5.3. Documentation of Entity-Level Control Policies and Procedures

5.3.1. CORPORATE GOVERNANCE DOCUMENTS

Several of the entity-level control objectives described in Chapter 3 fall under the general topic of corporate governance. One of the more popular definitions of corporate governance follows:

Corporate governance is the system by which business corporations are directed and controlled. The corporate governance structure specifies the distribution of rights and responsibilities among different participants in the corporation, such as the board, managers, shareholders and other stakeholders, and spells out the rules and procedures for making decisions on corporate affairs. By doing this, it also provides the structure through which the company objectives are set, and the means of attaining those objectives and monitoring performance.[]

[] From the Organization for Economic Co-operation and Development (OECD), April 1999. This definition was reported by the Encyclopedia about Corporate Governance, www.encycogov.com.

The rules of the Securities and Exchange Commission (SEC), the stock exchanges and other laws and regulations (e.g., the Federal Sentencing Guidelines) generally result in public companies' having relatively formal, well-documented policies that describe entity-level controls related to these broad control areas:

  • Corporate culture

  • Risk identification

  • Disclosure controls and procedures

  • Top-level financial reporting processes

To evaluate the adequacy of the documentation ...

Get How to Comply With Sarbanes-Oxley Section 404: Assessing the Effectiveness of Internal Control now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.