ACCT G215: Sarbanes-Oxley Act and Internal Controls
| Item | Value |
|---|---|
| Curriculum Committee Approval Date | 03/15/2022 |
| Top Code | 050200 - Accounting |
| Units | 3 Total Units |
| Hours | 54 Total Hours (Lecture Hours 54) |
| Total Outside of Class Hours | 0 |
| Course Credit Status | Credit: Degree Applicable (D) |
| Material Fee | No |
| Basic Skills | Not Basic Skills (N) |
| Repeatable | No |
| Grading Policy | Standard Letter (S),
|
Course Description
Formerly: Sarbanes - Oxley Act and International Control Compliance. This course explores the Sarbanes-Oxley Act of 2002 - the history leading up to its passage, key provisions of the Act, and its impact on affected companies. The course also studies internal control systems and the efforts involved in attaining compliance - including objectives, design, implementation, assessment, documentation, and monitoring. Emphasis is on principal business processes such as the revenue and expenditure cycles, inventory, payroll, and financial reporting. The role of information technology in achieving internal control objectives and integration of technology controls into internal control systems are also covered. Transfer Credit: CSU.
Course Level Student Learning Outcome(s)
- Course Outcomes
- List the internal control objectives, elements of internal control, and key controls.
- Compare and contrast the original COSO Integrated Framework against the COSO Enterprise Risk Management (ERM) Framework in response to the Sarbanes-Oxley Act, as well as the updated principles to the internal control framework.
- State the key provisions of the Sarbanes-Oxley Act, including its corporate requirements, impact on the accounting and auditing profession, and civil and criminal penalties imposed on corporate officers.
- Identify risks and control gaps of the major business processes and design controls to mitigate the risks.
Course Objectives
- 1. Define internal control, its purpose, structure and components.
- 2. Demonstrate an understanding of the historical events, financial scandals, and regulatory issues surrounding internal control compliance.
- 3. Identify the three dimensions of the COSO Integrated Framework Note: COSO stands for Committee of Sponsoring Organizations).
- 4. Explore the key provisions of the Sarbanes-Oxley Act of 2002 (SOX).
- 5. Evaluate the impact of Section 302 (Disclosure Controls and Procedures) and Section 404 "Internal Control Over Financial Reporting" on organizations subject to SOX.
- 6. Design internal control systems for common business processes such as sales, accounts receivable, accounts payable, procurement, payroll, etc.
- 7. Identify the role of information technology in achieving internal control objectives and integrate technology controls into internal control systems.
Lecture Content
History and background leading up to the Sarbanes-Oxley Act (SOX) U.S. financial reporting environment Securities Exchange Act Foreign Corrupt Practices Act Gramm–Leach–Bliley Act Regulatory and rule-making organizations SEC FASB PCAOB COSO The Treadway Commission Enron, WorldCom, and other financial scandals Impact of scandals on businesses, the regulatory environment, the economy, and society Internal control overview Types of controls Levels of controls Control objectives Control activities Key controls Testing of internal controls Monitoring of internal controls Significant deficiencies and material weaknesses The COSO Framework 17 principles of internal control COSO Integrated Framework Enterprise Risk Management Framework 3 dimensions of the Integrated Framework Organizational objectives Internal control objectives Organizational levels Key provisions of the Sarbanes-Oxley Act Section 302 - Corporate Responsibility For Financial Reports Disclosure controls and procedures (DCP) Section 404 - Management Assessment of Internal Control Internal control over financial reporting (ICFR) Section 906 - Corporate Responsibility For Financial Reports Dodd-Frank Act Internal Control Update Business processes Inter-relationship between business processes and accounting information systems Financial statement assertions Authorization, accuracy, completeness, comparison, existen ce, valuation, classification, cutoff, segregation of duties, safeguarding of assets Corporate governance Ethics in business Documentation methods Role of internal audit The audit committee Information technology and security Fraud prevention Revenue and cash receipts cycle Credit approval and management Pricing Sales order processing Shipping / cutoff Billing Collections Receivables management Proper segregation of duties Revenue recognition Expense and cash disbursements cycle Purchase requisitions and purchase orders Vendor selection Voucher package Accounts payable processing Check signing Search for unrecorded liabilities Custody of checks Inventory cycle Procurement Inventory management Physical security, access control Quality control Cost accounting Valuation Capital expenditures cycle Authorization of purchases Payroll cycle Timekeeping measures Approval and management review Accuracy in recording Funding Reconciliation of payroll register to financial ledgers General ledger/financial reporting cycle General ledger access Approval of journal entry posting Management review, variance analysis Reconciliation of accounts Informational technology Access control Software compatibility Improper manual intervention Mission critical functions Data backup and retention Version c ontrol Uncontrolled user data Spreadsheet control Investments cycle Authorization of trades Cash management Recording of transactions Portfolio custody Market value review
Method(s) of Instruction
- Lecture (02)
- DE Live Online Lecture (02S)
- DE Online Lecture (02X)
Reading Assignments
OER white paper Industry reading materials
Writing Assignments
Discussions Case analyses
Out-of-class Assignments
Business process design Internal control project
Demonstration of Critical Thinking
Creation of internal control systems for various business cycles, mitigation of risks in a business environment or organization, formulation of corrective action to address internal control weaknesses.
Required Writing, Problem Solving, Skills Demonstration
Documentation of internal control systems through narratives, checklists, flowcharts, etc. Conduct periodic testing of internal controls, document results of such testing, report on effectiveness of internal control, monitor controls on a regular basis.
Eligible Disciplines
Accounting: Masters degree in accountancy or business administration with accounting concentration OR bachelors degree in business with accounting emphasis or business administration with accounting emphasis or economics with an accounting emphasis AND masters degree in business, business administration, business education, economics, taxation, or finance OR the equivalent. Masters degree required. (NOTE: A bachelors degree in accountancy or business administration with accounting concentration, with a CPA license is an alternative qualification for this discipline)
Textbooks Resources
1. Required Knapp. Contemporary Auditing, 12 ed. Cengage, 2022
Periodicals Resources
1. Protiviti Independent Risk Consulting (OER). Guide to the Sarbanes-Oxley Act: Internal Control Report Requirements, Protiviti Independent Risk Consulting Volume 2007