A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 0-9 END

- A - Ç Top

Examination of the financial reporting statements, processes and controls to produce those financial statements.

A committee of either internal and/or external members of a public reporting company established by the Issuer (a public company) to review, respond and become responsible for the auditing of a company’s financial reporting and auditing compliance.

- B - Ç Top

A 5-member committee appointed by the Commission, know as the Public Company Accounting Oversight Board established by the Commission [PCAOB of the SEC], to set the standards and rules to oversee the auditing of public companies according to the SOA/SOX.

- C - Ç Top

A Checklist of Internal Controls, Policies, Processes and Procedures could be summarized as follows:

The COSO was part of the framework of the Treadway Commission. This Act includes various sectional provisions, issued by the SEC, that define the internal control requirements that companies must adhere to in irder to become SOA/SOX Compliant. COSO defines internal controls as: " a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of abjectives in the following categories:

Security and Exchanges Commission [SEC]. Enforces the Security and Exchange Act of 1934.

A buzzword that is not about technology, but more about a strategy to provide business solutions that benefit the customer by any entity that provides a product of service to their customers. CRM is a customer-centric business strategy that triggers changes in functional roles in the company that require new and innovative processes, delivered by solid technological systems and people. More than software, CRM provides the insight by a company to change and reengineer its operational business processes to provide the best service and products to the customer. Though the development of CRM is based on the foundation of Software, Hardware and Networks (pure technology solutions), CRM is brought on by the vision and commitment of management and staff.

Best practices of CRM never end; in fact, they are ongoing and continually changing the way a company provides services and products to the customer. In simplistic terms, following these points of effectiveness will develop the "best practices" of the organization:

- D - Ç Top

The definition of Deficiencies and Weaknesses according to Auditing Standards are as follows:

- E - Ç Top

- F - Ç Top

Financial Accounting Standards Board – An organization whose mission is to establish and improve standards of financial accounting and reporting for the guidance and education of the public, including issuers, auditors, and users of financial information.

- G - Ç Top

Generally Accepted Accounting Principles - The common set of accounting principles, standards and procedures. GAAP is a combination of authoritative standards (set by policy boards) and the accepted ways of doing accounting.

A method, process or procedures to identify and deliver the remediation of risk and inadequate controls relating the SOA/SOX.

- H - Ç Top

- I - Ç Top

Internal Controls, as defined by the COSO is a process that iseffected by the company’s Board of Directors, Senior Management, Management and other directed personnel that drives business success in 3 areas:

A worldwide federation of national standards bodies. Best known for the 7-layer OSI Reference Model. The national standards body of the United States is ANSI. Visit www.iso.org or www.iso.ch for detailed information. Note that ISO is not an acronym, but a derivative of the Greek isos, meaning equal. ISO. A network of national standards institutes from 148 countries working in partnership with international organizations, governments, industry, business and consumer representatives. Also considered a bridge between public and private sectors that establish standards.

Defined in the SEC section 3 – a public reporting company. An Issuer falls into 2 categories for compliance deadlines - Public Reporting Issuers – Market Capitalizations of:

- J - Ç Top

- K - Ç Top

- L - Ç Top

- M - Ç Top

Market capitalization is just a fancy name for a straightforward concept of the value of a public reporting company. Quite simply, it refers to the value of a company, that is, the market value of its outstanding shares. This figure is found by taking the stock price and multiplying it by the total number of shares outstanding. For example, if Cory's Tequila Corporation (CTC) was trading at $20 per share and had 1 million shares outstanding, then the market capitalization would be $20 million ($20 * 1 million shares). It's that simple. You often hear companies or different mutual funds being categorized as "small-cap," "mid-cap," or "large-cap." But what do these terms really mean? The "cap" is short for capitalization, which is a measure by which we can classify a company's size. Although the criteria for the different classifications are not strictly bound, it is important for investors to understand these terms, which are not only ubiquitous but also useful for gauging a company's size and riskiness. Typical definition of a company’s capitalization:

- N - Ç Top

Service supplied to the Issuer by the Auditing firm that are not related to the financial audit. All registered Public Accounting Firms can not supply Non-Audit Services that directly impact the financial audit, to include:

- O - Ç Top

Officers - Publicly Traded Company (or for a Private Company too)

The number of shares that are currently owned by investors. This includes restricted shares (shares owned by the company's officers and insiders) and shares held by the public. Shares that the company has repurchased are not considered outstanding stock. Also known as Issued and Outstanding. Typical definition of a company’s capitalization:

- P - Ç Top

Use of Passwords is an absolute necessity in the security of computer systems and applications. Passwords should contain a variety of letters and numbers. There are many standards for the enforcement of Passwords. These are typically the guidelines a company should follow when enforcing good Password Policies:

Within certain systems, the use of "Complex Passwords" is required and should be utilized throughout the Operating Systems Login process and in all Applications. An example of Complex Passwords are as follows:

Also, it is strongly advised not to use the names of family members, pet names or special interest hobbies or sports because a suspected friend or associate may be able to determine your Password.

Accounting principles imposed onto the financial audit the Public Accounting Firm; using GAAP and other quality control standards to test the record keeping and reporting of the financial statements of an Issuer.

An entity, how ever classified as a company, that performs the auditing and reporting of the financial statements of an Issuer. IF Registered with the Board [PCAOB], they are able to conduct the audits legally under the law of the SOA. Registration was to be completed by 10/23/2003.

- Q - Ç Top

- R - Ç Top

Bylaws and rules that are submitted and approved by the Commission in accordance with the SOA.

- S - Ç Top

The Act, H.R. 3763, signed into Law by President George W. Bush on July 30, 2002 to provide protection to the investment community regarding the financial audit and reporting of public companies. The Act was introduced by Senator Paul S. Sarbanes (MD) and Congressman Michael G. Oxley (OH).

MKG has accumulated a variety of material and definitions regarding SOA/SOX. This definition, written by MKG, puts the details in perspective:

The Sarbanes-Oxley Act of July 2002 was passed by the United States Congress and President of United States due to the financial "fall-out" and corporate scandals of public companies such as Enron, Anderson, Qwest, Worldcom and other public reporting companies. The Executive Management, Board of Directors and Auditors of these companies were inadequate in the reporting of their financial condition; insomuch that certain aspects of the responsible and accountable parties were not reporting their correct financial position to the shareowners of the company (Shareholders, Investors, Customers and Employees). These public companies MUST:

SAS 70

An acronym for Statement on Auditing Standard (SAS).  An audit conducted in accordance with Statement on Auditing Standard (SAS) No. 70 is a highly specialized audit of the design and operational effectiveness of a service organization’s internal controls over processing transactions for user organizations.  There are 2 types of SAS 70 auditing standard reports;

(a)    Type I; and,

(b)   Type II.

Service auditor reports vary in content based on whether the report is a Type I or Type II report. The following table outlines the sections included in each type of service auditor’s report.

It is important to note that the content of a service auditor’s opinion letter varies depending on the type of report. The following table outlines the differences between a Type I and Type II opinion letter.

This information was acquired from http://www.sas70solutions.com.

A United States Federal Agency whose primary mission [U.S. Securities and Exchange Commission (SEC or Commission)], is to protect investors and maintain the integrity of the securities markets. As more and more first-time investors turn to the markets to help secure their futures, pay for homes, and send children to college, these goals are more compelling than ever.

Many definitions of Security are:

As it pertains to the SEC Act of 1934, section 3(a)(47).

Statements of Financial Accounting Standards - The final product of most technical projects issued to FASB is a Statement of Financial Accounting Standards (SFAS). Like the Exposure Draft, the Statement sets forth the actual standards, the effective date and method of transition, background information, a brief summary of research done on the project and the basis for the Board’s conclusions, including the reasons for rejecting significant alternative solutions. It also identifies members of the Board voting for and against its issuance and includes reasons for any dissents.

From the Six Sigma website: Six Sigma at many organizations simply means a measure of quality that strives for near perfection. Six Sigma is a discipline, data-driven approach and methodology for eliminating defects (driving towards six standard deviations between the mean and the nearest specification limit) in any process – from manufacturing to transactional, and from product to service. Essentially, when Six Sigma methodology is employed in a business, several elements of the process must be performed, called the DMAIC sub-methodolgy:

Another sub-methodology of Six Sigma that employs the improvement of a business product and service is DMADV:

Acronyms for the Sarbanes-Oxley Act name – just easier to say, read and print in some cases.

There are several software products available to utilize that function as compliance software systems used in conjunction with the Sarbanes-Oxley Act. These software products, for the most part, supports companies' corporate governance activities by addressing the specifics of Sections 404 and 302 of the Sarbanes-Oxley Act, as well as ongoing modifications and additions proposed by the SEC and other regulatory organizations:

Is the United States of America and territories and possessions that under the governing rule of the SOA/SOX.

System or Systems

According to "whatis.com"; A system or systems is a collection of elements or components that are organized for a common purpose. The word sometimes describes the organization or plan itself (and is similar in meaning to method, as in "I have my own little system") and sometimes describes the parts in the system (as in "computer system").

A computer system consists of hardware components that have been carefully chosen so that they work well together and software components or programs that run in the computer. The main software component is itself an operating system that manages and provides services to other programs that can be run in the computer. A filing system is a group of files organized with a plan (for example, alphabetical by customer). All of nature and the universe can be said to be a system. We've coined a word, ecosystem, for the systems on Earth that affect life systems. The term can be very useful because so many things can be described as systems. It can also be very unuseful when a more specific term is needed.

- T - Ç Top

The popular name for the National Commission on Fraudulent Financial Reporting. This name was given to this organization, and is popular to the name because of the organizations first chairman, former SEC Commissioner James C. Treadway. The Commission has issued suggestions on the prevention of fraud and deceptive practices in area of financial reports and documentation. Also referred to as the COSO (Committee Of Sponsoring Organizations).

This Commission was setup in 1985 for the purpose of studying acts of fraud and neglect regarding financial reporting of publicly traded companies. Its purpose was to review, analyze, verify and provide suggested proposals because of an increase in fraud and deceptive practices among publicly traded companies. The Treadway Commission produced many suggestive actions for publicly traded companies to follow. Some of these are mentioned in the websites listed above by providing guidelines to publicly traded companies and their independent auditors, suggestions and recommendations to regulatory agencies, the SEC, and to the Universities, Colleges & Institutions that train in these areas that are directly involved in the auditing and preparing of financial reporting. The Treadway Commission is sponsored by:

- U - Ç Top

- V - Ç Top

- W - Ç Top

- X - Ç Top

- Y - Ç Top

- Z - Ç Top

- 0-9 - Ç Top

A required reporting document by a publicly traded company that occurs 1 time per year at year end (the company’s fiscal year end). This is a requirement set forth in the SEC Act of 1934.

A required reporting document by a publicly traded company that occurs 3 times per year, considered part of a Quarterly filing of the company’s fiscal quarter (excluding the annual filing, that which is called the 10-K). This is a requirement set forth in the SEC Act of 1934.

101 thru 1107 - Titles & Sections Listings from the Sarbanes-Oxley Act

The Quarterly and Annual Certification of Disclosure of the Internal Controls; to include Policies, Processes and Procedures. CEOs and CFOs must personally certify that they are responsible for the disclosure of the financial statements, internal controls and the documentation and processes that enforce those controls. This examination and certification must be accomplished each and every quarterly reporting of the financial 10-Q; 3 times per year; and, also at the end of the year when filing the 10-K.

The annual assessment of the Policies, Processes and Procedures and the Internal Controls for Financial reporting. This section requires an annual review of all internal controls and processes for the financial reporting period. The Independent Auditing company must review these financial and internal control procedures and processes and certify that they meet the letter of the law as it pertains to this Section.

This section requires CEOs and CFOs to sign and certify the periodic reporting requires containing the financial reports. The certification states that the company is in compliance with ESC reporting rules and regulations and that these financial reports represent the true financial position of the company. Not complying with this section, and for that matter, any section that requires corporate governance carries stiff penalties of up to $5 million and imprisonment of up to 20 years.

- END - Ç Top