|
Public
Company Accounting Oversight
Board
Bylaws and Rules – Standards – AS2
Auditing Standard No. 2: An Audit of Internal
Control Over Financial Reporting Performed in
Conjunction With an Audit of Financial
Statements
This standard was approved by the
Securities and Exchange Commission on June 17,
2004, and is effective for audits of internal
control over financial reporting required by
Section 404(b) of the Sarbanes-Oxley Act of
2002.
Auditor's Objective
in an Audit of Internal Control Over Financial
Reporting
4.
The auditor's objective in an audit of internal
control over financial reporting is
to
express
an opinion on management's assessment of the
effectiveness of the company's
internal
control over financial reporting. To form a
basis for expressing such an
opinion,
the
auditor must plan and perform the audit to
obtain reasonable assurance
about
whether
the company maintained, in all material
respects, effective internal control
over
financial
reporting as of the date specified in
management's assessment.
The
auditor also must audit the company's financial
statements as of the date specified
in
management's
assessment because the information the auditor
obtains during a
financial
statement audit is relevant to the auditor's
conclusion about the
effectiveness
of
the company's internal control over financial
reporting. Maintaining effective
internal
control
over financial reporting means that no material
weaknesses exist; therefore,
the
objective
of the audit of internal control over financial
reporting is to obtain
reasonable
assurance
that no material weaknesses exist as of the date
specified in management's
assessment.
5.
To obtain reasonable assurance, the auditor
evaluates the assessment
performed
by management and obtains and evaluates evidence
about whether the
internal
control over financial reporting was designed
and operated effectively. The
auditor
obtains this evidence from a number of sources,
including using the work
performed
by others and performing auditing procedures
himself or herself.
6.
The auditor should be aware that persons who
rely on the information
concerning
internal
control over financial reporting include
investors, creditors, the board
of
directors
and audit committee, and regulators in
specialized industries, such as
banking
or
insurance.
The
auditor should be aware that external users of
financial statements
are
interested in information on internal control
over financial reporting because
it
enhances
the quality of financial reporting and increases
their confidence in financial
information,
including financial information issued between
annual reports, such as
quarterly
information.
Information
on internal control over financial reporting is
also intended to provide an
early
warning to those inside and outside the company
who are in a position to insist
on
improvements in internal control over financial
reporting, such as the audit
committee
and
regulators in specialized industries.
Additionally,
Section 302 of the Act and Securities Exchange
Act Rule 13a-14(a) or
15d-14(a),
(1)
whichever applies, require management, with the
participation of the
principal
executive and financial officers, to make
quarterly and annual certifications
with
respect to the company's internal control over
financial reporting.
(1) See 17 C.F.R. 240.13a-14(a) or 17 C.F.R.
240.15d-14(a), whichever applies.
|
