Big4Guy

Sometime back, I had discussed the internal audit department's role in an antifraud program and how, it can act as a proactively towards fraud detection and prevention. Going forward, once an antifraud program has
been implemented, normally significant deficiencies and material weaknesses are identified during the course of the internal controls review. The way in which these deficiencies and weaknesses are handled by the audit committee and board of directors tells a lot about the control environment and how risks would be handled by the management. The best way to understand the "tone at the top" is to see the way such significant deficiencies and material weaknesses are handled by the board. Section 302 of the Sarbanes Oxley act requires the principal executive officers and principal financial officers (CEO and CFO) to certify and disclose the following three aspects:

- Significant deficiencies in the design and operation of internal controls which has a direct impact on the financial transaction recording, processing, summarizing, and reporting financial data.

- Any material weaknesses in internal control.

- Any fraud irrespective of its materiality involving the management or employees which can have a direct impact on the internal controls of the organization.

My experience also reveals that significant deficiencies in internal controls which have been reported to the audit committee / senior mangement and are uncorrected are a very strong indication of material
weaknesses. It is for the audit committees to ensure that significant deficiencies are handled at their end and a proper follow-up mechanism is built to check compliance.