The Sarbanes–Oxley Act of 2002 is a United States federal law that mandates certain practices in financial record keeping and reporting for corporations. The act, Pub. L. 107–204 (text)(PDF), 116 Stat. 745, enacted July 30, 2002, also known as the "Public Company Accounting Reform and Investor Protection Act" and "Corporate and Auditing Accountability, Responsibility, and Transparency Act" and more commonly called Sarbanes–Oxley, SOX or Sarbox, contains eleven sections that place requirements on all U.S. public company boards of directors and management and public accounting firms. A number of provisions of the Act also apply to privately held companies, such as the willful destruction of evidence to impede a federal investigation.
An audit is an "independent examination of financial information of any entity, whether profit oriented or not, irrespective of its size or legal form when such an examination is conducted with a view to express an opinion thereon." Auditing also attempts to ensure that the books of accounts are properly maintained by the concern as required by law. Auditors consider the propositions before them, obtain evidence, roll forward prior year working papers, and evaluate the propositions in their auditing report.
A financial audit is conducted to provide an opinion whether "financial statements" are stated in accordance with specified criteria. Normally, the criteria are international accounting standards, although auditors may conduct audits of financial statements prepared using the cash basis or some other basis of accounting appropriate for the organization. In providing an opinion whether financial statements are fairly stated in accordance with accounting standards, the auditor gathers evidence to determine whether the statements contain material errors or other misstatements.
Forensic accounting, forensic accountancy or financial forensics is the specialty practice area of accounting that investigates whether firms engage in financial reporting misconduct, or financial misconduct within the workplace by employees, officers or directors of the organization. Forensic accountants apply a range of skills and methods to determine whether there has been financial misconduct by the firm or its employees.
An audit committee is a committee of an organisation's board of directors which is responsible for oversight of the financial reporting process, selection of the independent auditor, and receipt of audit results both internal and external.
An auditor's report is a formal opinion, or disclaimer thereof, issued by either an internal auditor or an independent external auditor as a result of an internal or external audit, as an assurance service in order for the user to make decisions based on the results of the audit.
An external auditor performs an audit, in accordance with specific laws or rules, of the financial statements of a company, government entity, other legal entity, or organization, and is independent of the entity being audited. Users of these entities' financial information, such as investors, government agencies, and the general public, rely on the external auditor to present an unbiased and independent audit report.
The Public Company Accounting Oversight Board (PCAOB) is a nonprofit corporation created by the Sarbanes–Oxley Act of 2002 to oversee the audits of US-listed public companies. The PCAOB also oversees the audits of broker-dealers, including compliance reports filed pursuant to federal securities laws, to promote investor protection. All PCAOB rules and standards must be approved by the U.S. Securities and Exchange Commission (SEC).
Generally Accepted Auditing Standards, or GAAS are sets of standards against which the quality of audits are performed and may be judged. Several organizations have developed such sets of principles, which vary by territory. In the United States, the standards are promulgated by the Auditing Standards Board, a division of the American Institute of Certified Public Accountants (AICPA).
A going concern is an accounting term for a business that is assumed will meet its financial obligations when they become due. It functions without the threat of liquidation for the foreseeable future, which is usually regarded as at least the next 12 months or the specified accounting period. The presumption of going concern for the business implies the basic declaration of intention to keep operating its activities at least for the next year, which is a basic assumption for preparing financial statements that comprehend the conceptual framework of the IFRS. Hence, a declaration of going concern means that the business has neither the intention nor the need to liquidate or to materially curtail the scale of its operations.
Internal auditing is an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. Internal auditing might achieve this goal by providing insight and recommendations based on analyses and assessments of data and business processes. With commitment to integrity and accountability, internal auditing provides value to governing bodies and senior management as an objective source of independent advice. Professionals called internal auditors are employed by organizations to perform the internal auditing activity.
Audit evidence is evidence obtained by auditors during a financial audit and recorded in the audit working papers.
Internal control, as defined by accounting and auditing, is a process for assuring of an organization's objectives in operational effectiveness and efficiency, reliable financial reporting, and compliance with laws, regulations and policies. A broad concept, internal control involves everything that controls risks to an organization.
Management assertions or financial statement assertions are the implicit or explicit assertions that the preparer of financial statements (management) is making to its users. These assertions are relevant to auditors performing a financial statement audit in two ways. First, the objective of a financial statement audit is to obtain sufficient appropriate audit evidence to conclude on whether the financial statements present fairly, in all material respects, the financial position of a company and the results of its operations and cash flows. In developing that conclusion, the auditor evaluates whether audit evidence corroborates or contradicts financial statement assertions. Second, auditors are required to consider the risk of material misstatement through understanding the entity and its environment, including the entity's internal control. Financial statement assertions provide a framework to assess the risk of material misstatement in each significant account balance or class of transactions.
Auditor independence refers to the independence of the internal auditor or of the external auditor from parties that may have a financial interest in the business being audited. It ensures that auditors do not have any financial interest in the firms in which they are auditing.
An entity-level control is a control that helps to ensure that management directives pertaining to the entire entity are carried out. These controls are the second level to understanding the risks of an organization. Generally, entity refers to the entire company.
The chief audit executive (CAE), director of audit, director of internal audit, auditor general, or controller general is a high-level independent corporate executive with overall responsibility for internal audit.
Regulation S-X is a prescribed regulation in the United States of America that lays out the specific form and content of financial reports, specifically the financial statements of public companies. It is cited as 17 C.F.R. Part 210; the name of the part is "Form and Content of and Requirements for Financial Statements, Securities Act of 1933, Securities Exchange Act of 1934, Public Utility Holding Company Act of 1935, Investment Company Act of 1940, Investment Advisers Act of 1940, and Energy Policy and Conservation Act of 1975".
Whether providing services as an accountant or auditor, a Certified Public Accountant (CPA) owes a duty of care to the client and third parties who foreseeably rely on the accountant's work. Accountants can be sued for negligence or malpractice in the performance of their duties, and for fraud.
Audit planning is a vital area of the [audit], primarily conducted at the beginning of audit process, to ensure that appropriate attention is devoted to important areas, potential problems are promptly identified, work is completed expeditiously and work is properly coordinated. "Audit planning" means developing a general strategy and a detailed approach for the expected nature, timing and extent of the audit. The auditor plans to perform the audit in an efficient and timely manner. In simple words, developing an overall strategy for the effective conduct and scope of the examination.
