1 An Evidential Reasoning Approach to Sarbanes-Oxley Mandated Internal Control Assessment Lili Sun, Rutgers University Rajendra Srivastava, The University.

Slides:



Advertisements
Similar presentations
Internal Control in a Financial Statement Audit
Advertisements

IT Control Objectives for Sarbanes-Oxley Presented by Doug Moore, Jefferson Wells International and Christine Chaney, Continental Airlines.
Chapter 2 The Software Process
Learning Objectives LO1 Describe the conceptual audit risk model and its components. LO2 Explain the usefulness and limitations of the audit risk model.
Systems Documentation Techniques
Clarified ISAs ISA Groups
Audit Guidance Using the Federal Information System Controls Audit Manual (FISCAM) to Achieve Audit Objectives in Financial and Performance Audits Mickie.
McGraw-Hill/Irwin © 2003 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-1 Chapter 7 CHAPTER 7 THE EFFECT OF INFORMATION TECHNOLOGY ON THE AUDIT.
New Audit Risk Standards Are You Ready? John P. Langan, CPA Principal in Charge Public Service Group Metro, DC Office LarsonAllen LLP.
Chapter 10: Auditing the Expenditure Cycle
ProCognis SOX 404 & COSO Implementation Presentation
Pertemuan 5-6 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Data Mining As A Continuous Auditing Tool for “Soft Information”: A Research Question A Research Proposal By J. Donald Warren, Jr. Rutgers University Fifth.
Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.
Internal Control in a Financial Statement Audit
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
Nature of an Integrated Audit
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
Statement on Auditing Standards (SAS) 112 Communicating Internal Control Related Matters Identified in an Audit.
AUDIT PROCEDURES. Commonly used Audit Procedures Analytical Procedures Analytical Procedures Basic Audit Approaches - Basic Audit Approaches - System.
Learning Objectives LO1 Describe the association framework. LO2 Determine whether a PA is associated with financial statements. LO3 Describe the three.
Chicagoland IASA Spring Conference
Information Technology Audit
Auditing Internal Control over Financial Reporting
Company Confidential Registration Management Committee 1 Asking the Right Questions Right Dale Gordon Aerojet Rocketdyne July 16, 2014.
Chapter 2 The process Process, Methods, and Tools
The Sarbanes-Oxley Act of PricewaterhouseCoopers Introduction of Panel Members The Sarbanes-Oxley Act of 2002 What Companies Should Be Doing Now.
Auditing Internal Control over Financial Reporting
INTERNAL CONTROL OVER FINANCIAL REPORTING
Implementation Issues of Sarbanes-Oxley CASE Presentation September 23, 2004 By Denise Farnan.
Chapter 5 Internal Control over Financial Reporting
Page 1 Internal Audit Outsourcing The Moss Adams Approach to Internal Audit Outsourcing Proposed SOX 404 Changes.
Considering Internal Control
Overview:  Different controls in an organization  Relationship between IT controls & financial controls  The Mega Process Leads  Application of COBIT.
Monitoring Internal Control Systems Johann Rieser Senior Auditor, Ministry of Finance, Vienna.
Internal Control in a Financial Statement Audit
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/Irwin ©2008 The McGraw-Hill Companies, All Rights Reserved.
Evidence and Documentation
Learning Objectives LO5 Illustrate how business risk analysis is used to assess the risk of material misstatement at the financial statement level and.
The Firm of Choice. 1 New Auditing Standards Maintaining the Integrity of the Independent Audit.
Audit Materiality.
Richard F. Chambers, CIA, CGAP Vice President, IIA Learning Center The Institute of Internal Auditors.
S14: Analytical Review and Audit Approaches. Session Objectives To define analytical review To define analytical review To explain commonly used analytical.
Chapter 7 Auditing Internal Control over Financial Reporting McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Chapter 6 Internal Control in a Financial Statement Audit Copyright © 2014 McGraw-Hill Education. All rights reserved. No reproduction or distribution.
Casualty Loss Reserve Seminar General Session II September 9, 2003 Section 302/404 of Sarbanes-Oxley Act What Actuaries Need to Know Jan A. Lommele, FCAS,
Solutions Within Reach
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 7-1 Chapter Seven Auditing Internal Control over Financial Reporting.
1 Emerging CARLAB work Miklos A. Vasarhelyi. 2 Outline Continuous Control Monitoring Simulating Continuous Auditing Control Tags.
Learning Objectives LO5 Document an accounting system to identify key controls and weaknesses in order to assess control risk. LO6 Write key control tests.
Learning Objectives LO5 Document an accounting system to identify key controls and weaknesses in order to assess control risk. LO6 Write key control tests.
McGraw-Hill/Irwin © The McGraw-Hill Companies 2010 Auditing Internal Control over Financial Reporting Chapter Seven.
Chapter 5 Evidence and Documentation McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Analytical Review and Audit Approaches
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley Section 404 Audits of Internal Control and Control Risk Chapter.
Control and Security Frameworks Chapter Three Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc
1 Overview of PCAOB Auditing Standard No. 5 An Audit of Internal Control Over Financial Reporting that is Integrated with an Audit of Financial Statements.
©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder Section 404 Audits of Internal Control and Control Risk Chapter 10.
E&Y Top-down, Risk-based Approach to assessing Key Control Summary of the E&Y’s Framework Materiality Controls SAP Control Risk Heat Map Yue Yong Carolyn.
AUDIT QUALITY AND ASSURANCE 2 ND AND 3 RD OCTOBER 2014 HILTON HOTEL MATERIALITY IN PLANNING AND PERFORMING THE AUDIT (ISA 320) 1.
©©2012 Pearson Education, Auditing 14/e, Arens/Elder/Beasley Considering Internal Control Chapter 10.
Copyright © 2014 Pearson Education, Inc. Publishing as Prentice Hall. Chapter
Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.
8 INTERNAL CONTROL. Definition Duty  mgt (CEO)  Board  Internal auditor  Employee  External person.
IT Focus Areas- PCAOB Inspection
Internal Control in a Financial Statement Audit
Risk Assessment Considerations
Modern Auditing: Assurance Services and the Integrity of Financial Reporting, 8th Edition William C. Boynton California Polytechnic State University at.
Evidence and Documentation
Presentation transcript:

1 An Evidential Reasoning Approach to Sarbanes-Oxley Mandated Internal Control Assessment Lili Sun, Rutgers University Rajendra Srivastava, The University of Kansas David Vun Kannon Theodore Mock, The University of Southern California Miklos Vasarhelyi, Rutgers University

2 Developing The Next Generation Of Internal Control Tools Using CA First generation of 404 implementation: –Focus on documentation of controls –Filling gaps in COSO framework –Highly labor intensive Second generation of 404 implementation: –More cost efficient and effective –More systematic assessment of controls –Focus on identifying material control weaknesses and audit automatically rather than manually

3 Evidential Reasoning: Systematic, Higher Value IC Assessment Tool Evidential reasoning: a process of risk assessment where several assertions when combined together inform about the effectiveness of an internal control procedure and the overall internal control system. Decompose risk assessment into individual evidence level. Provide a rigorous algorithm to aggregate human beliefs. Provides systematic way to represent the interrelationships among multiple key components for the evaluation of IC. Help discipline Auditors’ thought process in estimating risk Serve as a decision aid for auditors.

4 Create A Systematic Representation Of KPMG Model Of Risk Assessment Financial reporting model –Parent company –Subsidiary –Financial statement –Significant accounts Business process model –Business process –Objective –Risk –Control –Evaluation procedures

5 Generic Evidential Reasoning Model Of Internal Control Assurance A1: IC/FR for the consolidated entity is effective OR && & & IC/FR for subsidiary i is effective The system of IC/FR for Account j on BS is effective IC/FR for Account i on BS is effective IC for Process j is effective The system of IC for Process i is effective. Process j is protected from IC risk j. Process j is protected from IC risk i. Control j Control i Control k Control environment Control m is effective. Control n is effective. Financial reporting Model Business Process Model

6 Application of Evidential Reasoning Approach into A Real Case

7 Automate The Aggregation Of Control Evaluations Input: –auditors’ evaluation on the effectiveness of individual control procedure Output: –Quantitative assessment of control effectiveness on multiple layers of the hierarchy: from the individual control level to the overall financial statement level Evidential reasoning a useful decision aid for KPMG auditors because of its: –Clarity –Practicability of use –Completeness –Adaptability

8 Continuing Work Validate model against a real audit case Explore issues related to the application of the proposed approach –Refine the quantitative representation of internal control effectiveness. –How to better elicit belief inputs from auditors.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.