O'Reilly logo

Internal Control Audit and Compliance: Documentation and Testing Under the New COSO Framework by Lynford Graham

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER ELEVEN

Reporting Requirements

PUBLIC AND NONPUBLIC entities diverge when it comes to publicly disclosing the effectiveness of internal control over financial reporting and material weaknesses. Only public entities are required to publicly report on internal controls effectiveness and disclose material weaknesses. Nonpublic entities may be required by regulatory requirements to report on controls over compliance with laws and regulations or on internal controls as defined in specific regulations.1 In addition, lenders, venture capitalists, or absentee owners may require such reports. Of course, such entities may voluntarily report on internal control and can have an auditor issue an opinion on the entity's internal control.

The Government Accountability Office (GAO) has indicated that it may require some form of internal controls reporting for entities under its audit jurisdiction in the future.

images NONPUBLIC ENTITY REPORTING

While not required to report on internal controls unless required by a regulator or a covenant, private entities and other nonpublic entities can obtain an auditor's opinion on the effectiveness of their internal controls over financial reporting (ICFR). That report would be accompanied by management's assertion about the effectiveness of controls, similar to the reporting model for public companies, and would be issued under a newly revised Statement ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required