Chapter 3—Ethics, Fraud, and Internal Control

TRUE/FALSE

1. The ethical principle of justice asserts that the benefits of the decision should be dis-
tributed fairly to those who share the risks.

ANS: T

2. The ethical principle of informed consent suggests that the decision should be imple-
mented so as to minimize all of the risks and to avoid any unnecessary risks.

ANS: F

3. Employees should be made aware of the firm’s commitment to ethics.

ANS: T

4. Business ethics is the analysis of the nature and social impact of computer technology,
and the corresponding formulation and justification of policies for the ethical use of such technology.

ANS: F

5. Para computer ethics is the exposure to stories and reports found in the popular media
regarding the good or bad ramifications of computer technology.

ANS: F

6. Source code is an example of intellectual property.

ANS: T

7. Copyright laws and computer industry standards have been developed jointly and
rarely conflict.

ANS: F

8. Business bankruptcy cases always involve fraudulent behavior.

ANS: F

9. Defalcation is another word for financial fraud.

ANS: T

10. The trend toward distributed data processing increases the exposure to fraud from re-
mote locations.

ANS: T

11. The external auditor is responsible for establishing and maintaining the internal con-
trol system.

ANS: F
 12. Segregation of duties is an example of an internal control procedure.

ANS: T

13. Controls in a computer-based information system are identical to controls in a manual

system.

ANS: F

14. Preventive controls are passive techniques designed to reduce fraud.

ANS: T

15. Ethical issues and legal issues are essentially the same.

ANS: F

16. Internal control systems are recommended but not required of firms subject to the For-
eign Corrupt Practices Act.

ANS: F

17. Operations fraud is the misuse or theft of the firm’s computer resources.

ANS: T

18. The Foreign Corrupt Practices Act requires only that a firm keep good records.

ANS: F

19. A key modifying assumption in internal control is that the internal control system is
the responsibility of management.

ANS: T

20. Database management fraud includes altering, updating, and deleting an organiza-
tion’s data.

ANS: F

21. While the Sarbanes-Oxley Act prohibits auditors from providing non-accounting ser-
vices to their audit clients, they are not prohibited from performing such services for non-audit clients
or privately held companies.

ANS: T

22. The Sarbanes-Oxley Act requires the audit committee to hire and oversee the external
auditors.

ANS: T

23. Section 404 requires that corporate management (including the CEO) certify their or-
ganization’s internal controls on a quarterly and annual basis.

ANS: F
 24. Section 302 requires the management of public companies to assess and formally re-
port on the effectiveness of their organization’s internal controls.

ANS: F

25. The objective of SAS 99 is to seamlessly blend the auditor’s consideration of fraud
into all phases of the audit process.

ANS: T

MULTIPLE CHOICE

1. Which ethical principle states that the benefit from a decision must outweigh the risks,
and that there is no alternative decision that provides the same or greater benefit with less risk?
a. minimize risk
b. justice
c. informed consent
d. proportionality

ANS: D

2. Individuals who acquire some level of skill and knowledge in the field of computer
ethics are involved in which level of computer ethics?
a. para computer
ethics
b. pop computer
ethics
c. theoretical
computer ethics
d. practical computer
ethics
ANS: A

3. All of the following are issues of computer security except

a. releasing incorrect
data to authorized
individuals
b. permitting
computer operators
unlimited access to
the computer room
c. permitting access to
data by
unauthorized
individuals
d. providing correct
data to
unauthorized
individuals
ANS: B
 4. Which characteristic is not associated with software as intellectual property?
a. uniqueness of the
product
b. possibility of exact
replication
c. automated
monitoring to
detect intruders
d. ease of
dissemination
ANS: C

5. For an action to be called fraudulent, all of the following conditions are required ex-
cept
a. poor judgment
b. false representation
c. intent to deceive
d. injury or loss

ANS: A

6. One characteristic of employee fraud is that the fraud

a. is perpetrated at a
level to which
internal controls do
not apply
b. involves misstating
financial statements
c. involves the direct
conversion of cash
or other assets to
the employee’s
personal benefit
d. involves
misappropriating
assets in a series of
complex
transactions
involving third
parties
ANS: C

7. Forces which may permit fraud to occur do not include

a. a gambling
addiction
b. lack of segregation
of duties
c. centralized decision
making
environment
d. questionable
integrity of
employees
ANS: C

8. Which of the following best describes lapping?

a. applying cash
receipts to a
different customer’s
account in an
attempt to conceal
previous thefts of
funds
b. inflating bank
balances by
transferring money
among different
bank accounts
c. expensing an asset
that has been stolen
d. creating a false
transaction
ANS: A

9. Operations fraud includes

a. altering program
logic to cause the
application to
process data
incorrectly
b. misusing the firm’s
computer resources
c. destroying or
corrupting a
program’s logic
using a computer
virus
d. creating illegal
programs that can
access data files to
alter, delete, or
insert values
ANS: B

10. Who is responsible for establishing and maintaining the internal control system?
a. the internal auditor
b. the accountant
c. management
d. the external auditor

ANS: C
 11. The concept of reasonable assurance suggests that
a. the cost of an
internal control
should be less than
the benefit it
provides
b. a well-designed
system of internal
controls will detect
all fraudulent
activity
c. the objectives
achieved by an
internal control
system vary
depending on the
data processing
method
d. the effectiveness of
internal controls is
a function of the
industry
environment
ANS: A

12. Which of the following is not a limitation of the internal control system?
a. errors are made due
to employee fatigue
b. fraud occurs
because of
collusion between
two employees
c. the industry is
inherently risky
d. management
instructs the
bookkeeper to
make fraudulent
journal entries
ANS: C

13. The most cost-effective type of internal control is

a. preventive control
b. accounting control
c. detective control
d. corrective control

ANS: A

14. Which of the following is a preventive control?

 a. credit check before
approving a sale on
account
b. bank reconciliation
c. physical inventory
count
d. comparing the
accounts receivable
subsidiary ledger to
the control account
ANS: A

15. A well-designed purchase order is an example of a

a. preventive control
b. detective control
c. corrective control
d. none of the above

ANS: A

16. A physical inventory count is an example of a

a. preventive control
b. detective control
c. corrective control
d. feedforward control

ANS: B

17. The bank reconciliation uncovered a transposition error in the books. This is an exam-
ple of a
a. preventive control
b. detective control
c. corrective control
d. none of the above

ANS: B

18. In balancing the risks and benefits that are part of every ethical decision, managers
receive guidance from each of the following except
a. justice
b. self interest
c. risk minimization
d. proportionality

ANS: B
 19. Which of the following is not an element of the internal control environment?
a. management
philosophy and
operating style
b. organizational
structure of the firm
c. well-designed
documents and
records
d. the functioning of
the board of
directors and the
audit committee
ANS: C

20. Which of the following suggests a weakness in the internal control environment?
a. the firm has an up-
to-date
organizational chart
b. monthly reports
comparing actual
performance to
budget are
distributed to
managers
c. performance
evaluations are
prepared every
three years
d. the audit committee
meets quarterly
with the external
auditors
ANS: C

21. Which of the following indicates a strong internal control environment?

a. the internal audit
group reports to the
audit committee of
the board of
directors
b. there is no
segregation of
duties between
organization
functions
c. there are questions
about the integrity
of management
d. adverse business
conditions exist in
the industry
ANS: A

22. According to SAS 78, an effective accounting system performs all of the following
except
a. identifies and
records all valid
financial
transactions
b. records financial
transactions in the
appropriate
accounting period
c. separates the duties
of data entry and
report generation
d. records all financial
transactions
promptly
ANS: C

23. Which of the following is the best reason to separate duties in a manual system?
a. to avoid collusion
between the
programmer and
the computer
operator
b. to ensure that
supervision is not
required
c. to prevent the
record keeper from
authorizing
transactions
d. to enable the firm
to function more
efficiently
ANS: C

24. Segregation of duties in the computer-based information system includes

a. separating the
programmer from
the computer
operator
b. preventing
management
override
c. separating the
inventory process
from the billing
process
d. performing
independent
verifications by the
computer operator
ANS: A

25. Which of the following is not an internal control procedure?

a. authorization
b. management’s
operating style
c. independent
verification
d. accounting records

ANS: B

26. The decision to extend credit beyond the normal credit limit is an example of
a. independent
verification
b. authorization
c. segregation of
functions
d. supervision

ANS: B

27. When duties cannot be segregated, the most important internal control procedure is
a. supervision
b. independent
verification
c. access controls
d. accounting records

ANS: A

28. An accounting system that maintains an adequate audit trail is implementing which
internal control procedure?
a. access controls
b. segregation of
functions
c. independent
verification
d. accounting records

ANS: D

29. Employee fraud involves three steps. Of the following, which is not involved?
a. concealing the
crime to avoid
detection
b. stealing something
of value
c. misstating financial
statements
 d. converting the asset
to a usable form
ANS: C

30. Which of the following is not an example of independent verification?

a. comparing fixed
assets on hand to
the accounting
records
b. performing a bank
reconciliation
c. comparing the
accounts payable
subsidiary ledger to
the control account
d. permitting
authorized users
only to access the
accounting system
ANS: D

31. The importance to the accounting profession of the Foreign Corrupt Practices Act of
1977 is that
a. bribery will be
eliminated
b. management will
not override the
company’s internal
controls
c. firms are required
to have an effective
internal control
system
d. firms will not be
exposed to lawsuits
ANS: C

32. The board of directors consists entirely of personal friends of the chief executive offi-
cer. This indicates a weakness in
a. the accounting
system
b. the control
environment
c. control procedures
d. this is not a
weakness
ANS: B

33. Computer fraud can take on many forms, including each of the following except
 a. theft or illegal use
of computer-
readable
information
b. theft, misuse, or
misappropriation of
computer
equipment
c. theft, misuse, or
misappropriation of
assets by altering
computer-readable
records and files
d. theft, misuse, or
misappropriation of
printer supplies
ANS: D

34. When certain customers made cash payments to reduce their accounts receivable, the
bookkeeper embezzled the cash and wrote off the accounts as uncollectible. Which control procedure
would most likely prevent this irregularity?
a. segregation of
duties
b. accounting records
c. accounting system
d. access controls

ANS: A

35. The office manager forgot to record in the accounting records the daily bank deposit.
Which control procedure would most likely prevent or detect this error?
a. segregation of
duties
b. independent
verification
c. accounting records
d. supervision

ANS: B

36. Business ethics involves

a. how managers
decide on what is
right in conducting
business
b. how managers
achieve what they
decide is right for
the business
c. both a and b
d. none of the above
ANS: C

37. All of the following are conditions for fraud except

a. false representation
b. injury or loss
c. intent
d. material reliance

ANS: D

38. The four principal types of fraud include all of the following except
a. bribery
b. gratuities
c. conflict of interest
d. economic extortion

ANS: B

39. The characteristics of useful information include

a. summarization,
relevance,
timeliness,
accuracy, and
completeness
b. relevance,
summarization,
accuracy,
timelessness, and
completeness
c. timeliness,
relevance,
summarization,
accuracy, and
conciseness
d. disaggregation,
relevance,
timeliness,
accuracy, and
completeness
ANS: A

40. Internal control system have limitations. These include

a. possibility of
honest error
b. circumvention
c. management
override
d. stability of systems
ANS: D

41. Management can expect various benefits to follow from implementing a system of
strong internal control. Which of the following benefits is least likely to occur?
a. reduced cost of an
external audit.
b. prevents employee
collusion to commit
fraud.
c. availability of
reliable data for
decision-making
purposes.
d. some assurance of
compliance with
the Foreign Corrupt
Practices Act of
1977.
e. some assurance that
important
documents and
records are
protected.
ANS: B

42. Which of the following situations is not a segregation of duties violation?

a. The treasurer has
the authority to sign
checks but gives the
signature block to
the assistant
treasurer to run the
check-signing
machine.
b. The warehouse
clerk, who has the
custodial
responsibility over
inventory in the
warehouse, selects
the vendor and
authorizes
purchases when
inventories are low.
c. The sales manager
has the
responsibility to
approve credit and
the authority to
write off accounts.
 d. The department
time clerk is given
the undistributed
payroll checks to
mail to absent
employees.
e. The accounting
clerk who shares
the record keeping
responsibility for
the accounts
receivable
subsidiary ledger
performs the
monthly
reconciliation of the
subsidiary ledger
and the control
account.
ANS: B

43. Which of the following is not an issue to be addressed in a business code of ethics re-
quired by the SEC?
a. Conflicts of interest
b. Full and Fair
Disclosures
c. Legal Compliance
d. Internal Reporting
of Code Violations
e. All of the above are
issues to be
addressed
ANS: E

SHORT ANSWER

1. What are the main issues to be addressed in a business code of ethics required by the
SEC?

ANS:
Conflicts of interest, Full and Fair Disclosures, Legal Compliance, Internal Reporting of Code Viola-
tions, Accountability

2. List the four broad objectives of the internal control system.

ANS:
safeguard assets,
ensure the accuracy and reliability of accounting records,
promote organizational efficiency,
comply with management’s policies and procedures

3. Explain the purpose of the PCAOB

ANS:
The PCAOB is empowered to set auditing, quality control, and ethics standards; to inspect registered
accounting firms; to conduct investigations; and to take disciplinary actions.

4. What are the five internal control components described in the SAS 78 / COSO
framework

ANS:
the control environment, risk assessment, information and communication, monitoring, and control
activities

5. What are management responsibilities under section 302 and 404?

ANS:
Section 302 requires that corporate management (including the CEO) certify their organization’s inter-
nal controls on a quarterly and annual basis. Section 404 requires the management of public companies
to assess and formally report on the effectiveness of their organization’s internal controls.

6. Identify to indicate whether each procedure is a preventive or detective control.

a. authorizing a credit Preventive Detective

sale
b. preparing a bank Preventive Detective
reconciliation
c. locking the Preventive Detective
warehouse
d. preparing a trial Preventive Detective
balance
e. counting inventory Preventive Detective

ANS:
A. preventive; B. detective; C. preventive; D. detective; E. detective

Use the internal control procedures listed below to complete the statements.

segregation of specific
duties authorization
general accounting records
authorization
access controls independent
verification
supervision

7. A clerk reorders 250 items when the inventory falls below 25 items. This is an exam-
ple of __________________________.

ANS:
general authorization

8. The internal audit department recalculates payroll for several employees each pay pe-
riod. This is an example of __________________________.

ANS:
independent verification
 9. Locking petty cash in a safe is an example of __________________________.

ANS:
access controls

10. Approving a price reduction because goods are damaged is an example of

__________________________.

ANS:
specific authorization

11. Using cameras to monitor the activities of cashiers is an example of

__________________________.

ANS:
supervision

12. Not permitting the computer programmer to enter the computer room is an example of
_______________________________.

ANS:
segregation of duties

13. Sequentially numbering all sales invoices is an example of

__________________________.

ANS:
accounting records

14. What are the five conditions necessary for an act to be considered fraudulent?

ANS:
false representation, material fact, intent, justifiable reliance, and injury or loss

15. What is the objective of SAS 99?

ANS:
The objective of SAS 99 is to seamlessly blend the auditor’s consideration of fraud into all phases of
the audit process.

16. Distinguish between exposure and risk.

ANS:
Exposure is the absence or weakness of a control which increases the firm’s risk of financial loss or
injury. Risk is the probability of incurring such a loss or injury.

17. Explain the characteristics of management fraud.

ANS:
Management fraud typically occurs at levels above where the internal control system is effective.
Financial statements are frequently modified to make the firm appear more healthy than it actually is.
If any misappropriation of assets occurs, it is usually well hidden.

18. The text discusses many questions about personal traits of employees which might
help uncover fraudulent activity. What are three?
ANS:
executives: with high personal debt, living beyond their means, engaged in habitual gambling, appear
to abuse alcohol or drugs, appear to lack personal codes of ethics, appear to be unstable

19. Give two examples of employee fraud and explain how the theft might occur.

ANS:
Charges to expense accounts: Cash could be stolen and charged to a miscellaneous expense account.
Once the account is closed, detection would be more difficult.

Lapping: This involves converting cash receipts to personal use. If a customer’s check is taken, his/her
balance will not reflect a payment and will be detected when a statement is sent. In order to conceal
this fraud, a later payment is used to cover the stolen check. This is in effect a small scale Ponzi
scheme.

20. What are the six broad classes of physical control activities defined by SAS
78?

ANS:
Transaction authorization, segregation of duties, supervision, access controls, accounting records, in-
dependent verification

ESSAY

1. The text describes six internal control activities. List four of them and provide a spe-
cific example of each one.

ANS:
Control Activity Example
Authorization general (purchase
of inventory when
level drops) or
specific (credit
approval beyond
normal limit)
Segregation of separate
functions authorization from
processing separate
custody of assets
from record
keeping
Supervision required when
separation of duties
is not possible, such
as opening the mail
(cash receipts)
Accounting records maintain an
adequate audit trail
Access controls maintain physical
security
Independent bank reconciliation,
verification physical inventory
count
 2. Contrast management fraud with employee fraud.

ANS:
Employee fraud is usually designed to directly convert cash or other assets to the employee’s personal
benefit.

Management fraud involves less of a direct benefit to the perpetrator. Management fraud may involve
an attempt to misstate financial performance in order to gain additional compensation or to earn a
promotion. Management fraud may also involve an attempt to misstate financial performance in order
to increase the price of the company’s stock or to reduce the cost of debt.

3. Discuss the importance of the Foreign Corrupt Practices Act of 1977 to the accounting
profession.

ANS:
The Foreign Corrupt Practices Act of 1977 (FCPA) is a law that requires all companies registered with
the Securities and Exchange Commission to:

keep records that fairly and reasonably reflect the transactions of the firm and its financial position

maintain a system of internal control that provides reasonable assurance that the organization’s objec-
tives are met

As a result of the Foreign Corrupt Practices Act of 1977, management devotes substantial time to de-
veloping and maintaining the internal control structure because failure to do so violates the FCPA and
could lead to heavy fines and imprisonment.

Accountants are key participants in establishing and maintaining the internal control structure. There-
fore, it is accountants who are instrumental in ensuring that the firm is in compliance with the Foreign
Corrupt Practices Act of 1977.

4. Why are the computer ethics issues of privacy, security, and property ownership of
interest to accountants?

ANS:
Privacy is a concern because the nature of computer data files makes it possible for unauthorized indi-
viduals to obtain information without it being recognized as “missing” from its original location.

Security is a concern because its absence makes control from a privacy viewpoint questionable. In ad-
dition lack of security may permit unauthorized changes to data, therefore distorting information that is
reported.

Property ownership raises issues of legitimacy of organizational software, valuation of assets, and
questions of lost revenues.

5. According to common law, there are five conditions that must be present for an act to
be deemed fraudulent. Name and explain each.

ANS:
In order for an act to be deemed fraudulent under common law, it must possess the following charac-
teristics:
false representation, meaning some misrepresentation or omission must have occurred,
material facts, meaning that the facts must influence someone’s actions,
intent, meaning there must have been the intention to deceive others,
justifiable reliance, meaning it did affect someone’s decision, and
injury or loss must have occurred.
 6. Management fraud is regarded as more serious than employee fraud. Three special
characteristics have been discussed for management fraud. What are they? Explain.

ANS:
It usually occurs at levels above the normal internal control system.
There is typically an intent to present a better picture of the business than is valid, often to deceive
creditors and/or shareholders.
If assets are misappropriated, the route is quite devious involving a maze of business transactions.

7. Four principal types of corruption are discussed. Name all four and explain at least
two.

ANS:
Corruption involves an executive, manager, or employee of a business working in collusion with an
outsider. The four principal types of corruption are: bribery, illegal gratuities, conflicts of interest, and
economic extortion.

Bribery involves giving, offering, soliciting, or receiving things of value to influence an official in the
performance of his or her lawful duties.

An illegal gratuity involves giving. receiving, offering, or soliciting something of value because of an
official act that has been taken.

A conflict of interest occurs when an employee acts on behalf of a third party during the discharge of
his or her duties or has self-interest in the activity being performed.

Economic extortion is the use (or threat) of force (including economic sanctions) by an individual or
organization to obtain something of value.

8. Misappropriation of assets can involve various schemes: charges to expense accounts,

lapping, and transaction fraud. Explain each and give an example.

ANS:
Charges to expense accounts involve fictitious charges to such accounts as miscellaneous expense to
offset theft of an asset. Because the expense account is closed to revenue at the end of the period, the
period in which it could be detected is short.

Lapping is a technique whereby an early theft is covered up by a later one, i.e., with the moves “lap-
ping” over each other. The simplest example involves taking a customer’s payment. A later payment is
then credited to the first customer’s account, not the second. And on it goes. This requires some control
over billing to avoid tipping off the last customer.

Transaction fraud involves deleting, altering, or adding false transactions to divert assets to the per-
petrator. For example, if an employee leaves the business and the supervisor fails to notify payroll and
continues to clock the employee in and out, a fraudulent paycheck would be produced. If, in addition,
the supervisor distributes the paycheck, it can be kept, and cashed.

9. Computer fraud is easiest at the data collection stage. Why?

ANS:
Computer fraud is easiest at the data collection stage because much of what occurs after the data col-
lection or input stage is not visible to human eyes. Once entered, the system will presume that the in-
put is legitimate and will process it as all others.

10. Explain why collusion between employees and management in the commission of a
fraud is difficult to both prevent and detect.
ANS:
Collusion among employees in the commission of a fraud is difficult to both prevent and detect. This is
particularly true when the collusion is between managers and their subordinate employees. Manage-
ment plays a key role in the internal control structure of an organization. They are relied upon to pre-
vent and detect fraud among their subordinates. When they participate in fraud with the employees
over whom they are supposed to provide oversight, the organization’s control structure is weakened, or
completely circumvented, and the company becomes more vulnerable to losses.

11. Since all fraud involves some form of financial misstatement, how is Fraudulent
Statement fraud different?

ANS:
Fraudulent statements are associated with management fraud. While all fraud involves some form of
financial misstatement, to meet the definition under this class of fraud scheme, the statement itself
must bring direct or indirect financial benefit to the perpetrator. In other words, the statement is not
simply a vehicle for obscuring or covering a fraudulent act. For example, misstating the cash account
balance to cover the theft of cash does not fall under this class of fraud scheme. On the other hand,
understating liabilities to present a more favorable financial picture of the organization to drive up
stock prices does qualify.

12. Explain the problems associated with lack of auditor independence.

ANS:
Auditing firms who are also engaged by their clients to perform non-accounting activities such as ac-
tuarial services, internal audit outsourcing services, and consulting lack independence. They are essen-
tially auditing their own work. This risk is that as auditors they will not bring to management’s atten-
tion detected problems that may adversely affect their consulting fees. For example, Enron’s auditors –
Arthur Andersen – were also their internal auditor’s and their management consultants.

13. Explain the problems associated with lack of director independence

ANS:
Many boards of directors are comprised of individuals who are not independent. Examples of lack of
independence are directors who: have a personal relationship by serving on the boards of other direc-
tors companies; have a business trading relationship as key customers or suppliers of the company;
have a financial relationship as primary stockholders or have received personal loans from the compa-
ny; have an operational relationship as employees of the company.

14. Explain the problems associated with Questionable Executive Compensation Schemes

ANS:
A survey by Thompson Financial revealed the strong belief that executives have abused stock-based
compensation. The consensus is that fewer stock options should be offered than currently is the prac-
tice. Excessive use of short-term stock options to compensate directors and executives may result in
short term thinking and strategies aimed at driving up stock prices at the expense of the firm’s long-
term health. In extreme cases, financial statement misrepresentation has been the vehicle to achieve the
stock price needed to exercise the option.

15. Explain the problems associated with inappropriate accounting practices.

ANS:
The use of inappropriate accounting techniques is a characteristic common to many financial statement
fraud schemes. Enron made elaborate use of Special Purpose Entities (SPE) to hide liabilities through
off balance sheet accounting. WorldCom management transferred transmission line costs from current
expense accounts to capital accounts. This allowed them to defer some operating expenses and report
higher earnings. Also, they reduced the book value of hard assets of MCI by $3.4 billion and increased
goodwill by the same amount. Had the assets been left at book value, they would have been charged
against earnings over four years. Goodwill, on the other hand, was amortized over much longer period.

16. Explain the purpose of the PCAOB.

ANS:
The Sarbanes-Oxley Act creates a Public Company Accounting Oversight Board (PCAOB). The
PCAOB is empowered to set auditing, quality control, and ethics standards, to inspect registered ac-
counting firms, to conduct investigations, and to take disciplinary actions.

17. Why is an Independent Audit Committee important to a company?

ANS:
The Sarbanes-Oxley Act requires all audit committee members to be independent and requires the au-
dit committee to hire and oversee the external auditors. This provision is consistent with many in-
vestors who consider the board composition to be a critical investment factor. For example, Thompson
Financial survey revealed that most institutional investors want corporate boards to be comprised of at
least 75% of independent directors

18. What are the key points of the “Issuer and Management Disclosure” of the Sarbanes-
Oxley Act?

ANS:
1. Public companies must report all off balance-sheet transactions.
2. Annual reports filed with the SEC must include a statement by management asserting that it is re-
sponsible for creating and maintaining adequate internal controls and asserting to the effectiveness
of those controls.
3. Officers must certify that the company’s accounts ‘fairly present’ the firms financial condition and
results of operations. Knowingly filing a false certification is a criminal offence.

19. In this age of high technology and computer based information systems, why are ac-
countants concerned about physical (human) controls?

ANS:
This class of controls relates primarily to the human activities employed in accounting systems. These
activities may be purely manual, such as the physical custody of assets, or they may involve the use of
computers to record transactions or update accounts. Physical controls do not relate to the computer
logic that actually performs these accounting tasks. This is the subject matter of chapter 16. Rather,
they relate to the human activities that initiate such computer logic. In other words, physical controls
do not suggest an environment in which clerks update paper accounts with pen and ink. Virtually all
systems, regardless of their sophistication, employ human activities that need to be controlled.

20. How has the Sarbanes-Oxley Act had a significant impact on corporate governance?

ANS:
The Sarbanes-Oxley Act requires all audit committee members to be independent and requires the au-
dit committee to hire and oversee the external auditors. This provision is consistent with many in-
vestors who consider the board composition to be a critical investment factor. For example, a Thomson
Financial survey revealed that most institutional investors want corporate boards to be comprised of at
least 75 percent independent directors.

21. Discuss the non accounting services that external auditors are no longer permitted to
render to audit clients under SOX legislation.

ANS:
The Act addresses auditor independence by creating more separation between a firm’s attestation and
non-auditing activities. This is intended to specify categories of services that a public accounting firm
cannot perform for its client. These include the following nine functions:
• Bookkeeping or other services related to the accounting records or financial statements;
• Financial information systems design and implementation;
• Appraisal or valuation services, fairness opinions, or contribution-in-kind reports;
• Actuarial services;
• Internal audit outsourcing services;
• Management functions or human resources;
• Broker or dealer, investment adviser, or investment banking services;
• Legal services and expert services unrelated to the audit; and
• Any other service that the PCAOB determines is impermissible.
While the Sarbanes-Oxley Act prohibits auditors from providing the above services to their audit
clients, they are not prohibited from performing such services for non-audit clients or privately held
companies.

22. What are the key points of the “Issuer and Management Disclosure” of the Sarbanes-Oxley
Act?

ANS:
The Sarbanes-Oxley Act imposes new corporate disclosure requirements including:

Public companies must report all off-balance-sheet transactions.

Annual reports filed with the SEC must include a statement by management asserting that it is respon-
sible for creating and maintaining adequate internal controls and asserting to the effectiveness of those
controls.

Officers must certify that the company’s accounts “fairly present” the firm’s
financial condition and results of operations. Knowingly filing a false certification is a criminal of-
fence.