Welcome to GHP Horwath

Industries

Services

Firm Information

News

Events

Careers

Global Network

Industries

Distribution, Manufacturing
& Retail

Energy & Utilities

State and Local Government

Healthcare

Hospitality

Not-For-Profit

Other Industries

Professional Services

Real Estate

Technology

Services

Accounting & Audit

Financial Staffing

Investment Advice
& Management

Hospitality Consulting

International Services

Litigation Support Services

Merger & Acquisition Services

Personal Financial Planning

Sarbanes-Oxley

Specialty Services

Tax Services

Valuation Services

Firm Information

Horwath International

Newsletters

Partnerships & Alliances

Team Members

The GHP Financial Group

News

Events

Careers

Global Network

Section 404 - other planning considerations

Period-End Reporting Process

The period-end financial reporting process is ALWAYS a significant process because of its importance to financial reporting. Understanding how this process relates to the company’s other significant processes will assist management (and the external auditor) in identifying and testing controls that are most relevant to the company’s financial statement risks.

The period-end financial reporting process includes the following:

The processes used to enter transaction totals into the general ledger
The procedures used to initiate, authorize, record, and process journal entries into the general ledger
Other procedures used to record recurring and nonrecurring adjustments to the annual and quarterly financial statements, such as consolidating adjustments, reporting combinations and classifications
Procedures for drafting annual and quarterly financial statements and related disclosures

Management should evaluate the following items:

The extent that information technology is involved in each process element
The inputs, procedures performed, and outputs of the processes the company uses to produce its annual and quarterly financial statements
Who performs the process and who participates from management
Number of locations involved
Types of adjusting entries recorded

Standard or non-standard
Eliminating
Consolidating

The nature and extent of the oversight process by appropriate parties, including management, the board of directors and the audit committee

Due to the periodic nature of financial statement preparation, especially year-end financial information, the company should not wait until the end of their fiscal year to test these controls. If controls over the financial reporting process (including footnote disclosure) are found to be deficient, the deficiency will likely be classified as a material weakness.

Accounting Estimates, Judgments and Assumptions

In preparing financial information, management is often required to use estimates, judgments and assumptions that affect the reported amounts of assets, liabilities, disclosure of contingent assets and liabilities, and recognition of revenue and expenses. These items are often significant to the financial statements.

Examples of estimates and judgments include:

Tax accruals
Pension liabilities
Establishment/maintenance of reserves or allowances
Impairments
Other accruals and contingencies (legal, worker’s compensation, environmental, etc.)
Valuations

The methodology supporting such estimates, judgments and assumptions must be defined, documented and periodically reviewed by the company.

Effect of Mergers and Acquisitions

Newly acquired entities may be initially excluded from the assessment of internal control over financial reporting, where it is not possible to conduct an assessment between the purchase date and the date of management’s report. This period cannot extend beyond one year from the acquisition date and the exclusion must be disclosed in management’s and the auditor’s report.

New acquisitions bring new risks and integration issues to the company. Management should develop a plan to incorporate newly acquired entities into the company’s system of internal control over financial reporting as soon as possible after their acquisition date. Many companies are evaluating internal controls as part of their due diligence on potential acquisition candidates.

Use of Work of Others by Management and External Auditors

In an effort to reduce costs, the company may seek to rely on some of the work performed by third parties and external auditors. The use of the work of third parties by management is covered in Update #5. The company may not use the work of the external auditor in conducting their assessment of internal control over financial reporting. However, external auditors, under certain circumstances may use selected work of management in the auditor’s assessment. Auditors are required to understand the results of testing by management, and others under the direction of management, and evaluate whether or not to use the results. Auditors are prohibited from relying on the work in certain areas, including (but not necessarily limited to), performing tests of controls in the control environment and performing walkthroughs for each major class of transactions. These areas are deemed to be too important to the auditor in obtaining an understanding of the system of internal control.

When the auditor intends to rely on/use the work performed by management (or others under their direction), they must test the work performed by management including (1) re-performing some of the tests made by management and (2) testing similar controls. The nature of the tests depends on the effect of work by others, but should be sufficient for the auditor to make a determination about the overall quality, competence and objectivity of the individuals performing the original test. Factors to evaluate in the individuals performing the original test include:

Education level and experience
Professional certification
Work assignment practices
Supervision and review of work product
Quality of the documentation of their work, including any reports or recommendations issued
Performance evaluations
Objectivity of individuals performing tests
Policies allowing individuals to maintain objectivity

Updates are designed to provide highly summarized information regarding general Sarbanes-Oxley and PCAOB Auditing Standard No. 2 information and are not intended to be a substitute for any official publication. Please refer to the original source documents and other authoritative guidance provided by the SEC, PCAOB and others for more detailed information on these subjects.

Sarbanes-Oxley Section 404 Update #7
Other Planning Considerations-Documentation
Attachment #1

Documentation of the design of controls provides some supporting evidence that the controls have been identified, communicated and are capable of being monitored by the company. Documentation also provides a foundation for communication concerning responsibilities for performing, evaluating and monitoring controls as required under the audit of internal control.

Management Documentation

At a minimum, management must document the following items:

The design of controls over all relevant assertions related to all significant accounts and disclosures in the financial statements. The documentation should include the five components of internal control over financial reporting.
Information about how significant transactions are initiated, authorized, recorded, processed and reported.
Sufficient information about the flow of transactions to identify the points at which material misstatements due to error or fraud could occur.
Controls designed to prevent or detect fraud, including who performs the controls and the related segregation of duties
Controls over the period-end reporting process
Controls over the safeguarding of assets
The results of management’s testing and evaluation.

The form of documentation is not specified in PCAOB Auditing Standard No. 2 and may take several forms. Form and content will vary, based on the size, nature and complexity of the company.

Inadequate documentation of the design of controls over relevant assertions related to significant accounts and disclosures is a deficiency, which would likely be considered a significant deficiency or material weakness in the company’s internal control over financial reporting. Inadequate documentation could also cause the auditor to conclude that there is a limitation on the scope of the engagement.

Walkthroughs

During the documentation process, management should perform walk-throughs of each major class of transactions. This process involves following a transaction from origination through the company’s information systems to its presentation in the financial reports. This provides evidence regarding:

Confirming the understanding of the process flow of transactions
Confirming the understanding of the design of controls identified for the 5 components of internal control
Evaluation the effectiveness of design of controls
Confirming whether the controls have been placed in operation

Walkthroughs should encompass the entire process for an individual transaction and related controls. This includes the areas of:

Initiating
Authorizing
Recording
Processing
Reporting

Where important processing procedures or controls occur, inquiries should be made of individuals performing duties with regard to their understanding of what is required by the process/control and if the control is being performed timely and as originally understood.

Updates are designed to provide highly summarized information regarding general Sarbanes-Oxley and PCAOB Auditing Standard No. 2 information and are not intended to be a substitute for any official document. Please refer to the original source documents and other authoritative guidance provided by the SEC, PCAOB and others for more detailed information on these subjects.