1
INTRODUCTION
4
2
A PART OF AN EFFORT TO STRENGTHEN AND STREAMLINE INTERNAL CONTROLS
5
2.1
XXX's Approach
5
2.2
Focus on Internal Controls Over Financial Reporting and What It Means?
6
3
SARBANES-OXLEY ACT 2002, SECTION 404 COMPLIANCE
8
4
ROLES & RESPONSIBILITIES
9
5
INITIATIVE PLANNING AND MANAGEMENT AT COUNTRY LEVEL – SUGGESTIONS
10
6
HOW TO TREAT SITUATIONS WHERE AN ABACUS REPORTING UNIT HAS SUB-LEGAL ENTITIES/ BUSINESS AREA UNITS
11
7
PROCESS OVERVIEW
12
8
STEP 1 – STRATEGIC BUSINESS OVERVIEW AND RISK ASSESSMENT
16
9
STEP 2 - DOCUMENTING PROCESS FLOWS, FINANCIAL RISKS AND INTERNAL CONTROLS OVER FINANCIAL REPORTING
17
9.1
The XXX Financial Processes / Activities Templates
17
9.2
IT/IS General Controls
18
9.3
Financial Processes In Scope at Reporting Unit Level
19
9.4
Documentation of Internal Controls
21
9.5
Internal Controls Related to Services Outsourced to Third Parties
27
9.6
Subsequent changes to financial process flows and implemented controls
28
10
STEP 3 - ASSESSING DESIGN EFFECTIVENESS OF INTERNAL CONTROLS OVER FINANCIAL REPORTING
29
10.1
How to Assess Design Effectiveness
30
10.2
Review and Approval of Design Effectiveness
32
11
INTERNAL AND EXTERNAL AUDIT
33
APPENDIX I - REPORTING UNIT OVERVIEW
34
APPENDIX II - REPORTING UNIT IN-SCOPE PROCESSES
37
APPENDIX III - PROCESS ANALYSIS AND INTERNAL CONTROL DOCUMENTATION TEMPLATES
40
APPENDIX IV - TYPES OF CONTROL ACTIVITIES
42
APPENDIX V - EXAMPLE TESTS OF DESIGN
44
APPENDIX VI - DEFICIENCY TRACKING DOCUMENTATION
48
APPENDIX VII - MAPPING OF BUSINESS CYCLES/PROCESSES TO ABC’S 17 FINANCE PROCESSES
49
GLOSSARY OF KEY TERMS
50