Free Essay

Auditing

In:

Submitted By abdullah550
Words 978
Pages 4
Lab #1 assignment
Assess the impact of sarbanes-oxley (sox) compliance law on Enron

Course Name: Information Technology Audit & Control
Student Name: Abdullah Shafea, Ammar Alshehri and Mohammed Rammal
Instructor Name: dr. k. Mustafa
Lab Due Date: 23/2/2016

Overview

Enron, a corporation headquartered in Houston, operated one of the largest natural gas transmission networks in North America, totaling over 36,000 miles, in addition to being the largest marketer of natural gas and electricity in the United States. Enron managed the world's largest portfolio of natural gas risk management contracts and pioneered innovative trading products. The company was on Fortune's "Most Innovative" in the United States listing for several years running and reached 7 on the Fortune 500 list in 2000. Its bankruptcy in December 2001 was the largest such filing in United States history. The name Enron became synonymous with corporate greed and corruption, and its demise cost investors and employees over $70 billion in lost capitalization and retirement benefits.
Enron shows us what a company and its leadership are capable of, when they are obsessed with making profits at any cost. One of Enron's lasting effects was the creation of the Sarbanes-Oxley Act of 2002, which tightened disclosure and increased the penalties for financial manipulation. Second, the Financial Accounting Standards Board (FASB) substantially raised its levels of ethical conduct. Third, boards of directors became more independent, monitoring the audit companies and quickly replacing bad managers. While these effects are reactive, they are important to spot and close the loopholes that companies have used, as a way to avoid accountability.

Lab Assessment Questions & Answers

1. What section of the SOX compliance law requires proper controls and hence, security controls, to ensure the confidentiality and integrity of financial information and recordkeeping within an IT infrastructure? Explain the information contained in this section.

Section 404. This means that IT needs to provide assurance that this data cannot be altered by unauthorized individuals, cannot be viewed by unauthorized individuals, and is available when needed by authorized individuals. It also ensures that any material changes to IT infrastructure that touch this data are documented and reported immediately to management.

2. Who is Richard Scrutiny and why is he relevant to SOX?

Owner and founder of HealthSouth Corp, was the first CEO charged with violating the Sarbanes-Oxley act.

3. Who, under SOX, is legally accountable for certifying and approving the integrity of the company and its financial reporting to the SEC and other financial organizations?

CEO and CFO of company

4. What is the difference between a form 10-K and a form 10-Q, and who must submit these to the Securities Exchange Commission (SEC) for publicly traded company financial reporting?

10K is for reporting annual results, 10Q is for reporting quarterly results. CEO or CFO

5. What qualifies as a "large accelerated filer," and how long after the end of the quarter do they have to file their quarterly financial report?

Companies with a public float of $700 million or more. Deadline of 40 days.

6. Where would someone go in order to find the quarterly and annual reports for a publicly traded company?

SEC Edgar Database

7. Go into the Edgar Database and find the most recent 10K and 10Q for Microsoft, Nike, and Cisco. Who signed off on the 10K for each of those companies?

Microsoft - Frank H. Brod; Nike - Mark G. Parker; Cisco - John T. Chambers

8. What are some of the criminal penalties for falsifying documents, or covers up information related to financial matters and SOX?

Monetary fines and up to 10 years in prison.

9. What is the Japanese version of SOX, and what agency oversees its implementation?

Japan' Financial Instruments and Exchange Law (J-SOX); The Internal Control Committee of the Business Accounting Council of the Japanese Financial Services Agency.

10. Of what was Dennis Kozlowski convicted, and how is it related to SOX?

Convicted of grand larceny, falsifying business records, securities fraud and other charges.

11. What is the link between SOX compliance law and information systems security?

Modern financial reporting systems are heavily dependent on technology and associated controls

12. What sections within SOX compliance law pertains to needing proper internal code?

Sections 303 and 404

13. Explain how these sections within SOX compliance law require proper security controls as it relates to having internal controls?

Any review of internal controls would not be complete without addressing controls around information security. An insecure system would not be considered a source of reliable financial information because of the possibility of unauthorized transactions or manipulation of numbers.

14. Why are Vice Presidents and other executive managers who are privy to financial performance data considered insiders to publicly traded company as defined by the Securities Exchange Commission (SEC)?

They have access to information that can be used to gain an unfair advantage over the public when trading and investing.

15. True or False. SOX compliance law now holds CEO's and CFO's of publicly traded companies accountable for their actions as officers in a publicly traded company?

True

References

1. http://www.referenceforbusiness.com/history2/57/Enron-Corporation.html 2. http://www.cbc.ca/news/business/the-rise-and-fall-of-enron-a-brief-history-1.591559 3. http://www.npr.org/news/specials/enron/history.html 4. https://www.gpo.gov/fdsys/pkg/GPO-CPRT-JCS-3-03/pdf/GPO-CPRT-JCS-3-03-1-5-2-1.pdf 5. http://www.nytimes.com/2001/11/29/business/enron-s-collapse-the-overview-enron-collapses-as-suitor-cancels-plans-for-merger.html?pagewanted=all 6. http://www.soxlaw.com/ 7. http://searchcio.techtarget.com/definition/Sarbanes-Oxley-Act 8. http://www.investopedia.com/terms/s/sarbanesoxleyact.asp 9. https://en.wikipedia.org/wiki/Sarbanes%E2%80%93Oxley_Act 10. http://smallbusiness.chron.com/impact-sarbanes-oxley-act-american-businesses-1547.html

Similar Documents

Premium Essay

Auditing

...AUDITING A RISK-BASED APPROACH TO CONDUCTING A QUALITY AUDIT 9th Edition Karla M. Johnstone | Audrey A. Gramling | Larry E. Rittenberg CHAPTER 5 PROFESSIONAL AUDITING STANDARDS AND THE AUDIT OPINION FORMULATION PROCESS Copyright © 2014 South-Western/Cengage Learning LEARNING OBJECTIVES 1. 2. 3. 4. Identify and compare the various auditing standards that provide guidance on the audit opinion formulation process List and discuss the foundational principles underlying the auditing standards List the phases and related activities in the audit opinion formulation process Explain the concept of accounting cycles and discuss their importance to the audit opinion formulation process Copyright © 2014 South-Western/Cengage Learning 5-2 LEARNING OBJECTIVES 5. 6. 7. 8. Describe the assertions that are inherent to financial statements and explain their importance to the audit opinion formulation process Define audit evidence and describe the purpose and types of audit procedures used to obtain audit evidence Discuss the importance of audit documentation and provide examples Discuss audit activities in Phase I of the audit opinion formulation process Copyright © 2014 South-Western/Cengage Learning 5-3 LEARNING OBJECTIVES 9. 10. 11. 12. Discuss audit activities in Phase II of the audit opinion formulation process Discuss audit activities in Phase III of the audit opinion formulation process Discuss audit...

Words: 4700 - Pages: 19

Premium Essay

Auditing

...AUDITING THEORY TESTBANKS / REVIEWERS 1. When an auditor believes that an understanding with the client has not been established, he or she should ordinarily a. Perform the audit with increase professional skepticism. b. Decline to accept or perform the audit. c. Assess control risk at the maximum level and perform a primarily substantive audit. d. Modify the scope of the audit to reflect an increased risk of material misstatement due to fraud. 2. An auditor should design the written audit program so that a. All material transactions will be selected for substantive testing. b. Substantive tests prior to the balance sheet date will be minimized. c. The audit procedures selected will achieve specific audit objectives. d. Each account balance will be tested under either tests of controls or tests of transactions. 3. Which of the following fraudulent activities most likely could be perpetrated due to the lack of effective internal controls in the revenue cycle? a. Fictitious transactions may be recorded that cause an understatement of revenues and overstatement of receivables. b. Claim received from customers for goods returned may be intentionally recorded in other customer’s accounts. c. Authorization of credit memos by personnel who receive cash may permit the misappropriation of cash. d. The failure to prepare shipping documents may cause an overstatement of inventory balances. 4. Accepting an engagement to examine an entity’s financial...

Words: 24671 - Pages: 99

Free Essay

Auditing

...Auditor’s Responsibility for Assessing Going Concern In auditing, going concern is identified as an entity’s capability to continue operating as a business entity. It is the auditor’s responsibility to evaluate the company’s financial statements to assess whether or not the going concern assumption is appropriate. An entity is obligated to include a disclosure in the footnotes of the financial statement stating if there is substantial doubt of the company to continue as a going concern. According to the Public Company Accounting Oversight Board, AU 341 describes the requirements for the auditor’s evaluation of an entity’s going concern. This standard states that an auditor’s responsibility is to evaluate if there is substantial doubt about an entity’s capability to carry on as a going concern for the next year. The period of substantial doubt is not to exceed twelve months. This evaluation is based upon any evidence that he or she has accumulated during the normal course of the audit. If there is substantial doubt about an entity’s ability to continue as a going concern for a reasonable period of time not to exceed one year, the auditor should review management’s plan to remedy the problems. If the substantial doubt goes unresolved, the auditor should add an explanatory paragraph to the audit report. In the event that an auditor receives a request to reissue his or her evaluation of going concern and remove the explanatory paragraph, one can refer to the PCAOB’s...

Words: 5831 - Pages: 24

Premium Essay

Auditing

...here are 10 generally accepted auditing standards and are separated into three categories. 1. General Standards a. Auditor must have adequate training, experience, education and proficiency to perform the audit. b. Auditor must have the attitude of independence c. Auditor must exercise due professional care – with care and skill 2. Standards of Fieldwork d. Auditor must plan properly and supervise employees e. Auditor must understand entity and its environment…including internal controls to assess the risk of material misstatement f. Auditor must obtain sufficient evidence 3. Standards of Reporting g. Auditor must report whether the financial statements are presented in accordance with GAAP h. Auditor must identify any inconsistency of GAAP i. Auditor must report any findings that are not reasonable to GAAP j. Auditor must express an opinion Sally Jones did not follow GAAS while conducting the audit for Dale Boucher owner of a small electronics firm. 1. Jones did not place auditors that had adequate experience to perform the audit. 2. Jones did not supervise the auditors she put in place. 3. Jones did not take the time to understand the entity and its environment. 4. Jones did not take any time to understand the company’s internal controls. 5. The report Jones prepared did not state that the audit was in accordance with GAAP. 2-25 A. The client in this case changed depreciation...

Words: 304 - Pages: 2

Premium Essay

Auditing

...Audit and Assurance Services Chapter 1 1 Learning Objectives 1. What is auditing?  Distinguish between auditing and accounting.  Importance of auditing in reducing information risk. 2. Distinguish audit services from other assurance and non-assurance services provided by CPAs. 3. Three main types of audits. 4. How to become a CPA?  Identify the primary types of auditors. 2  What is auditing? Evaluating 3 Nature of Auditing Auditing is the accumulation and evaluation of evidence about information to determine and report on the degree of correspondence between the information and established criteria. Auditing should be done by a competent, independent person. 4 Audit Reporting -- (Expressing Opinions) The final stage in the auditing process is preparing the Audit Report, which is the communication of the auditor’s findings to users. 5 Information and Established Criteria To do an audit, there must be information in a verifiable form and some standards (criteria) by which the auditor can evaluate the information. 6 Accumulating Evidence and Evaluating Evidence Evidence is any information used by the auditor to determine whether the information being audited is stated in accordance with the established criteria. Transaction data Client inquiry Written and electronic Communications with outsiders Observations 7 Competent, Independent Person The auditor must be qualified...

Words: 2208 - Pages: 9

Premium Essay

Auditing

...Auditing Auditing is considered an efficient and self-governing inspection of the performances, operations, data, statements and records of a company for its stated determination. As with any audit the auditor is required to recognize the different proposals before his or her examination, the collection of evidence, and the evaluation of his or her findings. Auditors can be either internal or external auditors of financial statements. An external auditor is considered as an independent auditor which is engaged through the use of a client to determine his or her opinion in the financial statements of a company. Furthermore, if the company is a publicly traded company, the external auditor would also have to express his or her opinions on the internal controls of the company. An internal auditor however, is an employee who is employed by the company which he or she audits. According to "Cornell University" (2007), “Internal Auditors' roles include monitoring, assessing, and analyzing organizational risk and controls; and reviewing and confirming information and compliance with policies, procedures, and laws” (Who are internal auditors?). Although the accuracy of the financial statements relies on the accountability of management of the organization, all auditors has the responsibility to express his or her opinions of the financials of the organization. Furthermore, the auditor has a responsibility to his or her profession to comply with all standards recognized...

Words: 307 - Pages: 2

Premium Essay

It on Auditing

...REFLECTION PAPER ON “THE IMPACT OF EMERGING INFORMATION TECHNOLOGY ON AUDITING” In our modern world today, everything is possible... Everything is faster. But based on this fact, do we really know the influence of evolving “Information Technology” on our society specifically in the dynamics of businesses nowadays? To respond with this, IT has affected many sectors or aspects especially auditing. Audit is an evaluation of a person, organization, system, process, enterprise, project or product to enable the auditor to express an opinion whether the financial statements are prepared, in all material respects, is in accordance with the applicable financial reporting framework. The use of computers in the process of auditing is what we called “Accounting Information System” which is wildly by the auditors today. In a business context, information technology (IT) is defined as "the study, design, development, application, implementation, support or management of computer-based information systems". The prompt growth in information technology (IT) competencies and the longing of businesses of all sizes to obtain competitive advantage have led to a dramatic increase in the use of IT systems to make, process, store and communicate information. Today, employees at all levels use IT systems in their daily activities. Electronic records have replaced traditional paper documents. In fact, there are few companies that don’t rely on IT to at least some extent to achieve their financial...

Words: 614 - Pages: 3

Premium Essay

Auditing

...associated with professionally standard auditing (Olagunju, 2011, pp.85). In other to maintain the utmost standard for the accounting profession, independence is seen as being free from control or pressure and not allowing situations which would tend to weaken objectivity or create personal preconceived notions (Porter and Simon et al., 1996). Audit improves the trustworthiness of the financial statements giving it sensible assertion from an independent source that the financial statements is true and fair in agreement with accounting standards (Olagunju, 2011, pp.85-86). The next section of this essay provides detailed information on how value is added to the financial statement when the auditors’ audit with independence whilst appraising how the accounting profession has or is reacting to auditor independence. While the last section will evaluate the risks or threats to independence and explain ways of mitigating identified risks. Value of Independent Auditing on Financial Statements The significance of audit services will be impaired when independence is absent (Sweeney, 1992); therefore, an uncompromised independence gives a better quality audit to the financial statements (Baber et al., 1995). In addition, if an auditor is independent, the motivation to do a better audit is not undermined as the auditor will report misstatements (Pike, 2003). Stewart (1994) in Porter and Simon et al., (1996), likened independence to the “corner stone of auditing”. This means if the auditors are...

Words: 2487 - Pages: 10

Premium Essay

Auditing

...independent auditor is asked to express an opinion on the fair presentation of financial statements? 1) It is difficult to prepare financial statements that fairly present a company’s financial position, operations, and cash flows without the expertise of an independent auditor. 2) It is management’s responsibility to seek available independent aid in the appraisal of the financial information shown in its financial statements. 3) The opinion of an independent party is needed because a company may not be objective with respect to its own financial statements. 4) Itisacustomarycourtesythatallstockholdersofacompanyreceiveanindependent report on management’s stewardship of the affairs of the business. B. Independent auditing can best be described as 5) A branch of accounting. 6) Adisciplinethatatteststotheresultsofaccountingandotherfunctionaloperations and data. 7) A professional activity that measures and communicates financial and business data. 8) A regulatory function that prevents the issuance of improper financial information. C. Which of the following professional services is an attestation engagement? 9) A consulting service engagement to provide computer ­ processing advice to a client. 10) An engagement to report on compliance with statutory requirements. 11) An income tax engagement to prepare federal and state tax returns. 12) The preparation of financial statements from a client’s financial...

Words: 2888 - Pages: 12

Premium Essay

Auditing

...Questions for Midterm Exam 1) A measure of how willing the auditor is to accept that the financial statements may be materially misstated after the audit is completed and an unqualified opinion has been issued is the: A) inherent risk. B) acceptable audit risk. C) statistical risk. D) financial risk. Answer: B 1) بمقياس لمدى رغبة مراجع الحسابات أن تقبل أن البيانات المالية قد يمكنه ماديا بعد اكتمال عملية المراجعة وقد تم إصدار رأي غير متحفظ: A) المخاطر الكامنة. ب) مخاطر المراجعة مقبولة. ج) خطر الإحصائية. د) خطر المالية. جواب: ب 2) A measure of the auditor's assessment of the likelihood that there are material misstatements in an account before considering the effectiveness of the client's internal control is called: A) control risk. B) acceptable audit risk. C) statistical risk. D) inherent risk. Answer: D بمقياس 2) لتقييم مراجع الحسابات لاحتمال أن هناك الأخطاء المادية في حساب قبل النظر في فعالية الرقابة الداخلية للعميل ويسمى: A) التحكم في المخاطر. ب) مخاطر المراجعة مقبولة. ج) خطر الإحصائية. مد) المخاطر الملازمة. جواب: D 3) When inherent risk is high, there will need to be: عند عالية المخاطر الكامنة، هناك حاجة إلى أن تكون: A) |A lower assessment of audit risk |More evidence accumulated by the auditor | |إجراء تقييم أقل من مخاطر المراجعة |المزيد من الأدلة المتراكمة لدى المراجع | |Yes |Yes...

Words: 8950 - Pages: 36

Premium Essay

Auditing

...March 2012 This Auditing and Assurance Bulletin has been prepared by Auditing and Assurance staff. It has not been issued under the authority of the Auditing and Assurance Standards Board (AASB). This Auditing and Assurance Bulletin is intended to help raise practitioners’ awareness in a timely manner of significant new or emerging issues or other noteworthy circumstances related to engagements addressed by the AASB pronouncements. It is also meant to direct practitioners to relevant requirements, application and other explanatory material in the CICA Handbook – Assurance. auditing and assurance FOR PUBLIC ACCOUNTANTS PERFORMING AUDIT AND REVIEW ENGAGEMENTS BULLETIN Staff contact Chi Ho Ng, CA, CPA(IL), MBA Principal Auditing and Assurance Standards Department 277 Wellington Street West Toronto, ON M5V 3H2 Tel: (416) 204-3443 E-mail: chiho.ng@cica.ca Fax : (416) 204-3408 Auditing Considerations in an Uncertain Economic Environment Uncertainties in the current economic environment There is a possibility that the Canadian economy may weaken in the near term. This has been noted in various sources, including the economic forecast for Canada issued by the Organization for Economic Co-operation and Development. Heightened risks from renewed financial-market turmoil linked to the European sovereign debt crisis and high levels of household indebtedness are eroding consumer confidence. In January 2009, staff of the Auditing and Assurance Standards Board (AASB) issued...

Words: 7297 - Pages: 30

Premium Essay

Auditing

...Corporate governance heavily refers to the whole structure of rights, processes and controls established internally and externally over the management of a business entity with the objective of protecting the interests of its stakeholders from any type of loses incurring. To begin with, firstly there are three types of auditors in the corporate governances, internal, external and government auditors. The role of the internal auditors in the corporate governance is to evaluates corporate activities, controls or procedures and ensures that they are adequate and in compliance with senior management's recommendations and human resources guidelines. An internal audit also helps a firm adhere with regulatory standards and industry practices.An internal auditor evaluates a firm's processes, "controls" and mechanisms to ensure that they are "adequate" and "functional". A control is a group of instructions that top management puts into place to avoid losses due to human error, technology breakdowns or fraud. A "functional" control provides corrections to internal problems. A control is "adequate" when it clarifies instructions for job performance and problem reporting. An auditor also ensures that a firm's activities and controls abide by government mandates or industry regulations. (Codjia, 2013) Moreover the role and responsibility of an external auditor is to provide assurance to the general public regarding the truth and fairness of the information presented in the audited reports...

Words: 2531 - Pages: 11

Premium Essay

Auditing

...Kristin Bamberger Business Risk and Auditing Regis University Auditing Principles June 28, 2014 Business Risk and Auditing In the eyes of the average person auditing is a very black and white business as is all aspects of accounting. However, neither of these are as cut-and-dry as people would like to think. Auditors, as many people assume, are not always looking for fraud. Their main purpose in auditing is to ensure the financial statements comply with Generally Accepted Accounting Principles (GAAP). Auditing is as much for external users as it is for internal users. It is important for internal users because they can ensure they are complying with many of the GAAP laws. For external users auditing allows them to make educated decisions on which companies to invest in and they can see both business risk and audit risk. For any given auditing firm they will evaluate a potential client before actually committing to doing an audit. Auditors are looking at business risk and are always aware of audit risk. These two terms are glaringly different and yet go hand-in-hand for auditors. Many people think that business and audit risk are all about fraud, however, audit risk is more about legally protecting the auditing firm and the CPA’s while business risk is about protecting people that may invest or lend money to a business. Fraud is not actually a large part of auditing because auditing is looking at internal controls, and if a company has strong internal controls they...

Words: 1837 - Pages: 8

Premium Essay

Auditing

...organisations has created the need for a specialist in various business controls: the internal auditor. We can understand better the nature of internal auditing today if we know something about the changing conditions in the past and the different needs these changes created. What is the earliest form of internal auditing and how did it come into existence? How has internal auditing responded to changing needs? As the operations of an organisation become more voluminous and complex, it is no longer practicable for the owner or top manager to have enough contact with all operations to satisfactorily review the effectiveness of performance. These responsibilities need to be delegated. The Development of the Profession of Internal Auditing Internal auditing has evolved from accounting-oriented to a management-oriented profession. At one time, internal auditing functioned as a junior to the independent accounting profession, and attesting to the accuracy of financial matters was the profession's main concern. Now internal auditing has established itself with a far broader focus. Modern internal auditing provides services that include the examination and appraisal of controls, performance, risk and governance throughout public and private entities. Financial matters represent only one aspect of the purview of internal auditing. Requirement to have Internal Audit Activity In January 2004, the US Securities and Exchange Commission (SEC) had approved new rules proposed...

Words: 6115 - Pages: 25

Premium Essay

Auditing

...CHAPTER 2 OVERVIEW OF AUDITING I. Review Questions 1. One definition of auditing is that it is a systematic process by which a competent, independent person objectively obtains and evaluates evidence regarding assertions about economic actions and events to ascertain the degree of correspondence between those assertions and established criteria and communicating the results to interested users. The Philippine Standards on Auditing (PSA) 120 “Framework of Philippine Standards on Auditing” states the objective of an audit as follows: “The objective of an audit of financial statements is to enable the auditor to express an opinion whether the financial statements are prepared in all material respects, in accordance with an identified financial reporting framework.” 2. This apparent paradox arises from the distinction between the function of auditing and the function of accounting. The accounting function is the process of recording, classifying and summarizing economic events to provide relevant information to decision makers. The rules of accounting are the criteria used by the auditor for evaluating the presentation of economic events for financial statements and he or she must therefore have an understanding of generally accepted accounting principles (GAAP), as well as generally accepted auditing standards (GAAS). The accountant need not, and frequently does not, understand what auditors do, unless he or she is involved in doing audits, or has been trained...

Words: 2252 - Pages: 10