Page 100 - CA Final Audit Titanium Full Book. (With Cover Pages)
P. 100

CA Ravi Taori
           • The board should maintain a sound system of internal control to safeguard shareholders' investment and the
            company's assets.
           • The directors should, at least annually, conduct a review of the effectiveness of the group's system of internal
            control and should report to shareholders that they have done so. The review should cover all controls,
            including financial, operational and compliance controls and risk management.
           • Companies which do not have an internal audit function should from time to time review the need for one.
         Sarbanes Oxley Section 404
         SOX Section 404 (Sarbanes-Oxley Act Section 404) mandates that all publicly traded companies must establish
         internal controls and procedures for financial reporting and must document, test and maintain those controls
         and procedures to ensure their effectiveness.
         The SEC rules and PCAOB standard require that:
           • Management perform a formal assessment of its controls over financial reporting including tests that confirm
            the design and operating effectiveness of the controls.
           • Management include in its annual report an assessment of ICFR.
           • The external auditors provide two opinions as part of a single integrated audit of the company:
           • An independent opinion on the effectiveness of the system of ICFR.
           • The traditional opinion on the financial statements.

         (CNO-MRI.620) IFC vs IFCR
         Internal financial control v/s Internal financial control over reporting
         IFC - Definition
           • Defined in u/s 134(5)(e) which is similar to definition of internal control as per SA 315
           • System designed by TCWG or management.
           • Law - To ensure that operations are in compliance with the law
            ▪ Safeguarding assets
            ▪ Operations- Orderly & efficient conduct of business as per company policies
            ▪ Financial information
               a.  Accuracy & completeness of financial records
               b.  Timely preparation of reliable financial information
            ▪ Frauds & Errors - Prevention & detection of fraud & error
         IFCR:
           • Not defined in companies act but defined in guidance note.
           • System designed to ensure.
            ▪ Reliability of financial reporting (Accounting records)
            ▪ Preparation of financial statements for external purpose as per Generally accepted principles
         Difference between IFC v/s IFCR:
           • From above it is clear that IFCR is a subset of IFC. IFC is much broader as compared to IFCR.
           • IFCR covers only those controls which are related to financial reporting & financial statements but IFC covers
            all the controls in the organization which are related to financial matters.
           • Legal requirement with both IFC & IFCR are different
         Legal requirement
         IFC (in the sequence of imp)
           • BOD of listed co. are supposed to take responsibility of IFC & specify in DRS.
           • Audit committee responsibility to evaluate IFC of company.
           • Independent directors companies which requires ID, ID have to go & check whether financial controls are
            robust & defensible & information generated is reliable.
         IFCR:
           • BOD of the companies are responsible to maintain proper IFCR.


        www.auditguru.in                                                                                         4.29
   95   96   97   98   99   100   101   102   103   104   105