Contents

Sarbanes Oxley. 8

Public Company Accounting Oversight Board. 8

AS 2201: An Audit of Internal Control Over Financial Reporting That Is Integrated with An Audit of Financial Statements. 10

Introduction. 10

AS 2201 Approach. 11

Materiality. 11

Using a Top-Down Approach. 11

Identifying Entity-Level Controls. 11

Identifying Significant Accounts and Disclosures and Their Relevant Assertions. 13

Understanding Likely Sources of Misstatement. 15

Selecting Controls to Test. 16

Specific Procedures Related to Spreadsheets to Comply with Section 404 and PCAOB AS 2201. 16

Inventory all spreadsheets. 17

Determine how current spreadsheets are being used. 17

Determine the risk factors of the spreadsheet. 17

Evaluate compensating controls for risk factors. 18

Documentation of procedures. 18

Remediation. 19

Controls that Excel supports. 19

Access to the spreadsheet is limited to authorized users – Passwords. 19

Controls to validate user input – data validation. 21

Review Questions. 30

Spreadsheets protected against unauthorized changes – Cell protection. 31

Spreadsheets protected against unauthorized changes –Workbook Protection. 41

Spreadsheet Documentation is Adequate – Comments. 42

A Logic inspection by an independent party is performed – Formula Auditing. 44

Highlighting all cells containing formulas. 44

Trace Precedent and Dependent Cells. 47

Error Checking. 51

Watch Window.. 52

Logic Inspection – Inspect Document. 53

Controls not supported by Excel 57

Review Questions: 59

Answers to Review Questions. 65