home

Articles

Blog

Books

Tools

Links

FAQ Page


Caterpillar and Internal Controls

Google
 
Web www.software-risk.co.uk

The May 10th hearing on Sarbanes-Oxley before the SEC/PCAOB is likely to hear demands to reduce the complexity and requirements of the legislation.

Caterpillar for instance has called for less emphasis on low-level transactions and "checking signatures on transactions." Enron and WorldCom were not caused by low-level frauds but by management's unethical behaviour.

What would be the effect on checking internal controls for Section 404?

The primary source of guidance on internal controls effectiveness is the COSO Framework.

In the framework 5 elements are identified as constituting and internal control. These are the control environment, risk assessment, control activities, monitoring, infformation and communications.

COSO does not rank one element above others. An integrated and holistic approach has to be taken. Each control should be looked at individually.

The Control Environment is akin to a wrapper around the entire set of internal controls. The central point of the element is that it is the management's role to set "the tone at the top". It is in this area that ethical behaviour and integrity is required.

WorldCom is seen as a failure of the control environment. Bernie Ebbers (CEO) and other executives gave explicit instructions to accounting staff to falsify financial records.

Another split in internal controls is between the entity-level and activity -level. Entity-level controls are those that underpin the business and allow others to operate.

An example is the recruitment of honest non-fraudulent people, one could not trust fully transactions at the activity level.

Caterpillar's representation that ethical behaviour should be more important. This would slant the weighting of the elements to the control environment.

Most of the guidance from practitioners is that companies should concentrate on the entity-level controls anyway.

Comments from senior SEC officers and the PCAOB have indicated that companies are gold-plating their compliance programs.

Related Articles
Caterpillar Calls for Lower Level 404
CEO Transparency Worse Despite SOX
SEC Chief Account Defends SOX
OpenPages and Ethics
Tighter Sarbanes-Oxley Called For
Tools Glossary
Network Security Glossary
NCH and SAS 70 Type II

Similar Areas

Risk Management Items

Sarbanes-Oxley Items

Management Items

Regulation Items

Internal Controls Items

Selected Books

Keywords

Sarbanes-Oxley and Caterpillar

Caterpillar

SEC and PCAOB

SOX and internal controls

Enron and WorldCom

ethics

Sarbanes-Oxley and ethics

Section 404 and ethics

COSO

COSO framework

risk assessment

control environment

control activities

entity-level

compliance programs


See our Sarbanes-Oxley compliance, load testing and Financial Glossary pages.
Articles   Books   FAQ Page   home   Jobs   Links   Reviews Page   Tools  
Booklist   books   Measurement   Testing   Tools