8.4. EXPANDED REPORTING ON MANAGEMENT'S RESPONSIBILITIES FOR INTERNAL CONTROL
Although not required, many companies include management reports relating to internal control in their annual reports to shareholders. Typically, these reports are located in close proximity to the company's financial statements. These optional reports to shareholders are not usually designed to comply with the SEC reporting requirements.
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has provided guidelines on the preparation of these optional internal control reports to shareholders. These guidelines attempt to achieve a balance between two competing needs: conformity and flexibility. On one hand, consistency in reporting between entities enhances communication between the entity and its shareholders. On the other hand, boilerplate language may not be meaningful; management needs the flexibility to emphasize certain matters or to communicate in a certain style.
With this in mind, COSO recommends that a report to shareholders on internal control should include:
The category of controls being addressed. Typically, management limits its reporting to internal control over financial reporting and will not address operational or compliance-related controls.
A statement about the inherent limitations of internal control systems. It is helpful to remind readers of the limitations of internal control, although some judgment is required to determine the extent of this discussion. ...
Get How to Comply With Sarbanes-Oxley Section 404: Assessing the Effectiveness of Internal Control now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
