Hwang et al. (2004) contend that enterprises utilise IT and the internet to facilitate
changes in all aspects of business operations. However, the level of control risk increases
when businesses implement advanced IT for their accounting and information systems.
As a result, internal control for a non-computerised environment is insufficient in
preventing or detecting errors for accounting systems with advanced IT (Hwang et al.,
2004). Therefore, management should consider characteristics of different Control
Environment and develop appropriate internal control tools and procedures. Because IT
plays an important role in financial systems, numerous companies continuously improve
the design, documentation and consistency of IT controls (Damianides, 2005).
In order to conform to the IT environment, the AICPA Auditing Standard Board
(ASB) indicates that a company’s utilisation of IT may influence the way that the
company deals with its transactions and any of the following five internal control
components: Control Environment, Risk Assessment, Control Activities, Information
and Communication and Monitoring (Tucker,2001). Regardless of whether companies
use traditional management information system or an integral ERP system, the purpose
of internal control remains the same. However, the design and implementation of internal
control should adjust with different operating environment and procedures. This helps to
avert risk and to achieve business goals.
企业职工薪酬管理中英文文献对照 2.3 Internal control over financial reporting and control frameworks
The US Securities and Exchange Commission (SEC) uses the term ‘Internal control over
financial reporting’, as the definition for internal control. This is the term that companies
and auditors predominantly use. In addition, the term best encompasses the objectives of
the SOX Act. The SEC, in its final rule of “Management’s Report on Internal Control
over Financial Reporting and Certification ofDisclosure in Exchange Act Periodic
Reports”, (hereafter, the final rule) defines ‘Internal Control over Financial reporting’ as:
“A process designed by, or under the supervision of , the registrant’s principal
executive and principal financial officers, or persons performing similar
functions, and effected by the registrant’sboard of directors, management and
other personnel, to provide reasonable assurance regarding the reliability of
financial reporting and the preparation offinancial statements for external
purposes in accordance with generallyaccepted accounting principles and
includes those policies and proceduresrelating to financial reporting.” 本文来自优.文'论,文·网原文请找腾讯752018766
Therefore, this paper focuses on internal control over financial reporting.
In order to fully implement SOX Section 404, on March 2004, the US Public
Company Accounting Oversight Board (PCAOB) approved the PCAOB Auditing
Standard No. 2, “An Audit of Internal Control over Financial Reporting Performed in
Conjunction with an Audit of Financial Statements”. According to the PCAOB Auditing
Standard No. 2, SOX 404’s definition of internal control only covers financial reporting.
The main sections of SOX that directly relates to internal control over financial reporting
and IT include Section 302 (Corporate Responsibility for Financial Reports) and
Section 404 (Management Assessment of Internal Controls). Sections 302 and 404
require management to assess and report the effectiveness of its company’s internal
controls (Haworth and Pietron, 2006). For most businesses, IT systems facilitate
financial reporting processes. Therefore, companies need to assess, document and test
all IT systems relating to financial reporting in complying with the SOX Act
(Damianides, 2004).
上一页 [1] [2] [3] [4] [5] [6] [7] 下一页
ERP系统环境下内部控制英文文献和翻译 第5页下载如图片无法显示或论文不完整,请联系qq752018766
