (PCAOB) monitoring revealed that some audits performed under certain circumstances were not as effective or efficient as intended, and as the board expects they can be in the future given the benefits of experience, adequate time, and resources (2006).
無論何種原因,大量或重復的赤字都可能導致重大問題;盡管個別無關緊要,但許多具有共同特征或方面的控制缺陷也可能導致重大問題。審計人員發現但公司沒有發現的重大錯報,通常是控制方面的重大弱點。一個實質性的弱點阻止了一個毫無保留的觀點,即控制是有效的。不充分的公司控制文件可能導致重大缺陷。根據這篇文章在實際會計,公眾公司會計監督委員會(PCAOB)監測表明,一些審計在某些情況下不執行有效或高效的目的,以及董事會預計他們在未來可以給經驗的好處,有足夠的時間和資源(2006)。
According to Epps and Messier, engagement quality review is an important part of the audit process that is designed to provide quality control for audit engagements and to serve as an evaluation of the performance of the audit engagement partner and engagement team (2007). The Securities and Exchange Commission (SEC) has stated frustration with the performance of engagement quality reviewers on audit engagements. The SEC has increased the responsibility level on the engagement quality reviewer where financial statements have been issued with material misstatements.
The importance of engagement quality reviews is identified in Section 103 of the
Sarbanes-Oxley Act of 2002 which mandated that the Public Company Accounting
Oversight Board (PCAOB) develop an auditing standard to address engagement quality
review. The PCAOB noted that inclusion of Section 103 in SOX “signals Congressional
intent that existing requirements for such reviews be evaluated” (PCAOB 2004, 2).
One of the objectives of this research is to determine the consistency of engagement quality partner guidance included in the audit manuals of the major public accounting firms. This analysis will be helpful to the PCAOB and the auditing profession moving forward with developing and auditing standard for engagement quality review. Another objective is to conduct a task analysis of engagement quality reviews in order to develop a series of questions and concerns for future research. Better task descriptions will provide improvement for judgement research and increased understanding of the profession. There are differences between firms in the assignment of engagement auditors, the level of participation of the concurring partner in audit planning, the content and comprehensiveness of the audit, and the level of involvement of the concurring partners during the audit engagement.
本研究的目標之一是確定審計業務質量合伙人指南的一致性,包括在審計手冊的主要會計師事務所。這一分析將有助于PCAOB和審計行業制定審計業務質量審查的審計標準。另一個目標是對敬業質量評價進行任務分析,以便為未來的研究提出一系列問題和關注。更好的任務描述將改善判斷研究和增加對專業的理解。各事務所在業務審計人員的分配、合并合伙人對審計計劃的參與程度、審計的內容和全面性以及合并合伙人在審計業務中的參與程度方面存在差異。
In the past, the SEC allows companies to establish their own policies and procedures related to the qualifications of the concurrent reviewers; the nature, extent and timing of the review; and the required documentation to evidence compliance with company policy and procedures for engagement quality reviews. However, now the SEC has established guidance on the responsibilities of the concurring partner as an objective reviewer of the audit engagement. This guidance states that the concurring partner should provide negative assurance to the firm that audit complies with generally accepted accounting principles (GAAP) and generally accepted auditing standards (GAAS). Therefore, the concurring partner serves as a final quality control instrument.
Independence Standards and Rules獨立標準與規則
Prior to the Sarbanes-Oxley Act, risk management was considered to be an optional business activity, which a company could implement if it thought that the benefits outweighed the cost. It is the responsibility of the company to set expectations by policies and procedures that drive people to do the right thing, communicate to ensure that expectations are known throughout the company, proper training to ensure that employees are comfortable with their day-to-day tasks, and being able to hold people accountable for meeting the expectations that have been set forth. Most companies have several forms of controls documentation such as policy and accounting manuals, flowcharts and decision tables to ensure proper authorization. Companies often believe that it is usually more efficient to prevent rather than to detect and correct a material misstatement. However, a well-run control system should have a good mix of both controls. “To ensure a comprehensive and consistent process, many auditors are recommending clients establish project teams reporting directly to the Chief Executive Officer or Chief Financial Officer; The Chief Financial Officer, Controller or Internal Audit Director should head the team, which should consist minimally of adequately trained personnel from accounting, internal audit, information systems, finance, operations, legal and human resources” (McConnell, Banks, 2003).
在薩班斯-奧克斯利法案(Sarbanes-Oxley Act)出臺之前,風險管理被認為是一種可選的業務活動,如果公司認為收益大于成本,就可以實施風險管理。公司有責任通過政策和程序來設定期望,以推動員工做正確的事情,溝通以確保整個公司都知道期望,適當的培訓以確保員工適應他們的日常工作,能夠讓員工為達到既定的期望而負責。大多數公司都有幾種形式的控制文件,如政策和會計手冊、流程圖和決策表,以確保適當的授權。公司通常認為,預防而不是發現和糾正重大錯報通常更有效。然而,一個運行良好的控制系統應該很好地混合這兩種控制方式。“為了確保一個全面和一致的過程,許多審計師建議客戶建立項目團隊,直接向首席執行官或首席財務官報告;首席財務官,財務總監或內部審計主任應該領導這個團隊,這個團隊應該由最低限度的受過充分培訓的人員,從會計,內部審計,信息系統,財務,運營,法律和人力資源”(McConnell, Banks, 2003)。
The auditor’s assessment and management’s assertion should be kept separate and should not be based upon each other to ensure that the audit is objective. Auditors may help to gather or prepare information, but management is responsible for documenting controls. Auditors may also help clients evaluate controls effectively. Management must accept responsibility for the effectiveness of its internal controls, support this evaluation with sufficient evidence and present a written assertion about the effectiveness to be included with the auditor’s findings report as a representation letter or as a separate report to accompany the auditor’s report. Management must also document antifraud programs and controls over significant non-routine and non-systematic transactions, as well as, controls over the period-end financial reporting process. Management’s failure to allow the auditor enough time to properly assess any changes that have been made in the control process could lead to a negative opinion being listed in the auditor’s report. “Management has the responsibility to catch their own frauds, and if they don’t catch themselves they are culpable because they didn’t catch themselves” (Linsley, 2003).
Many companies have complained about that the extraordinary requirements of Sarbanes-Oxley involving documentation and testing of internal controls. Prior to Sarbanes-Oxley, documentation was typically not extensive and neither the company nor the auditor was required to test controls. With the implementation of Sarbanes-Oxley many companies were forced to put into place new controls, provide a narrative about all controls, indicate in written form anytime a control is performed and then test whether the controls are working. However, Sarbanes-Oxley was enacted to reduce fraud and audit failures related to fraud and directly affects three audit performance measures: expected fraud, audit risk, and expected undetected fraud. Expected fraud is the amount of fraud multiplied by the probability that the manager is dishonest. Audit risk is the probability that a material misstatement occurs and is not detected by the audit process. Expected undetected fraud is the amount of fraud committed in balance multiplied by audit risk. For the same reason that expected fraud decreases, audit risk increases. Sarbanes-Oxley affects the amount of expected undetected fraud only if there is a corresponding increase in the auditor’s liability parameter. If the auditor’s liability increases under Sarbanes-Oxley, the probability of undetected fraud goes up while the amount of fraud goes down at a greater rate.
許多公司都抱怨薩班斯-奧克斯利法案的特殊要求涉及文件編制和內部控制測試。在薩班斯-奧克斯利法案之前,文件通常不廣泛,公司和審計師都不需要測試控制。隨著薩班斯-奧克斯利法案(Sarbanes-Oxley)的實施,許多公司被迫實施新的控制措施,對所有的控制措施提供說明,以書面形式指出何時實施控制措施,然后測試這些控制措施是否有效。然而,薩班斯-奧克斯利法案的頒布是為了減少舞弊和與舞弊相關的審計失敗,并直接影響三個審計績效指標:預期舞弊、審計風險和預期未被發現的舞弊。預期欺詐是欺詐的數量乘以經理不誠實的概率。審計風險是重大錯報發生且未被審計過程發現的概率。預期未被發現的舞弊是舞弊數額的余額乘以審計風險。由于預期舞弊減少的相同原因,審計風險增加。《薩班斯-奧克斯利法》僅在審計師的負債參數相應增加時才會影響預計未被發現的欺詐金額。如果根據薩班斯-奧克斯利法案,審計師的負債增加,未被發現的欺詐行為的概率增加,而欺詐行為的數量則以更大的速度下降。
留學生論文相關專業范文素材資料,盡在本網,可以隨時查閱參考。本站也提供多國留學生課程作業寫作指導服務,如有需要可咨詢本平臺。
