Management Accounting Report: Internal Control Changes Analysis

Verified

Added on 2022/11/23

AI Summary

This report examines the significant changes in internal control for companies due to the Sarbanes-Oxley Act and PCAOB Auditing Standards No. 2201. It details how the Sarbanes-Oxley Act mandates internal control reports for financial accuracy, including the role of SOX auditors in reviewing controls and procedures, and the importance of frameworks like COBIT. The report also discusses the PCAOB Auditing Standards No. 2201, which provides requirements for auditing management’s assessment of internal control effectiveness, emphasizing that material weaknesses render internal control ineffective. The responsibilities of auditors are also redefined, requiring technical proficiency and professional skepticism, and the use of recognized control frameworks. The report further outlines the required changes in internal control when a company becomes public, including the preparation of internal control reports, auditor interviews, and the testing of key internal control elements such as IT security, access controls, data backup, and change management. References from various scholarly articles support the analysis.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: MANAGEMENT ACCOUNTING
Management Accounting
Name of the Student
Name of the University
Author’s Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1MANAGEMENT ACCOUNTING
Table of Contents
Change in Company’s Responsibilities for Internal Control.....................................................2
Required Changes in Internal Control Once the Company Become the Public Company........3
References..................................................................................................................................5

2MANAGEMENT ACCOUNTING
Change in Company’s Responsibilities for Internal Control
It needs to be mentioned that there have been certain major changes in the internal
control of the companies due to the introduction of both the Sarbanes-Oxley Act and PCAOB
Auditing Standards No. 2201. These changes in responsibilities are discussed below.
Sarbanes-Oxley Act – There will be certain changes in the company’s responsibilities for
internal control due to comply with the Sarbanes-Oxley Act. As per the requirement of this
act, the company is now needed to include a Report for Internal Control for all the financial
reports with the aim to ensure that the financial data of the company are accurate and there is
adequate control for safeguarding these data. Additional requirement is the year-end financial
disclosure report (Chhaochharia et al., 2016). This act states that it is needed to have an
additional SOX auditor for reviewing control, policies and procedures at the time of Section
404 audit. The new responsibility will be to monitor, log and audit certain parameters as per
SOX 302, 404 and 409; they are internal control, network activity, database activity, login
activity, account activity, user activity and information access. The changed requirement is
the auditing of the internal controls and procedures through the use of framework such as
COBIT. Since review of the internal control of a company is the largest component, changed
responsibility is to audit the components of internal control such as IT security, access
controls, data backup and change management (Willits & Nicholls, 2014).
PCAOB Auditing Standards No. 2201 – This particular standard provides the requirements
as well as directions that can be applied at the time to engaging in the audit of management’s
assessment regarding the effectiveness of internal control over financial reporting. As per this
audit standard, the changed responsibility of the company is not to consider the internal
control effective in case there is one of more than one material weaknesses exist in the
internal control; and it is because of the fact that effective internal control over financial

3MANAGEMENT ACCOUNTING
reporting provided rational assurance on the reliability of the financial reporting (Aobdia,
Choudhary & Sadka, 2018). Now, there is a change in the responsibilities of the auditors
since the objective of the auditors for internal control over financial reporting is now to
provide an opinion on the effectiveness of the company’s internal control over financial
reporting. It is because of the fact that the presence of one or more material weaknesses make
the internal control ineffective (Sunderland & Trompeter, 2017). As per the added
responsibility, the auditors now need technical training and proficiency along with exercising
due professional care that includes professional scepticism. This standard leads to the
development fieldwork and reporting standards for the internal control auditing. As per the
additional changed responsibility, it is needed for the auditors to use the same suitable and
recognized control framework for performing the audit of internal control over financial
reporting (Sunderland & Trompeter, 2017).
Required Changes in Internal Control Once the Company Become the Public Company
It is required to mention that there will be certain changes in internal control once the
company become a public company due to PCAOB and Sarbanes-Oxley Standards. These are
mentioned below:
 In case the company becomes a public company, then it will be required for it to
prepare as well as present an internal control report over financial reporting.
 The auditor will tool personal interview to the staffs of the company to ensure the fact
that their duties are same as the job description and they are effectively trained for
safe access of financial information (Gupta, Weirich & Turner, 2013).
 The external SOX auditor will review the controls, policies and procedures of internal
control at the time of Audit as per the Section of 404.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4MANAGEMENT ACCOUNTING
 The auditor will be needed to monitor, log and audit the aspects like internal control,
network activity, database activity, login activity, accounts activity, user activity and
information access (Gupta, Weirich & Turner, 2013).
 In addition, the auditors will be needed to test and audit four major elements of
internal control which are IT security, access controls, data backup and change
management.
 The external auditor will be needed to express an opinion on the effectiveness of
internal control over financial reporting and thus, it will be needed for the auditor to
consider auditing the relevant area of internal control of the company.
 It will be needed for the auditor to use the same suitable as well as recognized
framework for control over the financial reporting in order to measure the
effectiveness of the management’s evaluation of internal control effectiveness
(Kachelmeier Majors & Williamson, 2014).

5MANAGEMENT ACCOUNTING
References
Aobdia, D., Choudhary, P., & Sadka, G. (2018). Do auditors correctly identify and assess
internal control deficiencies? Evidence from the PCAOB data. Evidence from the
PCAOB Data (April 19, 2018). Georgetown McDonough School of Business
Research Paper.
Chhaochharia, V., Grinstein, Y., Grullon, G., & Michaely, R. (2016). Product market
competition and internal governance: Evidence from the Sarbanes–Oxley
Act. Management Science, 63(5), 1405-1424.
Gupta, P. P., Weirich, T. R., & Turner, L. E. (2013). Sarbanes-Oxley and public reporting on
internal control: Hasty reaction or delayed action?. Accounting Horizons, 27(2), 371-
408.
Kachelmeier, S. J., Majors, T., & Williamson, M. G. (2014). Does intent modify risk-based
auditing?. The Accounting Review, 89(6), 2181-2201.
Sunderland, D., & Trompeter, G. M. (2017). Multinational group audits: Problems faced in
practice and opportunities for research. Auditing: A Journal of Practice &
Theory, 36(3), 159-183.
Willits, S. D., & Nicholls, C. (2014). Is the Sarbanes-Oxley Act Working?. The CPA
Journal, 84(4), 38.