Professional Documents
Culture Documents
Corporate Scandals
...
.
.
Sarbense-
)Oxely Act (SOA
3
2002
.
170 421 3 8
. 99 1 .
2002/06/23
2002/07/30 SEC .
1933
1960
1944 1944
1969 .
6
- 2002
- :
2002
.
1934
.
11 66 .
:
PCAOB
:
PCAOB
-
10
-101
-102
-103
-104
-105
-106
-107
-108
-109
: :
12
: :
-
13
-201
-202
-203
-204
-205
-206
-207
-208
-209
15
:
-
16
-301
-302
-303
-304
-305
-306
-307
-308
.
.
18
19
-401
-402
-403
-404
-405
-406
-407
-408
-409
( .
)
-501
) (RSA )(NSE
21
:
.
23
-601
-602
-603
-604
25
-701
-702
-703
-704
-705
:
.
27
:801
:802
:803
:804
-805
-806
-807
:
( )
.
.
29
-901
-902
-903
-904 1974
-905
-906
-1001
/
31
:
.
33
34
-1001
-1102
-1103
-1104
-1105
-1106 1934
-1107
36
37
( )
38
5
8
.
/
39
20
14/4/1384 .
40
SEC
SOX
- SEC
42
- 2002
.
.
.
44
1970
.
1970
.
.
45
.
1970
.
46
.
1929 1933 1934
.
1939
.
.
.
103 18
.
48
1933 ....
.
50
1933
1934
1940
20
30
PCAOB
PCAOB
-
( )PCAOB
.
.
.
52
PCAOB
53
101 - :
1933
.
.
. 5
. 2 .
. 5
5
.
PCAOB
54
:
( )
- .
PCAOB
55
:
108
FASB
:
.
.
5 . 7
.
57
58
:
.
59
60
:
.
61
404
-404
63
404
.
:
1
2
.
404
.
-404
2004 2
2004 .
64
-404
2004 -
.
.
.
65
-404
66
Control Activities
Control Environment
Information and Communication
Pertinent information identified, captured
and communicated in a timely manner.
Access to internally and externally
generated information.
Flow of information that allows for
successful control actions from
instructions on responsibilities to
summary of findings for management
action.
Risk Assessment
Risk assessment is the
identification and analysis of
relevant risks to achieving the
entitys objectives-forming the
basis for determining control
activities.
Federal
Sentencing
Guidelines
Experience from other
industry sectors
OIG Compliance
Program Guidance
Code of Conduct
Commitment by senior
management
Distribution to applicable
employees and contractors
Updating to address
new risks
Values approach
Records retention
High-level involvement
Lines of Communication
Oversight Responsibility
Hotlines
Exit interviews
Periodic surveys
Supervisor accountability
Documentation of issues
identified and resolved
Periodic reports on issues
handled
Non-retaliation policy
Prompt investigations of
reasonable allegations of
suspected noncompliance
Decisive steps to correct
problems identified
Reporting to Government when
appropriate under the advice of
legal counsel
Disclosure Requirements
Disclosure
Controls
and
Procedures
Operations
Financial
Reporting
Internal
Accounting
Controls
Compliance
Other aspects
of Compliance
and Operations
pertaining to
DC&P
Internal Controls
Over Financial
Reporting
76
77
Emerging Model
Board
Chief
Compliance
Officer
Financial Risk
Regulatory Risk
Systems/IT Risks
Operational Risks
Day-to-Day
Operations
Quality, compliance and business risks managed in a coordinated manner easier to see key interrelationships and interdependencies
78
79
...
.
.
81
Sarbense- Oxely
CFO.com 6
2007 SEC
PAOCB .
404
( )
SEC
330
404
.
82
!
( )FASB
SEC FASB
.
83
( SEC )
.
84
1383
1372
.
.
85
1386 74
36
.
86
:
!!
!
87
:
.
:
88
Any question
90