| As of date | An audit of internal control over financial reporting assesses internal control as of a particular point in time, the "as of " date, as opposed to the entire period under audit. This date is ordinarily the last day of the client's fiscal period.
|
 |
|
|
| Compensating control | A control that reduces the risk that an existing or potential control weakness will result in a failure to meet a control objective (e.g., avoiding misstatements). Compensating controls are ordinarily controls performed to detect, rather than prevent, the misstatement from occurring. For example, a reconciliation of the bank account performed by an individual otherwise independent of the cash function serves to detect a variety of possible misstatements (both errors and fraud) that may have occurred in the processing of cash receipts and disbursements.
|
|
|
|
| Complementary controls | Controls that function together to achieve the same control objective (e.g., avoiding misstatements).
|
|
|
|
| Control deficiency | A weakness in the design or operation of a control that does not allow management or employees, in the normal course of performing their functions, to prevent or detect misstatements on a timely basis.
|
|
|
|
| Detective controls | Policies and procedures that are designed to identify errors or fraud after they have occurred. Detective controls can be applied to groups of transactions (e.g., bank reconciliations).
|
|
|
|
| Estimation transaction | A transaction involving management's judgments or assumptions, such as determining the allowance for doubtful accounts, establishing warranty reserves, and assessing assets for impairment.
|
|
|
|
| Integrated audit (under PCAOB Standard No. 2) | An audit that includes audit reports on both a company's internal control over financial reporting and the financial statements.
|
|
|
|
| Major classes of transactions | All classes of transactions that materially affect significant accounts or groups of accounts, either directly through entries in the general ledger or indirectly through the creation of rights or obligations that may not be recorded in the general ledger.
|
|
|
|
| Material weakness | A significant deficiency or combination of significant deficiencies that results in more than a remote likelihood that a material misstatement of the annual or interim financial statements will not be prevented or detected.
|
|
|
|
| Nonroutine transaction | A transaction that occurs only periodically, such as counting and pricing inventory, calculating depreciation expense, or determining prepaid expenses.
|
|
|
|
| Preventive controls | Procedures designed to prevent an error or fraud. Preventive controls are normally applied at the individual transaction level.
|
|
|
|
| Redundant controls | Duplicate controls that both achieve a control objective.
|
|
|
|
| Routine transaction | A transaction for a recurring financial activity recorded in the accounting records in the normal course of business, such as sales, purchases, cash receipts, cash disbursements, and payroll.
|
|
|
|
| Sarbanes-Oxley Act of 2002 | An act passed by the U.S. Congress to protect investors from the possibility of fraudulent accounting activities by corporations by improving the accuracy and reliability of corporate disclosures.
|
|
|
|
| Section 404 | The primary section of the Sarbanes-Oxley Act dealing with management and auditor reporting on internal control over financial reporting. Section 404(a) requires that each annual report filed with the Securities and Exchange Commission include an internal control report prepared by management in which management acknowledges its responsibility for establishing and maintaining adequate internal control and an assessment of internal control effective as of the end of the most recent fiscal year. Section 404(b) requires that the CPA firm attest to and report on the assessment made by management as well as provide its own opinion on internal control.
|
|
|
|
| Significant account | An account for which there is more than a remote likelihood that it could contain misstatements that individually, or when aggregated with others, could have a material effect on the financial statements.
|
|
|
|
| Significant deficiency | A control deficiency (or a combination of control deficiencies) that adversely affects the company's ability to initiate, authorize, record, process, or report external financial data reliably in accordance with generally accepted accounting principles, such that there is more than a remote likelihood that a more than inconsequential misstatement of the company's financial statements will not be prevented or detected.
|
|
|
|
| Walk-through | Tracing a transaction from origination through the company's information systems until it is reflected in the company's financial reports.
|