Page 191 - COSO Guidance Book
P. 191

1.  pertain to the maintenance of records that, in reasonable detail accurately and fairly reflect
                       the transactions and dispositions of the assets of the registrant (bookkeeping);
                   2.  provide reasonable assurance that transactions are recorded as necessary to permit
                       preparation of financial statements in accordance with generally accepted accounting
                       principles, and that receipts and expenditures of the registrant are being made only in
                       accordance with authorizations of management and directors of the registrant (authorization
                       of transactions and bookkeeping); and
                   3.  provide reasonable assurance regarding prevention or timely detection of unauthorized
                       acquisition, use, or disposition of the registrant’s assets that could have a material effect on
                       the financial statement (safeguarding assets, access to assets, and independent
                       reconciliation).

            The similarities between the functions included in the FCPA, the Auditing Standards Board’s (ASB)
            definition of internal control (presented in a following section), and the SEC’s definition of internal control
            (provided previously) demonstrates how the important internal control concept of separation of duties
            has stood the test of time in varied definitions of internal control.

            The SEC stated that management must base its evaluation of the effectiveness of the company’s internal
            control over financial reporting on a suitable, recognized control framework established by a body or
            group that has followed due-process procedures, including the broad distribution of the framework for
            public comment. The SEC stated that the Committee of Sponsoring Organizations’ (COSO) Internal
            Control — Integrated Framework satisfies their criteria and may be used as an evaluation framework. The
            SEC further notes that COSO is not the only framework that may be used. Other frameworks, such as
            those developed outside of the United States, might be appropriate.




            The generally accepted auditing standards definition of internal control

            Internal control is defined in AU-C section 315, Understanding the Entity and Its Environment and
            Assessing the Risks of Material Misstatement (AICPA, Professional Standards). The definition provided in
            AU-C section 315 paragraph .04 is as follows:

                   A process effected by those charged with governance, management, and other personnel that is
                   designed to provide reasonable assurance about the achievement of the entity’s objectives with
                   regard to the reliability of financial reporting, effectiveness and efficiency of operations, and
                   compliance with applicable laws and regulations. Internal control over safeguarding of assets
                   against unauthorized acquisition, use, or disposition may include controls relating to financial
                   reporting and operations objectives.
















            © 2020 Association of International Certified Professional Accountants. All rights reserved.    2-3
   186   187   188   189   190   191   192   193   194   195   196