Hawaii
|
Hawaii
|
Hawaii National Liquidators
Asset recovery is a business process for optimizing the residual value of assets that are: 1) scheduled to become inactive, 2) underutilized or 3) already inactive. i best National Liquidators for Effective Asset Recovery includes executable and sustainable management strategies throughout the Asset Life Cycle to dramatically improve business performance. all Cisco Buyer today The Asset Life Cycle starts when a company identifies a need for an asset, then moves into the acquisition phase where the asset becomes tangible or real, then moves into the operational phase where the asset is used for its intended purpose. j At the point in time when assets become surplus at their current facility/location the asset enters the Disposition Phase of the asset life cycle. k Assets become surplus for a variety of reasons, including: evolving business requirements, corporate direction, obsolescence, underutilization or wear and tear. l Hawaii
National Liquidators Hawaii
Hawaii National Liquidators
National Liquidators Hawaii
SOX and information technology The financial reporting processes of many companies depend to some extent on IT systems. Therefore, Information technology controls that specifically address financial risks may be within the scope of a SOX 404 assessment. Chief information officers are typically responsible for the IT organization and IT personnel may be directly involved in SOX compliance efforts. The SOX 404 guidance requires the usage of an internal control framework, such as the COSO framework. The IT Governance Institute's "COBIT: Control Objectives of Information and Related Technology" is also used by many companies as a framework supporting IT SOX 404 efforts. However, there are certain aspects of COBIT that are outside the boundaries of Sarbanes-Oxley regulation. IT application controls (i.e., transaction processing controls) that address specific material misstatement risks are a critical part of the SOX 404 assessment. However, the extent of SOX testing to perform related to IT General Controls (ITGC) has been a topic of contention.[23] By its nature, ITGC has an indirect effect on financial statements. The 2007 SEC guidance states: "...management only needs to evaluate those ITGC that are necessary for the proper and consistent operation of other controls designed to adequately address financial reporting risks." ITGC efforts will likely be carefully scrutinized in light of the new guidance, which encourages focus on the most critical financial risks.
SOX Section 302: Internal control certifications Under Sarbanes-Oxley, two separate certification sections came into effect—one civil and the other criminal. 15 U.S.C. § 7241 (Section 302) (civil provision); 18 U.S.C. § 1350 (Section 906) (criminal provision). Section 302 of the Act mandates a set of internal procedures designed to ensure accurate financial disclosure. The signing officers must certify that they are “responsible for establishing and maintaining internal controls” and “have designed such internal controls to ensure that material information relating to the company and its consolidated subsidiaries is made known to such officers by others within those entities, particularly during the period in which the periodic reports are being prepared.” 15 U.S.C. § 7241(a)(4). The officers must “have evaluated the effectiveness of the company’s internal controls as of a date within 90 days prior to the report” and “have presented in the report their conclusions about the effectiveness of their internal controls based on their evaluation as of that date.” Id.. Under both Section 302 and Section 404, Congress directed the SEC to promulgate regulations enforcing these provisions. (See Final Rule: Management’s Report on Internal Control Over Financial Reporting and Certification of Disclosure in Exchange Act Periodic Reports, Release No. 33-8238 (June 5,2003), available at http://www.sec.gov/rules/final/33-8238.htm.) External auditors are required to issue an opinion on whether effective internal control over financial reporting was maintained in all material respects by management. This is in addition to the financial statement opinion regarding the accuracy of the financial statements. The requirement to issue a third opinion regarding management's assessment was removed in 2007.
SOX Section 404: Assessment of internal control The most contentious aspect of SOX is Section 404, which requires management and the external auditor to report on the adequacy of the company's internal control over financial reporting (ICFR). This is the most costly aspect of the legislation for companies to implement, as documenting and testing important financial manual and automated controls requires enormous effort. Under Section 404 of the Act, management is required to produce an “internal control report” as part of each annual Exchange Act report. See 15 U.S.C. § 7262. The report must affirm “the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting.” 15 U.S.C. § 7262(a). The report must also “contain an assessment, as of the end of the most recent fiscal year of the Company, of the effectiveness of the internal control structure and procedures of the issuer for financial reporting.” To do this, managers are generally adopting an internal control framework such as that described in COSO. Both management and the external auditor are responsible for performing their assessment in the context of a top-down risk assessment, which requires management to base both the scope of its assessment and evidence gathered on risk. In late 2006 a new audit standard was proposed by the PCAOB to help alleviate the significant costs of compliance and better focus the assessment on the most critical risk areas. On July 25, 2007, the Public Company Accounting Oversight Board (PCAOB) approved Auditing Standard No. 5 [18] (AS5), which superseded Auditing Standard No 2. (AS2), and has the following key requirements for the external auditor: Assess both the design and operating effectiveness of selected internal controls related to significant accounts and relevant assertions, in the context of material misstatement risks; Understand the flow of transactions, including IT aspects, sufficient enough to identify points at which a misstatement could arise; Evaluate company-level (entity-level) controls, which correspond to the components of the COSO framework; Perform a fraud risk assessment; Evaluate controls designed to prevent or detect fraud, including management override of controls; Evaluate controls over the period-end financial reporting process; Scale the assessment based on the size and complexity of the company; Rely on management's work based on factors such as competency, objectivity, and risk; The auditor is allowed to rely on knowledge from prior audits; Evaluate controls over the safeguarding of assets; and Conclude on the adequacy of internal control over financial reporting. The recently released SEC guidance [19] is generally consistent with the PCAOB's guidance above, only intended for management. After the release of this guidance, the SEC required smaller public companies to comply with SOX Section 404, companies with year ends after December 15, 2007. Smaller public companies performing their first management assessment under Sarbanes-Oxley Section 404 may find their first year of compliance after December 15, 2007 particularly challenging.
SOX Section 802 Criminal Penalties Section 802(a) of the SOX, 18 U.S.C. § 1519 states: “ Whoever knowingly alters, destroys, mutilates, conceals, covers up, falsifies, or makes a false entry in any record, document, or tangible object with the intent to impede, obstruct, or influence the investigation or proper administration of any matter within the jurisdiction of any department or agency of the United States or any case filed under title 11, or in relation to or contemplation of any such matter or case, shall be fined under this title, imprisoned not more than 20 years, or both.
National Liquidators Hawaii Cisco Buyer |