C254 QUESTIONS WITH CORRECT ANSWERS

Section 404 of the Sarbanes-Oxley Act of 2002, provided for increased scrutiny over which area of corporate governance: CORRECT ANSWER Internal controls design, implementation and effectiveness. Section 404 of SOX is probably the most well-known section of Sarbanes-Oxley that requires management to select an internal control framework and then assess the effectiveness and report annually on both the design and operational effectiveness of that framework. The five COSO framework areas CORRECT ANSWER The five COSO framework areas are Control Environment, Risk Assessment, Control Activities, Information and Communication and Monitoring. The impact of Sarbanes-Oxley on the accounting and auditing profession was: CORRECT ANSWER Significant because of the creation of the PCAOB and its responsibilities provided oversight and regulation for the profession. The creation of the PCAOB and its responsibilities by the SOX act provided oversight and regulation for the accounting and auditing profession for the first time in over 100 years. The corporate governance fabric CORRECT ANSWER The corporate governance fabric is generally thought to include: board of directors, audit committee, senior / executive management, internal audit, external (independent) audit and regulators and governing bodies. What is not believed to improve auditor independence CORRECT ANSWER Requiring audit firm lead partner rotation every seven years instead of five. SOX requires audit firm lead partner rotation every five years instead of seven. The impetus for the Sarbanes-Oxley Act of 2002 was CORRECT ANSWER The numerous and costly financial reporting frauds of the early 2000s such as WorldCom, Tyco, Adelphia, Enron and other paved the way for passage of the SOX Act of 2002. Beyond internal controls design, implementation and effectiveness assessments, the Sarbanes Oxley act provided for CORRECT ANSWER Section 302 of SOX requires that the company's "principal officers" (typically the Chief Executive Officer and Chief Financial Officer) certify and approve the integrity of their company financial reports. Control activities include: CORRECT ANSWER Adequate segregation of duties, proper procedures for authorization, and adequate documents and records are all considered to be control activities. For more information, see topic 9.