Docstoc

Emerging Trends in Internal Controls

Document Sample
Emerging Trends in Internal Controls Powered By Docstoc
					                               ASSURANCE AND ADVISORY
                               BUSINESS SERVICES




Emerging Trends in Internal Controls
Utilities
Discussion Topics
• 404 Lessons Learned & Emerging Practices
 – 2004 Reporting Results
 – Cross-Industry 404 Issues

• 404+1 Sustainability Framework and Key Considerations
• PCAOB/SEC Guidance (May 16, 2005) and Other Considerations
• Utilities 404 Survey Results
 – Year 1 Overview
 – Year 2 Considerations
 – Ongoing Strategy




 1
 Emerging Trends in Internal Controls—Utilities
Lessons Learned & Emerging Practices
       2004 Reporting Results



2
Emerging Trends in Internal Controls—Utilities
Reporting Results
As of May 6, 2005



                                                                                                                        All                                Utilities
Highlights                                                                                                           Companies                            Companies
Total number of companies that filed
                                                                                                                          2,785                              89
404 reports
Total number of companies with
                                                                                                                             349                             11
ineffective controls reported
% of all companies with ineffective
                                                                                                                         12.5%                             12.4%
controls reported



                                                 Source: The Ames Research Group (May 6, 2005); analysis by Ernst & Young Center for Business Knowledge


3
Emerging Trends in Internal Controls—Utilities
Reporting Results
Internal Control Issues* Reported by Companies with Ineffective Controls—
All Companies                                  * Each internal control ―issue‖ may not be a material weakness,
                                                                                                              as several control issues may have aggregated to a reported material weakness
      Percentage of Internal Control Issues by Major Category –                                        Internal Control Issues by
                                                                                                                                                              By Sub Type                        #
                           All Companies                                                                     Major Category
                                                      7%                                            Documentation                        Policies/documentation issues                          112
                                                                                                                                            Anti-fraud controls                                  13
                                                                                                    Entity-Level & Anti-Fraud
                                                                                                                                            Compliance monitoring                                15
                                                                        10%                         Controls
                26%                                                                                                                         Control environment                                 131
                                                                                                                                            Application of GAAP/accounting policies             211
                                                                                                    Financial Statement Close               Financial statement close process & consolidation    94
                                                                                                    Process & Disclosure                    Intercompany accounts/reconciliation                 74
                                                                                                                                            Review of significant or unusual transactions       169
                                                                                                                                            Change controls                                      18
                                                                                                                                            Data protection                                      18
                                                                                                    IT Controls
                                                                                                                                            Infrastructure                                       23
                                                                                                                                            Security/user access                                 40
                                                                                                    Merger Issues                           Merger/predecessor Issues                            21
                                                                                                    Multilocation Considerations            International operations & subsidiaries              47
                                                                                                    Other                                   Other                                                24
                                                                                                                                            Segregation of duties                                61
         12%                                                                                        Personnel Issues
                                                                                                                                            Staffing issues (levels, expertise, training)       134
                                                                               34%
                                                                                                                                            Accounts payable                                     16
                                                                                                                                            Accounts receivable                                  23
                                                                                                                                            Accruals/restructuring costs                         33
                     1%
                                                                                                                                            Contracts/loan/third-party transactions              58
                       3%
                              1%                                                                    Significant Account Level               Employees benefits/pensions                          27
                                       6%                                                                                                   Inventory management                                 42
     D ocum   entation                                        Entity-L &A raud C
                                                                       evel nti-F         ontrols                                           Property, equipment, leases                          70
     Financial S       ent lose rocess &D
                  tatem C P              isclosure            ITC  ontrols                                                                  Revenue & billing                                    61
     M erger Issues                                           M ultilocation Considerations                                                 Tax issues                                           95
     O ther                                                   Personnel Issues
     S ignificant A ccount Level                                                                    Total # Internal Control Issues                                                             1630

                                                     Source: The Ames Research Group (May 6, 2005); analysis by Ernst & Young Center for Business Knowledge


 4
 Emerging Trends in Internal Controls—Utilities
Reporting Results
Internal Control Issues* Reported by Companies with Ineffective Controls–
Utilities                                            * Each internal control ―issue‖ may not be a material weakness,
                                             as several control issues may have aggregated to a reported material weakness
      Percentage of Internal Control Issues by Major Category –                                         Internal Control Issues by
                                                                                                                                                                By Sub Type                    #
                                                                                                              Major Category
                               Utilities 10%
                                                                                                     Documentation                         Policies/documentation issues                        5
                          16%                                                                                                              Anti-fraud controls                                  0
                                                                                                     Entity-Level & Anti-Fraud
                                                                                                                                           Compliance monitoring                                0
                                                                                                     Controls
                                                                         8%                                                                Control environment                                  4
                                                                                                                                           Application of GAAP/accounting policies              8
                                                                                                     Financial Statement Close             Financial statement close process & consolidation    3
                                                                                                     Process & Disclosure                  Intercompany accounts/reconciliation                 2
                                                                                                                                           Review of significant or unusual transactions        6
                                                                                                                                           Change controls                                      1
                                                                                                                                           Data protection                                      1
                                                                                                     IT Controls
     16%                                                                                                                                   Infrastructure                                       1
                                                                                                                                           Security/user access                                 1
                                                                                                     Merger Issues                         Merger/predecessor Issues                            0
                                                                                                     Multilocation Considerations          International operations & subsidiaries              1
                                                                                                     Other                                 Other                                                2
                                                                                                                                           Segregation of duties                                3
                                                                                                     Personnel Issues
                                                                                                                                           Staffing issues (levels, expertise, training)        5
            4%                                                                                                                             Accounts payable                                     0
                                                                                                                                           Accounts receivable                                  0
                2%                                                       36%                                                               Accruals/restructuring costs                         0
                                                                                                                                           Contracts/loan/third-party transactions              0
                         8%                                                                          Significant Account Level             Employees benefits/pensions                          1
                                                                                                                                           Inventory management                                 3
                                                                                                                                           Property, equipment, leases                          1
     D ocum   entation                                      Entity-L &A raud C
                                                                     evel nti-F         ontrols                                            Revenue & billing                                    1
     Financial S       ent lose rocess &D
                  tatem C P              isclosure          ITC  ontrols                                                                   Tax issues                                           2
     M erger Issues                                         M ultilocation Considerations            Total # Internal Control Issues                                                           51
     O ther                                                 Personnel Issues
     S ignificant A ccount Level
                                                  Source: The Ames Research Group (May 6, 2005); analysis by Ernst & Young Center for Business Knowledge


 5
 Emerging Trends in Internal Controls—Utilities
Lessons Learned & Emerging Practices
     Cross-Industry 404 Issues



6
Emerging Trends in Internal Controls—Utilities
Cross-Industry 404 Issues

•Financial statement close process (FSCP) and disclosure
•Entity-level and anti-fraud controls
•Information technology
•Income taxes
•Service organizations
•Scope and coverage
•Evaluating deficiencies




7
Emerging Trends in Internal Controls—Utilities
Financial Statement Close Process & Disclosure
Reporting Results – FSCP Internal Control Issues

                                                                   Percentage of FSCP Internal Control Issues by Type

• 40% of all companies surveyed required significant
  remediation of FSCP controls prior to initial 404 compliance
• FSCP was a prominent area of internal control issues in            31%
  Year 1 as 34% of all internal control issues were related to
  FSCP                                                                                                                         38%

• Inadequate controls over the following two areas
  represented 69% of the reported FSCP internal control
  issues:
  – Application of GAAP and accounting policies
  – Review of significant or unusual transactions
 Observations

 •   FSCP controls were often tested late in the initial year of        14%
     404 assessments.
 •   If FSCP deficiencies were identified, many companies                                              17%
     found it was too late to remediate them before year-end.                 A                 AP
                                                                                 pplication of G A /accounting policies
                                                                              F                 ent
                                                                                inancial statem close process &consolidation
                                                                                         pany
                                                                              Intercom accounts/reconciliation
                                                                              R  eviewof significant or unusual transactions




 8
 Emerging Trends in Internal Controls—Utilities
Financial Statement Close Process & Disclosure
Year 2 Considerations

•Test and evaluate FSCP early in the 404 process
•Request IT assistance as needed for automated aspects of FSCP
 – Appropriate focus on application and IT general controls over FSCP
 – Automated reconciliation between trial balance and the financial statements

•Invest adequate time formalizing controls over authorizing, recording, and
 review of journal entries




9
Emerging Trends in Internal Controls—Utilities
Financial Statement Close Process & Disclosure
Ongoing Strategy

•Application of GAAP & Accounting Policies
 – Invite independent auditor to attend accounting policy committee meetings

•Working with the independent auditor throughout the FSCP
 – Provide working drafts of the 10-K with a list of outstanding numbers/disclosures/controls tested

•Disclosure committee
 – Management should consider completing a GAAP disclosure checklist
 – Provide minutes to the independent auditor
 – Independent auditor invited to attend disclosure committee meetings

•Reassess adequacy of accounting/finance resources
•Hard close one quarter or one month prior to year-end
•Move up measurement date of pensions & OPEBs 30 days (an accounting
 change)

10
Emerging Trends in Internal Controls—Utilities
Entity-Level & Anti-Fraud Controls
Ongoing Strategy

•Effective entity-level controls can provide for more efficient strategies in
 determining:
 – Coverage (i.e., number of locations, business units)
 – Individually insignificant but significant in the aggregate locations to test
 – Extent and timing of update procedures at year-end

•Management may consider documenting and evaluating more monitoring
 controls
 – Testing more monitoring controls might allow management to alter strategy for testing certain
   transaction-level controls to be more efficient
 – Automate monitoring of completion of compliance and ethics documentation




11
Emerging Trends in Internal Controls—Utilities
Entity-Level & Anti-Fraud Controls
Ongoing Strategy

•Formalize fraud risk assessment
•Consider engaging forensic specialists/advisors to assist with evaluating
 and improving the company's anti-fraud programs and controls
•Implement AICPA recommendations* for audit committees to consider risk
 of management override of controls
 – Maintaining appropriate level of skepticism
 – Strengthening audit committee's understanding of the business
 – Brainstorming to identify fraud risks
 – Using the company's code of conduct to assess the financial reporting culture
 – Cultivating a vigorous whistleblower program
 – Developing a broad information and feedback network

         * Refer to “Management Override of Internal Controls: The Achilles' Heel of Fraud Prevention,” AICPA Antifraud Programs and Controls Task
           Force, January 2005




12
Emerging Trends in Internal Controls—Utilities
Service Organizations
How many service organizations are included within the scope of 404?
                       Number of Service Organizations                      Percentage of Service Organizations for Which Primary
                         Included Within 404 Scope                                 Reliance Placed Upon a SAS 70 Report
                                                                16%
                                                                                        22%

                                                                                                                  32%



                  46%




                                                                      38%



                                                                                              46%
                                                  None                                              None
                                                   om
                                                  S e                                                om
                                                                                                    S e
                                                  Significant                                       Significant



• 46% of companies surveyed have a significant number of service providers included within the scope of 404
• For 32% of service organizations, no reliance was placed upon a Service Auditor (SAS 70) report
• Although an important tool, SAS 70s are only one of a number of mechanisms and approaches used to address 404
  requirements


 13
 Emerging Trends in Internal Controls—Utilities
Service Organizations
Year 1 Overview

•Some Service Auditor Reports (SAS 70s) were not available to
 management in time for documentation or testing
•Scope of SAS 70s did not always cover the controls management relied on
•Companies need to document their own internal controls (i.e., user
 controls), but in some instances did not adequately address those user
 controls




14
Emerging Trends in Internal Controls—Utilities
Service Organizations
Ongoing Strategy

•Challenge the third-party service provider regarding the scope and timing
 of the SAS 70 report and other information the company has provided
 – Some best-in-class outsourcers have elected to issue semi-annual SAS 70 reports covering a
   rolling 12 months (e.g., SAS 70 issued for the period covering May 31 and November 30)
 – Companies can request the service organization to provide more timely and thorough information

•Communications with third-party providers will have implications on
 404/302 processes




15
Emerging Trends in Internal Controls—Utilities
Scope and Coverage
What location selection criteria were used for initial compliance?

                                   Location Selection                                         • 74% of locations selected for detailed documentation and
                                                                                                testing based upon the significant size of the locations
                           17%                                                                • 9% selected because they include a process presenting a
                                                                                                significant financial statement risk, and 17% included
                                                                                                because they have the potential to be significant in the
                                                                                                aggregate

           9%
                                                                                              • Nearly 60% include fewer than 25 locations, while only 5%
                                                                                                selected more than 100 locations
                                                                                               Observations

                                                                                               • Companies and independent auditors will challenge the
                                                                                                 number of locations, processes, and controls tested in
                                                                                                 Year 2, factoring in quantitative and qualitative
                                                                                                 considerations.
                                                                            74%



               Individually significant locations by size
                 ther                                  ith
               O locations carrying processes w significant risk
               Individually insignificant locations considered significant in the aggregate




 16
 Emerging Trends in Internal Controls—Utilities
Scope and Coverage
How many locations were included within the scope of the Section 404 documentation and testing at
the transaction level in Year 1?
                         Number of Locations - Utilities           • 100% of companies included less than 26 locations within
                                                                     scope for transaction-level documentation and testing
                                                                   • 35% of companies included 11 to 25 locations at the
                                                                     transaction level
                                                                    Observations
             35%                                             35%
                                                                    •   Multi-location testing strategies have a pervasive impact
                                                                        on the overall scope and cost of 404 assessments.
                                                                    •   Determining the right multi-location testing approach is
                                                                        critical to ongoing 404 assessments.




                                                   30%
                                                   ess
                                                  L than 5
                                                  5 to 10
                                                  11 to 25




 17
 Emerging Trends in Internal Controls—Utilities
Scope and Coverage
How does the company plan to address individually insignificant locations, operations, or subsidiaries
that were out of scope for the initial compliance year?

                                     Year 2 Approach
                                                                                    • 31% of all companies surveyed indicated they plan to scope
                       23%                                                            out insignificant locations again in Year 2
                                                                              31%   • 29% indicated they will test and rely on entity-level controls
                                                                                      and 17% will perform a self-assessment
                                                                                     Observations

                                                                                     •   Companies should consider alternating tests of
                                                                                         insignificant locations from year to year.




                      29%
                                                                        17%


                                    Scope out again
                                    Performself-assessm ent
                                     est
                                    T and rely upon entity-level controls
                                    Other




 18
 Emerging Trends in Internal Controls—Utilities
Scope and Coverage
Year 2 Considerations

•Management should focus on a risk-based approach for allocating effort of
 testing controls
•Management should take into consideration:
 – Appropriate level of testing at shared service locations
 – Sampling strategies across multiple locations

•Management may document and evaluate more monitoring controls
 – Testing these controls might provide more flexibility for testing transaction-level controls at
   individual locations

•Effective entity-level controls can affect the independent auditor's strategy
 for determining how many ―individually insignificant but significant in the
 aggregate locations‖ to include in scope
•Expanded testing of entity-level controls might provide more flexibility in
 the nature, timing, and extent of transaction-level testing
19
Emerging Trends in Internal Controls—Utilities
Evaluating Deficiencies
Year 1 Overview

•Most companies underestimated the number of control deficiencies
•Sensitive/higher risk areas were often tested later in the year and resulted
 in more deficiencies requiring evaluation at year-end
•Inexperience with evaluating the results of testing sometimes resulted in
 identifying deficiencies late in the year
•Significant judgment was required to evaluate some deficiencies




20
Emerging Trends in Internal Controls—Utilities
Evaluating Deficiencies
Year 2 Considerations

•Timely evaluation and testing of areas subject to higher risk
 – Remediate early enough to avoid year-end material weakness

•Address unremediated deficiencies from Year 1
•Consider potential misstatements to both annual and interim financial
 statements when evaluating deficiencies




21
Emerging Trends in Internal Controls—Utilities
Evaluating Deficiencies
Ongoing Strategy

•Prioritize the timing and resources dedicated to the testing of controls over
 higher risk areas and pervasive controls that have a greater potential for
 material weaknesses
•Timely coordination between independent auditor and company on
 deficiencies (e.g., management and the independent auditor meet
 bi-monthly to evaluate deficiencies)
•Monitoring and managing the remediation process:
 – PMO identifies gaps and prioritizes remediation activities with a focus on cost to remediate,
   materiality considerations, compensating controls, and IT efficiencies
 – Process owners manage remediation
 – Internal audit monitors remediation activities and performs retesting
 – Process management team provides overall support to remediation efforts
 – Protocols established to report on a regular basis to the audit committee on remediation progress



22
Emerging Trends in Internal Controls—Utilities
404 Sustainability Framework
 Approach:
          Implement Monitoring                                               Update Documentation                                         Test and Monitor                       Report
              Infrastructure                                               and Evaluate Control Design                                        Controls

Sustainability Phases:
                                                                                         Update                                       Evaluate Overall
                                  Develop or                                             Documentation and                                                                  Management’s
                                                              Evaluate                                                                Effectiveness,
 Maintain                         Supplement                                             Evaluate Internal                                                                  Year End
                                                              Internal                                                                Identify Matters for                  Report
 Internal                         Internal                                               Control Design at the
                                                              Control at                                                              Improvement, and                      on
 Control                          Control                                                Process,
                                                              the Entity                                                              Establish                             Internal
 Framework                        Compliance                                             Transaction, or
                                                              Level                                                                   Monitoring                            Control
                                  Function                                               Application
                                                                                         Level                                        Systems

• Consider any updates to        • Establish clear           • Establish or formalize   • Establish control documentation            • Formalize process for developing
  COSO or other internal           ownership for ongoing       programs to support                                                                                        • Formalize
                                                                                          ownership and accountability, including      and executing test plans and         communications and
  control guidance                 compliance and              updating entity level      process to ensure comprehensive and          standards for documenting and
                                   monitoring                  control assessments,                                                                                         ongoing process for
• Integrate with other risk                                                               timely updates.                              reporting test results.              management review
                                 • Leverage initial            including processes
  management processes             implementation results to for risk assessment,       • Process must address changes in overall    • Formalize issue tracking, gap        and signoff
                                   realize value               evaluation, and            business, process, people and                assessment and gap remediation
                                                               remediation of             technology                                   processes
                                                               deficiencies
  •Organizational alignment & accountability                                                                                        •Technology enablers
                                                                              Continuous process of compliance
  •Efficient, sustainable infrastructure                                                                                            •Continuous control monitoring

                                                                              Continuous auditor’s examination




23
Emerging Trends in Internal Controls—Utilities
                                                              SOX 404…Moving from Project to Process

                                   Planning … Documentation … Testing … Remediation

                                                                        Emerging Practices to Consider


                     Compliance                                                           Cost                                                 Value
                     Sustainability                                                       Containment                                          Generation

 • Linkages to performance management systems (job descriptions,    • Measure costs of compliance                          • Evaluate savings versus costs of compliance
   training, performance assessment)
                                                                    • Controls rationalization                             • Optimize/reengineer controls
 • Integration with 302 processes/identifying changes in controls
                                                                    • Standardization of processes and controls            • Efficiencies gained from standardization
 • Documentation standardization/simplification
                                                                    • Automation of controls                               • Early warning ―systems‖
 • Testing strategy rationalization, including control-level risk
   assessments                                                      • Control-level risk assessment for testing strategy

 • Use of technology                                                • Testing throughout the year
                                                                    • Continuous control monitoring




24
Emerging Trends in Internal Controls—Utilities
Framework for 404 Rationalization & Optimization
                                       All Controls identified within 404-documentation




 Insignificant                                        Controls              Controls
   Controls                                            over                   over
                                                  inconsequential          Risks with
                                                 GL codes & entities       LOW rating




                         Non 404                                  Controls
                         Controls                                   over
                                                                  Non FR
                                                               related Risks

                                                              Compensatory
                                                                Controls

                                           Duplicate          Complimentary
                                           Controls             Controls
                                                               Redundant
                                                                Controls       Eliminate
                                                                                           Optimize &   Optimize
                                                                                                        Optimize number
                                                                Rationalized
                                                                                            Improve      Testing and
                                                                                                          of tests
                                                                Key Controls
                                                                                            Controls     sample sizes
                                                                    Set

25
Emerging Trends in Internal Controls—Utilities
PCAOB/SEC Guidance (May 16, 2005)
    and Other Considerations




26
Emerging Trends in Internal Controls—Utilities
PCAOB/SEC Guidance and Other Considerations
Overall Scope/Risk-Based Approach
Key Topic: Overall Scope/Risk-Based Approach
Management Considerations                            Action Steps

• Are you using a top-down approach that starts      • Re-evaluate your risk assessment methodology used to scope your work.
  with significant accounts before identifying the   • Revisit the identification of significant financial statement accounts and
  significant processes that are relevant and          disclosures.
  important to test?                                 • Revisit the number of locations selected for detailed testing in light of your
• Are you applying a risk-based approach that          risk assessment and consideration of entity-level controls (see below).
  considers both quantitative and qualitative        • Consider opportunities for eliminating control testing on any insignificant
  factors in identifying significant accounts and      accounts or processes that might have been included in the Year 1
  locations?                                           assessment.
• Is your coverage of locations selected for         • Re-evaluate the portfolio of controls selected for testing in Year 1 related to
  transaction-level testing of controls                significant accounts (and disclosures) and financial statement assertions.
  appropriate (not too low or excessive)?
• Are the controls selected for testing
  responsive to the significant financial
  statement assertions?




27
Emerging Trends in Internal Controls—Utilities
PCAOB/SEC Guidance and Other Considerations
Testing Strategy
Key Topic: Testing Strategy
Management Considerations                        Action Steps

• Is the planned nature, timing, and             • Re-evaluate the nature, timing, and extent of testing used on lower risk areas.
  extent of testing of controls                  • Identify opportunities to spread work out over the year; challenge whether lower risk
  responsive to the risk associated                areas can be tested earlier. For test areas that will be used by the auditor, keep in
  with a potential material weakness               mind that testing should address the effectiveness of controls throughout the entire
  in controls?                                     year (not just as of the assessment date).
• Are you fully leveraging internal              • Challenge the nature and extent of update testing needed as of the year-end
  audit or other highly competent and              assessment date (particularly for lower risk areas).
  objective resources for testing?               • Re-evaluate your plans to leverage internal audit for testing controls, recognizing that
• Are there opportunities to better                Internal Audit (and third-party highly competent and objective resources) provides the
  leverage IT controls in your testing             independent auditor with the greatest flexibility and opportunity to use the work of
  strategy?                                        management's assessment to reduce the auditor's work.
• Are there opportunities to use self-           • Identify opportunities to rely more heavily on automated/application controls that can
  assessment testing in selected                   be tested more efficiently (test of one, benchmarking, etc.). Test IT general controls
  areas to support management's 404                early, and remediate IT general controls where needed.
  assessment?                                    • Consider opportunities where a self-assessment strategy might be relevant and
                                                   effective, recognizing that increased self-assessment work could limit the ability of
                                                   the auditor to use the work of management's assessment.




28
Emerging Trends in Internal Controls—Utilities
PCAOB/SEC Guidance and Other Considerations
Entity-Level Controls
Key Topic: Entity-Level Controls
Management Considerations                          Action Steps

• Is your testing focused on the “right” entity-  • Re-examine your strategy for testing entity-level controls – focus on the
  level controls?                                   control environment, anti-fraud controls, and other entity-level controls that
• How are you considering the effectiveness of      have a direct relationship to the ongoing functioning of lower level controls.
  entity-level controls in the determination of   • Assess how greater emphasis might be placed in certain areas on entity-
  testing strategies for processes and locations? level controls to reduce transaction-level testing (i.e., those entity-level
                                                    controls that have a direct relationship with lower level controls).
                                                  • Perform your entity-level control testing earlier in the year.
                                                  • Consider how strong entity-level controls might be better leveraged to
                                                    reduce the number of sites needed for testing locations considered
                                                    individually insignificant but significant in the aggregate.




29
Emerging Trends in Internal Controls—Utilities
PCAOB/SEC Guidance and Other Considerations
Monitoring Activities
Key Topic: Monitoring Activities
Management Considerations                         Action Steps

• Do you have the right monitoring controls in    • Consider the full scope of monitoring activities across the organization and
  place to detect material financial statement      how these can be improved to enhance the internal control system and
  errors or fraud?                                  leveraged to increase the efficiency of the 404 assessment.
• How are you using monitoring activities in your • Maintain an inventory of monitoring activities and evaluate how they can
  404 assessment process?                           be used to support your 404 assessment. Such activities should focus on
                                                    the direct and ongoing monitoring of the operation of controls and should
                                                    be sufficient to determine that such controls operate effectively.




30
Emerging Trends in Internal Controls—Utilities
PCAOB/SEC Guidance and Other Considerations
Communication with Independent Auditors
Key Topic: Communication with Independent Auditors
Management Considerations                            Action Steps

• Have you communicated planned changes to           • Discuss with the independent auditor your planned changes to the
  the 404 assessment in Year 2 to the                  assessment process in Year 2, as well as other opportunities for
  independent auditor so that the auditor may          improvement in the 404 process.
  determine the impact of the changes on the
  audit strategy?




31
Emerging Trends in Internal Controls—Utilities

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:7
posted:1/8/2012
language:Latin
pages:32