Section D Risk Assessment, Controls and Risk Management set higher for a determination that the control is operating effectively than it is for a determination that the control is not operating effectively. 7) Evaluate identified deficiencies. For each control deficiency that the auditor becomes aware of, the auditor must evaluate its severity. The purpose of this evaluation is to determine whether the deficiency, either alone or in combination with other deficiencies, represents a material weakness. The severity of a deficiency depends on (1) whether there is a reasonable possibility that the companys controls will fail to prevent or detect a misstatement of an account balance or disclosure; and (2) the magnitude, or size, of the potential misstatement resulting from the deficiency or defi ciencies. Indicators of material weakness include • Identification of fraud, whether or not material, on the part of senior management; • Restatement of previously issued financial statements in order to correct a material miss • Identification by the auditor of a material misstatement of financial statements in the cu .... • Ineffective oversight by the companys audit committee over the companys external fi tatement; rent period, if the circumstances of the misstatement indicate that it would not have been detected by the companys internal control over financial reporting; and nancial reporting and over its internal control over financial reporting. SEC Release 33-8810 SEC Release 33-8810, the guidance for management in assessing its internal control over financial reporting, also contains information about how a risk-based, top-down approach to assessing internal control over financial reporting (abbreviated as ICFR in the release) should be performed. Since internal auditors assist management in this assessment, this is information for them as well. The guidance includes: 1) Identify financial reporting risks and controls. Management should evaluate whether it has implemented controls that will achieve the objective of ICFR. That objective is to provide reasona ble assurance regarding the reliability of financial reporting. The evaluation begins with the identification and assessment of the risks to reliable financial report ing, including changes in those risks. Reliable financial reporting is considered to be materially accurate financial statements. Management then evaluates whether it has controls placed in op eration that are designed to adequately address those risks. Management should consider the companys entity-level controlsw in both its assessment of risks and in identifying which controls adequately address the risks. a. Identify financial reporting risks. Management should identify those risks of misstatement that could, individually or in combination with others, result in a material misstatement of the fi nancial statements. Usually, this identification of financial reporting risks should begin with evaluating how the requirements of GAAP apply to the companys business, operations and transactions. Internal and external risk factors that impact the business, including any changes in those risks, may give rise to a risk of misstatement. Risks of misstatement may also arise from sources such as the initiation, authorization, processing and recording of transactions and other adjustments that are reflected in financial reporting elements. W Recall that entity-level controls include: (1) controls related to the control environment; (2) controls over management override; (3) the companys risk-assessment process; (4) centralized processing controls; (5) controls to monitor results of operations; (6) controls to monitor other controls; (7) controls over the period end financial reporting process; and (8) poliCies that address significant business control and risk manage ment practices. 317 Risk Assessment, Controls and Risk Management CMA Part 1 b. Identify controls that adequately address the identified financial reporting risks. Man c. Consideration of entity-level controls. Management must evaluate whether it has the entity d. Role of Information Technology general and application controls. x Controls that address e. Evidential matter to support the assessment. The design of the controls management has Management may find it useful to consider what could go wrong within a financial reporting element. This can help to identify the sources and the potential likelihood of misstatements and then to identify which of those sources could result in a material misstatement of the financial statements. Managements evaluation of the risk of misstatement should include consideration of how vulner able the company is to fraudulent activity and whether the exposure could result in a material misstatement of the financial statements. Fraudulent activity includes (1) fraudulent financial reporting, (2) misappropriation of assets and (3) corruption. agement should evaluate whether it has placed in operation controls that adequately address the companys financial reporting risks. The determination of whether an individual control, or a combination of controls, adequately addresses a particular financial reporting risk involves judgments about whether the controls, if operating properly, can effectively prevent or detect misstatements that could result in material misstatements in the financial statements. Preventive controls, detective controls, or a combination of both may adequately address financial reporting risks. If management determines that a deficiency in ICFR exists, the deficiency must be evaluated to determine whether a material weakness exists. level controls in place that are necessary for an effective system of internal control. This would include considering whether the following are adequate to achieve an effective system of internal control: controls related to the control environment; controls over management override; the entity-level risk assessment process and monitoring activities; and the policies that address sig nificant business control and risk management practices. Entity-level controls may be designed to operate at the process, application, transaction or ac count level. They need to operate at a level of precision that would adequately prevent or detect on a timely basis misstatements in one or more financial reporting elements that could result in a material misstatement of the financial statements. financial reporting risks may be automated, dependent upon IT functionality, or they may be a combination of both manual and automated procedures. When controls are automated, evalua tion of them needs to consider the design and operation of the automated or IT-dependent application controls as well as the general IT controls over the applications that provide the IT functionality. IT general controls alone ordinarily do not adequately address financial reporting risks. However, the proper operation of automated controls or IT functionality often depends upon effective IT general controls. The identification of risks and controls within IT should be an integral part of managements top down, risk-based approach to identifying risks and controls and in determining what evidence is needed to support its assessment of its ICFR. placed in operation to adequately address the financial reporting risks should be documented. This is an integral part of maintaining reasonable support for managements assessment. x See the next section Systems Controls and Security Measures for an indepth discussion of general controls and application controls. 318 Section D Risk Assessment, Controls and Risk Management 2) Evaluate evidence of the operating effectiveness of ICFR. Evaluation of the operating effec tiveness of a control considers whether the control is operating as designed and whether the person performing the control possesses the necessary authority and competence to perform the control ef fectively. Management should focus its evaluation of the operation of controls on areas that pose the highest ICFR risk. Managements assessment of ICFR risk also should consider the impact of entity level controls, such as the relative strengths and weaknesses of the control environment, which may influence managements judgments about the risks of failure for particular controls. Evidence about the effective operation of controls can come from direct testing of controls and also from on-going monitoring activities. In determining whether the evidence obtained is sufficient to provide a reasonable basis for its evaluation of the operation of ICFR, management should consider not only the quantity of evidence (for example, sample size), but also the qualitative characteristics of the evidence. The qualitative characteristics of the evidence include the nature of the evaluation procedures performed, the period oftime to which the evidence relates, the objectivity of those eva luating the controls, and, in the case of on-going monitoring activities, how much validation has been done through direct testing of underlying controls. a. Determine the evidence needed to support the assessment. This evaluation should consid er the characteristics of the financial reporting elements to which the controls relate and the characteristics of the controls themselves. The risk of misstatement and the risk of control failure should be evaluated on a scale like the following, which considers both the misstatement risk of the financial reporting element and the risk of a control failure, to determine whether more evi dence or less evidence will be required to support the assessment: Misstatement Risk of Financial Re porting Element High Medium More Evidence Low Less Evidence Risk of Control Failure Medium High Managements consideration of the likelihood that a control might fail to operate effectively in cludes, among other things: • The type of control (manual or automated) and the frequency with which it operates; • The complexity of the control; • The risk of management override; • The judgment required to operate the control; • The competence of the personnel who perform the control or monitor its performance; • Whether there have been changes in key personnel who either perform the control or monitor its performance; • The nature and materiality of misstatements that the control is intended to prevent or detect; • The degree to which the control relies on the effectiveness of other controls (for example, IT general controls); and • The evidence of the operation of the control from prior year(s). 319 Risk Assessment, Controls and Risk Management CMA Part 1 b. Implement procedures to evaluate evidence of the operation of ICFR. Management c. Evidential matter to support the assessment. Managements assessment must be supported should use its assessment of ICFR risk to determine the evaluation methods and procedures that will be needed to obtain sufficient evidence. The evaluation methods and procedures may be in tegrated with the daily responsibilities of its employees or implemented specifically for purposes of the ICFR evaluation. The evidence management evaluates comes from direct tests of controls, on-going monitoring, or a combination of both. Direct tests of controls are tests ordinarily performed on a periodic basis by objective individu als. Direct tests provide evidence as of a point in time and may provide information about the reliability of on-going monitoring activities. On-going monitoring includes managements nor mal, recurring activities that provide information about the operation of controls. When ICFR risk is assessed as high, the evidence management obtains would ordinarily consist of direct testing performed by individuals who have a higher than usual degree of objectivity rela tive to the controls being tested. When ICFR risk is assessed as low, management may conclude that evidence from on-going monitoring is sufficient and that no direct testing is required. by evidence that provides reasonable support for its assessment. The nature of the evidential matter may vary based on the assessed level of ICFR risk of the underlying controls and other Circumstances, as stated above. Reasonable support for an assessment would include the basis for managements assessment, including documentation of the methods and procedures it used to gather and evaluate the evi dence. The evidential matter constituting reasonable support for managements assessment would also ordinarily include documentation of how management formed its conclusion about the effectiveness of the companys entity-level and other pervasive elements of ICFR that its applica ble framework describes as necessary for an effective system of internal control. 3) Multiple location considerations. Managements consideration of financial reporting risks general ly should include all of its locations or business units. Management may determine that financial reporting risks are adequately addressed by controls which operate centrally. In that case, the eval uation approach is similar to that of a business with a single location or business unit. However, if the controls necessary to address financial reporting risks operate at more than one location or busi ness unit, management should generally evaluate evidence of the operation of the controls at each individual locations or business units. 4) Evaluate control deficiencies. In order to determine whether a control deficiency, or combination of control deficiencies, is a material weakness, management should evaluate the severity of each control deficiency that comes to its attention. Top-Down Approach Versus Bottom-Up Approach In contrast to the top-down, risk-based approach, an auditor who approaches the audit of internal controls from the bottom up would focus first on performing detailed tests of controls at the process, transaction, and application levels. It is important for the auditor to use a top-down approach, because when the auditor uses a bottom-up process, he or she often spends more time and effort than is necessary to complete the audit. Furthermore, when an auditor takes a bottom-up approach, the auditor may spend relatively little time testing and evaluating entity-level controls but may rely almost exclusively on detailed tests of controls over individual processes, transactions and applications. Spending more effort than is necessary in lower-risk areas can diminish the effectiveness of the audit because it may prevent a higher-risk area from receiving the audit attention that it should receive. A top-down approach ensures that the controls that address the assessed risk of misstatement to each relevant assertion are tested. If a bottom-up approach is used, those controls that address the risk of a material misstatement may not be tested. 320 Section D Risk Assessment, Controls and Risk Management What Internal Control Can and Cannot Do As a conclusion to internal controls, it is important that we remember what can be expected of internal control and what internal control cannot do. Internal controls can help: • An organization get to where it wants to go, avoiding pitfalls and surprises along the way; • An organization achieve its performance and profitability goals and prevent loss of resources; • Ensure reliable financial reporting; and • Ensure that the organization complies with laws and regulations. However, internal controls cannot provide a guarantee for the company. The COSO report warns against promoting internal control as a guarantee that the entity will achieve its financial reporting, operational, and compliance objectives. Internal control has limitations including simple human error or faulty judgments; and controls can be circumvented through collusion and well-planned fraud. Connected to this, internal control can provide only reasonable assurance to management and the board of directors regarding achievement of the entitys objectives. Furthermore, internal controls must be evaluated in terms of the cost-benefit relationship. The cost of the operations of the controls should be less than the benefit that is derived from them. This will lead to some controls not being implemented and a company accepting some amount of risk simply because the cost of the necessary controls (in time, money, or both) are too great. 321 Internal Auditing CMA Part 1 Internal Auditing Having looked at Internal Control, we will now turn our attention to Internal Auditing. Definition of Internal Auditing Internal auditing has undergone major changes in the past few decades and has come to include areas of expertise and use outside of strictly financial and accounting matters. This growth of the role and expectations of internal auditors has led to the development of internal auditing as a profession. The Institute of Internal Auditors, the professional organization of internal auditors, has defined the fundamental purpose, nature, and scope of internal auditing as: an independent, objective assurance and consulting activity designed to add value and improve an organizations operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. An effective internal audit function provides to management and the audit committee a means of monitoring the reliability of financial reporting and the organizations control over operations. The monitoring of control over operations includes the effectiveness and efficiency of operations and the organizations compliance with applicable laws and regulations. The functional areas of internal auditing are similar to the functional areas of internal control. Recall that internal control is a process that is designed to provide reasonable assurance that the companys objectives in effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations will be achieved. Internal auditing services contribute to the achievement of these internal control objectives by providing monitoring services for the controls over them. And achieving the organizations internal control objectives contributes to the organizations achieving its strategic objectives. Therefore, auditing services fall into three fundamental categories: 1) Operational - reviewing the various functions within the organization in order to appraise the efficiency and economy of operations and the effectiveness with which the functions achieve their ob jectives. 2) Financial - reviewing the economic activity of the organization as it is measured and reported by accounting methods. 3) Compliance - reviewing both financial and operating controls and transactions to determine wheth er they conform to laws, standards, regulations and procedures. Based on the recommendations of the IIA, within these three functional areas, the scope of internal auditing work encompasses: a systematic, disciplined approach to evaluating and improving the adequacy and effec tiveness of risk management, control and governance process and the quality of performance in carrying out assigned responsibilities. The purpose of evaluating the adequacy of the organizations existing risk management, control, and governance process is to provide reasonable assurance that these processes are functioning as intended and will enable the organizations objectives and goals to be met, and to provide recommendations for improving the organizations operations, in terms of both efficient and effective performance. Senior management and the board might also provide general direction as to the scope of work and the activities to be audited. The adequacy of risk management, control, and governance processes is present if management has planned and designed for these items in a manner that provides reasonable assurance that the organizations objectives and goals will be achieved efficiently and economically. 322 Section D Internal Auditing Responsibilities of the Internal Auditing Function In addition to the internal development that has taken place within the profession, internal auditing has grown because of the general expectation for public companies to have an internal audit function and an audit committee composed of non management directors. The internal audit function should encompass every part of the organizations operations, and to this end it should have unlimited access to the companys documents, records or properties. While what the internal audit function does is great in scope, there is a very specific limit to their responsibilities. The responsibility of the internal auditor is to review and appraise policies, procedures, plans and records for the purpose of informing and advising management. However, internal auditors do not have any authority or responsibility over operating activities. If they had this responsibility, it would impair any independence and objectivity the internal auditors may have in working in these areas because they would in essence be auditing themselves. The responsibility of internal audit ends with the making of recommendations. Auditors should have no authority over or responsibility for the activities they audit or the implementation of their recommenda tions. It is the responsibility of the board or management to implement the recommendations brought to them by the internal auditors. The practice of internal auditing is governed by the International Standards for the Professional Practice of Internal Auditing (hereinafter called Internal Auditing Standards) promulgated by the Institute of Internal Auditors. Internal auditors can also draw guidance from auditing standards for independent, external auditors. In the U.S., these include the AI CPAs Auditing Standards and the PCAOBs Auditing Standards. Internal Auditors and the Internal Control System As we saw in the section on Internal Control, it is the companys management - including the board of directors - who is responsible for the organizations internal control. In order to assist management in the fulfillment of this responsibility, internal auditors are utilized to monitor the performance of the organiza tions internal control systems. Thus, internal auditing has developed to assist management in carrying out its monitoring responsibili ties in an effective and efficient manner. The objective of internal audit is to promote effective monitoring of control activities at a reasonable cost. Internal auditors responsibilities with respect to the internal control system include: o Evaluation of the adequacy and effectiveness of the control system in a systematic and thorough manner. o Testing individuals compliance with controls to determine whether poliCies and procedures estab lished by management are being followed, i.e., the quality of performance in carrying out assigned responsibilities. o Examination and evaluation of the reliability and integrity of financial and operating information and the means used to identify, measure, classify and report it. o Reviewing systems that impact operations and reports to determine whether the organization is in compliance with poliCies, plans, procedures, and regulations. o Examination and evaluation of the effective and efficient use of an entitys resources. o Reviewing the means used to safeguard assets and verifying the existence of those assets as appro priate. o Furnishing analyses, appraisals, recommendations, counsel and information concerning activities reviewed to the management of the organization in order to assist them in the effective discharge of their responsibilities. 323 Internal Auditing CMA Part 1 The Organizational Status of the Internal Audit Function For the internal audit function to accomplish all of these varied responsibilities, it must have the necessary status within the organization. This means it must have adequate authority and freedom to carry out the activities that need to be accomplished. The internal audit function should report to the board of directors through the audit committee. This reporting function should include support from the board. The internal auditors need to be supported by both the audit committee and the board in order to make sure that those who are audited cooperate with the internal auditors. The support of the board and audit committee will demonstrate that the work being done by the internal auditors is viewed as important for the organization. Along with the correct level of organizational status, the internal audit department must also have organizational independence. This means that the internal audit function should not have any direct relationships with the various departments it will be auditing. Reporting directly to the board of directors achieves this organizational independence. Note: It is important that internal auditors remain detached from the items that they are auditing or reviewing so that they will be able to carry out their duties to management. Therefore, after a person joins internal audit, that person should not audit the area he came from for a reasonable amount of time. The IIA recommends this reasonable time to be a minimum of one year. Question 170: Which of the following statements represents the most important benefit that the internal audit department provides to management? a) Assurance that the organization is in compliance with legal requirements. b) Assurance that fraudulent activities will be detected quickly. c) Assurance that there is reasonable control over day-to-day operations. d) Assurance that external financial statements are correct. (CMA Adapted) Question 171: Management has requested the internal auditing department to perform an operational audit of the telephone marketing operations of a major division and recommend procedures and poliCies for improving management control over the operation. The auditor should: a) Accept the engagement, but indicate to management that recommending controls would impair audit independence so management knows that future audits of the area would be impaired. b) Accept the audit engagement because independence would not be impaired. c) Not accept the engagement because audit departments are presumed to have expertise on accounting controls, not marketing controls. d) Not accept the engagement because recommending controls would impair future objectivity of the department regarding this auditee. (CIA Adapted) 324 Section D Internal Auditing The Difference Between Internal Auditors and External Auditors The external auditors, or independent auditors, perform the financial statement audit. Their responsibili ty is to issue an opinion on the accuracy and fairness of managements assertions regarding the financial statements. The external auditor focuses on the financial accounting system and only those activities that have a direct, material effect upon the financial statements. The external auditors are also responsible for perfonning an audit of managements assessment of the effectiveness of internal control over financial reporting, and this audit is to be integrated with the audit of the financial statements. A CPA firm that is nominated by the board of directors does the external auditing. The external auditors are not employees of the company and they do not have any financial interest in the company. The external auditors objective is to (1) express an opinion on whether the financial statements present fairly, in all material respects, the financial pOSition, results of operations and cash flows of the company, in conformity with generally accepted accounting principles; and (2) express an opinion on whether the companys management has maintained effective internal control over financial reporting. For the opinion on the financial statements, the auditor conducts an independent examination of the accounting data prepared and presented by management and expresses an opinion on them. The auditors report should include an indication of the character of the auditors examination and the degree of responsibility the auditor is taking. The auditors responsibility is a legal one because investors and other users of the financial statements rely on the auditors report, so the auditors report must be reliable. This legal responsibility was increased with the Sarbanes-Oxley Act. The second report, required by the Sarbanes-Oxley Act, is the auditors opinion on whether the companys management has maintained effective internal control over financial reporting. The companys annual report filed with the SEC (incorporated into the annual report to shareholders) must be accompanied by a statement of management that management is responsible for creating and maintaining adequate internal controls. Managements statement must set forth managements assessment of the effectiveness of these controls. The companys independent auditor must report on and attest to managements assessment of the effectiveness of the internal controls. This is considered to be the core responsibility of the auditor and an integral part of the audit report. The auditors opinion states that management is responsible for maintaining effective internal control over financial reporting and for assessing the effectiveness of its internal control over financial reporting; and that the auditors responsibility is to express an opinion on the companys internal control over financial reporting based upon its audit. Guidance for the independent auditor in performing this audit of internal control over financial reporting is contained in the PCAOBs Auditing Standard No. 5. The responsibility of internal auditors, on the other hand, is to compare what is in the company with what should be in the company and report to management their findings. In addition to their findings, the internal auditor develops and communicates suggestions and recommendations for improvement. Internal auditors are employees of the organization they audit. Therefore, they are not referred to as independent auditors, because they are not independent. Despite this, internal auditors must maintain their objectivity, or organizational independence. Objectivity is essentially the same thing as independence in that it means that the internal auditor will act without bias, but the term independent is reserved for the external auditor only. Because of this necessity to maintain objectivity, internal audit should not report administratively to management. Internal audit should be primarily responsible to the board of directors through the audit committee. An audit committee entirely composed of independent, outside directors enhances the internal auditors independence from management. The audit committee should be responsible for supervising the hiring, promotion and compensation of the chief audit executive (the head of the audit department). 325 Internal Auditing CMA Part 1 Despite the fact that internal auditors are distinct from external auditors and that it is the external auditors who will express an opinion on the financial statements, internal auditors do have a responsibility to assist the independent, external auditor in its audits of the organizations financial statements and of the organizations managements control over financial reporting. This assistance would take place only if the independent auditor chooses to use the internal auditors work, after assessing their competence and objectivity as well as the amount of risk associated with the financial statement assertion or the control being tested. Coordination of Work Between Internal and External Auditors Costs of the external audit can be greatly reduced if the external auditor can use the work already done or work performed by internal auditors to assist during the external audits of the financial statements and of managements internal control over financial reporting. However, as referred to above, external auditors must base their justification for reliance on work by internal auditors upon (1) the internal auditors competence and (2) the internal auditors objectivity. If internal auditors are competent, skilled in auditing techniques and have a broad perspective of controls, they can assist the external auditors with the audits of the organization. Competent internal auditors can eliminate the need for some of the work that might otherwise be done by the external auditors. Note: It is important to remember that no matter how competent and objective the internal auditors are, when they are assisting the external auditor, the external auditor will never allow them to assess risk or draw a conclusion. The external auditor will try to use the work that the internal auditors do in areas that do not include great amounts of subjectivity. For example, existence of fixed assets is not something that requires estimates, but the valuation of fixed assets includes large estimates. Therefore, internal auditors can assist more in verifying the existence of fixed assets than they can assist in the valuation of those fixed assets. Work done by internal auditors to test internal financial controls can be valuable to external auditors, subject to the following guidelines: 1) The internal auditors are not to direct the external audits of the organizations financial statements or managements control over financial reporting. 2) Before relying on the work of internal auditors, the external auditors must review and test the work performed by the internal auditors. 3) In the assessment of audit risk and in the performance of the audit, the internal auditor will not make any decisions or conclusions. This is to be done only by the external auditor. 4) The work of the internal and external auditors should be coordinated so as to reduce the amount of duplicate work that is done by both parties. 5) Because the internal auditors are a related party to the company, the external auditor will supervise any work done by the internal auditor as part of the external audit. Question 172: When working with the external auditors in the audit of the financial statements, the internal auditor should : a) Set materiality for their work lower than the materiality set by the external auditor. b) Set materiality for their work higher than the materiality set by the external auditor. c) Be independent of the external auditor. d) Be supervised by the external auditor. (CMA Adapted) 326 Section D Internal Auditing Types of Engagements Internal auditors perform two basic types of services: assurance services and consulting services. Assurance Services Assurance services involve performing an objective examination of evidence for the purpose of providing an independent assessment on governance, risk management, and control processes for the organization. Examples may include financial, performance, audit of financial controls, compliance, system security, and due diligence engagements. They provide an assessment of the reliability and/or relevance of data and operations in specific areas. Assurance services include: Financial Audit The purpose of an internal financial audit is to analyze the economic activity of an entity as measured and reported by accounting methods. It is not the same as the purpose of an independent, external audit of the financial statements. The purpose of the Independent audit is to evaluate the assertions made by management on the organizations financial statements and to issue an opinion on the fairness of the statements. Internal auditors may be able to assist with the independent audit. However, a financial audit performed by an internal auditor is not performed for the purpose of issuing an opinion on the fairness of the financial statements, although the internal auditors may perform many of the same activities. A financial audit performed by the internal audit activity usually is done on one specific area of the organization. Areas where internal auditing evaluations may be used by the independent auditors are evaluations of cash controls, accounts receivable, accounts payable, and other financial activities. Like the independent auditors, the internal auditors will be looking at the financial assertions with the goal of determining whether the assertions can be proved. To review, those assertions are: 1) Existence or occurrence - whether the item represents actual transactions and events, whether assets/liabilities actually exist at a given date and whether recorded transactions have occunred dur ing a given period. 2) Completeness - whether all transactions and accounts that should be presented in the financial statements are included and no material financial information has been omitted. 3) Rights and obligations - whether, at a given date, all assets (rights) actually are the rights of the entity and whether all liabilities (obligations) actually are the obligations of the entity; and whether all material rights and obligations with respect to assets, liabilities and equity accounts have been disclosed. 4) Valuation or allocation - whether the assets, liabilities, revenues and expenses of the entity have been included in the financial statements at the appropriate amounts in conformity with GAAP, i.e., the numbers in the financial statements are materially correct. 5) Presentation and disclosure - whether the financial statement components have been properly classified, described, and disclosed. In other words, whether the format, organization and classifica tion of accounts on the financial statements and disclosures in the accounts, footnotes and accounting policies conform to generally accepted accounting principles.
Posted on: Sat, 23 Nov 2013 07:51:13 +0000
Trending Topics
Recently Viewed Topics
© 2015