Skip to Content

Notice

Public Company Accounting Oversight Board; Order Approving Proposed Auditing Standard No. 5, An Audit of Internal Control Over Financial Reporting That Is Integrated With an Audit of Financial Statements, a Related Independence Rule, and Conforming Amendments

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble July 27, 2007.

I. Introduction

On May 25, 2007, the Public Company Accounting Oversight Board (the “Board” or the “PCAOB”) filed with the Securities and Exchange Commission (the “Commission”) Proposed Auditing Standard No. 5, An Audit of Internal Control Over Financial Reporting that is Integrated with an Audit of Financial Statements (“Auditing Standard No. 5”), a Related Independence Rule 3525, and Conforming Amendments, pursuant to Section 107 of the Sarbanes-Oxley Act of 2002 (the “Act”) and Section 19(b) of the Securities Exchange Act of 1934 (the “Exchange Act”). Auditing Standard No. 5 will supersede Auditing Standard No. 2, An Audit of Internal Control Over Financial Reporting Performed in Conjunction with an Audit of Financial Statements (“Auditing Standard No. 2”), to provide the professional standards and related performance guidance for independent auditors when an auditor is engaged to perform an audit of management's assessment of the effectiveness of internal control over financial reporting that is integrated with an audit of the financial statements pursuant to Sections 103(a)(2)(A)(iii) and 404(b) of the Act. Additionally, Rule 3525 further implements Section 202 of the Act's pre-approval requirement by requiring auditors to take certain steps as part of seeking audit committee pre-approval of internal control related non-audit services. Finally, the conforming amendments update the Board's other auditing standards in light of Auditing Standard No. 5, move certain information that was contained in Auditing Standard No. 2 to the Board's interim standards, and change the existing requirement that “generally, the date of completion of the field work should be used as the date of the independent auditor's report” to “the auditor should date the audit report no earlier than the date on which the auditor has obtained sufficient competent evidence to support the auditor's opinion.”

Notice of the proposed standard, the related independence rule, and the conforming amendments was published in the Federal Register on June 12, 2007,[1] and a supplemental notice of additional solicitation of comments on the rules and amendments was published in the Federal Register on June 20, 2007 (“Supplemental Notice”).[2] The Commission received 37 comment letters on the proposed rules and amendments. For the reasons discussed below, the Commission is granting approval of the proposed standard, the related independence rule, and conforming amendments.

II. Description

The Act establishes the PCAOB to oversee the audits of public companies and related matters, in order to protect the interests of investors and further the public interest in preparation of informative, accurate and independent audit reports.[3] Section 103(a) of the Act directs the PCAOB to establish auditing and related attestation standards, quality control standards, and ethics standards to be used by registered public accounting firms in the preparation and issuance of audit reports as required by the Act or the rules of the Commission.

Section 103(a)(2)(A)(iii) of the Act requires the Board's standard on auditing internal control to include “testing of the internal control structure and procedures of the issuer * * *.” Under Section 103, the Board's standard also must require the auditor to present in the audit report, among other things, “an evaluation of whether such internal control structure and procedures * * * provide reasonable assurance that transactions are recorded as necessary to permit the preparation of financial statements in accordance with generally accepted accounting principles * * *.” Section 404 of the Act requires that registered public accounting firms attest to and report on an assessment of internal control made by management and that such attestation “shall be made in accordance with standards for attestation engagements issued or adopted by the Board.”

The Board's proposed Auditing Standard No. 5, which will supersede Auditing Standard No. 2, provides the new professional standards and related performance guidance for independent auditors to attest to, and report on, management's assessment of the effectiveness of internal control over financial reporting under Sections 103 and 404 of the Act.

The auditor's report on internal control over financial reporting issued pursuant to Auditing Standard No. 5 will express one opinion—an opinion on whether the company has maintained effective internal control over financial reporting as of its fiscal year-end. In order for the auditor to render an opinion, Auditing Standard No. 5 requires the auditor to evaluate and test both the design and the operating effectiveness of internal control to be satisfied that management's assessment about Start Printed Page 42142whether the company maintained effective internal control over financial reporting as of its fiscal year-end is correct and, therefore, fairly stated. Additionally, paragraph 72 of Auditing Standard No. 5 requires the auditor to evaluate whether management has included in its annual assessment report all of the disclosures required by Commission rules.[4] If the auditor determines that management's assessment is not fairly stated, Auditing Standard No. 5 requires that the auditor modify his or her audit report on the effectiveness of internal control over financial reporting.

III. Discussion

As discussed in detail below, the Commission believes there are many aspects of Auditing Standard No. 5 that are expected to result in improvements in both the effectiveness and efficiency of integrated audits that are currently being conducted in accordance with Auditing Standard No. 2. For example, Auditing Standard No. 5 focuses the audit on the matters most important to internal control. Auditing Standard No. 5 also eliminates unnecessary procedures by, among other things, removing the requirement to evaluate management's process; permitting consideration of knowledge obtained during previous audits; refocusing the multi-location testing requirements on risk rather than coverage; and removing unnecessary barriers to using the work of others. Further, Auditing Standard No. 5 encourages scaling of the audit for smaller companies by directing the auditor to tailor the audit to reflect the attributes of smaller, less complex companies. Lastly, Auditing Standard No. 5 simplifies the requirements by reducing detail and specificity; reflecting more accurately the sequential flow of an audit of internal control; and improving readability.

The PCAOB received 175 comment letters when it published a draft of Auditing Standard No. 5 for public comment on December 19, 2006. On April 4, 2007, the Commission held an open meeting to discuss the comments received by the PCAOB and by the Commission in connection with its proposed interpretive guidance for management. At this meeting the Commission directed its staff to focus on four areas when working with the PCAOB staff: Aligning the proposed auditing standard with the Commission's proposed interpretive guidance for management, particularly with regard to prescriptive requirements, definitions and terms; scaling the audit to account for the particular facts and circumstances of all companies, particularly smaller companies; encouraging auditors to use professional judgment, particularly in using risk-assessment; and following a principles-based approach to determining when and to what extent the auditor can use the work of others.[5]

The PCAOB addressed these areas, in addition to other matters raised by commenters, in the version of Auditing Standard No. 5 that was filed with the Commission. For example, the PCAOB made revisions to its proposed standard to: Make the auditing standard more principles-based and reduce prescriptiveness; align definitions and terminology with the Commission's final interpretive guidance for management; better incorporate scaling concepts throughout the auditing standard; further emphasize fraud controls; enhance and align the discussion of entity-level controls; eliminate the requirement to separately assess risk at the individual control level; clarify the manner in which the evidence regarding design of controls can be obtained; and clarify the framework by which auditors can make judgments regarding whether and to what extent the auditor can use the work of others, including management.

The Commission received 37 comment letters in response to its request for comments on Auditing Standard No. 5, the related independence rule, and conforming amendments. The comment letters came from issuers,[6] registered public accounting firms,[7] professional associations,[8] investors,[9] and others.[10] In general, many commenters expressed support for the proposed standard [11] and recommended that the Commission approve the standard and the related conforming amendments, with some of these commenters requesting that this approval be done on an expedited basis to enable auditors to implement the provisions of Auditing Standard No. 5 prior to the required effective date.[12] A number of the commenters noted that the new audit standard includes appropriate investor safeguards, will facilitate a more effective and efficient approach to the implementation,[13] and that the PCAOB appropriately responded to concerns raised by issuers, auditors, investors and others.[14] Specifically, some commenters noted that the standard's focus on principles rather than prescriptive requirements expands the opportunities for auditors to apply well-reasoned professional judgment.[15] Many of these commenters had provided similar communication directly to the PCAOB during its comment period, and to the Commission as part of its consideration of its proposed interpretive guidance for management.

A few commenters expressed their continuing concerns that the Commission (in its recently approved rule amendments) and the PCAOB had retained the wrong auditor opinion, indicating their belief that auditors should opine on the assessment made by management in order to comply with Start Printed Page 42143Section 404(b) of the Sarbanes-Oxley Act.[16] These commenters expressed their belief that the auditor's opinion directly on internal control over financial reporting (as opposed to management's assessment) entails unnecessary and duplicative work. The Commission has carefully considered this comment and continues to believe that, consistent with Sections 103 and 404 of the Sarbanes-Oxley Act, the Commission's recent rule amendments and Auditing Standard No. 5 require the appropriate opinion to be expressed by the auditor. The Commission notes that this view is consistent with the view expressed by the Board in its release. Further, the Commission believes that an auditing process that is restricted to evaluating what management has done would not necessarily provide the auditor with a sufficient level of assurance to render an independent opinion as to whether management's assessment about the effectiveness of internal control over financial reporting is correct.[17] Finally, the Commission believes that the expression of a single opinion directly on the effectiveness of internal control over financial reporting provides clear communication to investors that the auditor is not responsible for issuing an opinion on management's process for evaluating internal control over financial reporting.[18] In the Commission's view, such an opinion may not only have the unintended consequence of hindering management's ability to apply appropriate judgment in designing their evaluation approach, but also may have the effect of increasing audit costs without commensurate benefit to issuers and investors.

Two commenters noted their belief that there was not sufficient incentive for auditors to modify their methods of performing the audit of internal control and therefore, were concerned that the benefits afforded by Auditing Standard No. 5 would not be fully realized. These commenters noted that it was important for the PCAOB to adjust its inspection program to align it with the changes in the audit standard and to respect the auditors' use of judgment in conducting the audit.[19] Additionally, commenters noted that the PCAOB's inspection process should monitor the extent to which, and the expediency with which, audit firms implement Auditing Standard No. 5 in the manner expected.[20] This has been an area both the Commission and the PCAOB recognize and continue to focus on. For example, it was an area specifically identified in the Commission's and the PCAOB's 2006 announcement of actions following the Commission's second roundtable on Section 404 implementation.[21] The PCAOB has incorporated procedures to evaluate the efficiency and effectiveness of audits of internal control over financial reporting in their inspection process and, in April 2007, issued its second report on auditors' implementation of the internal control standard.[22] The Commission also recognizes this concern and, as a result and consistent with its previous 2006 announcement in this area, will be carefully monitoring the implementation, including directing the Commission staff to examine whether the PCAOB inspections of registered accounting firms have been effective in encouraging changes in the conduct of integrated audits to improve both efficiency and effectiveness of attestations on internal control over financial reporting.

The Commission received one comment with respect to the indicators of a material weakness that are included in Auditing Standard No. 5. Under Auditing Standard No. 5, if an auditor determines that a deficiency might prevent prudent officials from concluding that they have reasonable assurance that transactions are recorded as necessary to permit the preparation of financial statements in conformity with generally accepted accounting principles, an auditor should regard such a determination as an indicator of a material weakness. One commenter took exception to this requirement and requested that such a determination made by the auditor be regarded as an indicator of a deficiency that is at least a significant deficiency rather than an indicator of a material weakness; or that Auditing Standard No. 5 be revised to use the word “would” instead of “might” when describing the level of assurance that would satisfy prudent officials in the conduct of their own affairs.[23] The Commission notes that the commenter's suggestion to change the word “might” to “would” is not necessary or appropriate given that the PCAOB and the Commission both stated in their respective releases that the determination of whether or not a material weakness exists requires judgment and the presence of one or more indicators does not mandate a conclusion that a material weakness exists. Moreover, the Commission notes that the indicators are not intended to supplant or replace the definition of material weakness. This particular indicator is intended as a reminder of the requirement in Section 13(b)(2)(B) of the Exchange Act that every issuer “devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances” and of the explanation in Section 13(b)(7) of the Exchange Act that the term “reasonable assurances” in this context means “such level of detail and degree of assurance as would satisfy prudent officials in the conduct of their own affairs.” The Commission agrees with the list of indicators of a material weakness included in Auditing Standard No. 5, and agrees with the principles in Auditing Standard No. 5, which allow an auditor to use his or her judgment.

The Commission received one comment with respect to the PCAOB's proposed Independence Rule 3525, which relates to the requirement for auditors to obtain audit committee pre-approval of non-audit services related to internal control over financial reporting. This commenter requested a transition provision in order to clarify that internal control-related services pre-approved by audit committees before the final rule is approved by the Commission do not require re-approval under Rule 3525.[24] Auditing Standard No. 2 (paragraph 33) required specific pre-approval of internal-control related non-audit services. The Commission notes that non-audit services that have already been pre-approved by audit committees would not require re-approval with the communications required by Rule 3525. Accordingly, a transition period is not necessary.

The Commission did not receive any comments with respect to the PCAOB's proposed conforming amendments. In some cases, these proposed amendments are administrative in nature, such as updating references in the interim standards to the proposed Start Printed Page 42144new standard's paragraph numbers and definitions. In other cases, the amendments have been proposed to move information currently contained in Auditing Standard No. 2 to the Board's existing standards. Further, the Commission notes that the Board addressed the single comment that it received on its conforming amendments. The Commission believes that the conforming amendments proposed by the Board are appropriate.

As proposed by the PCAOB, Auditing Standard No. 5, PCAOB Rule 3525, and the Conforming Amendments will be effective and required for integrated audits conducted for fiscal years ending on or after Nov. 15, 2007. However, earlier adoption is permitted by the Board. The Board has stated that auditors who elect to comply with Auditing Standard No. 5 after Commission approval but before its effective date must also comply, at the same time, with Rule 3525 and other PCAOB standards as amended by this release. The Commission believes the effective date allows for appropriate transition time and at the same time encourages early adoption. In that regard, the Commission's recent amendments to Regulation S-X become effective on August 27, 2007 and the Commission will begin accepting the single auditor's attestation report on the effectiveness of internal control over financial reporting prescribed in Auditing Standard No. 5 in timely filings received starting on that date.

In its Supplemental Notice, the Commission sought comments on seven specific questions. The following discussion addresses the comments received related to each of those questions.

(1) Is the standard of materiality appropriately defined throughout AS5 to provide sufficient guidance to auditors? For example, is materiality appropriately incorporated into the guidance regarding the matters to be considered in planning an audit and the identification of significant accounts?

The majority of the commenters who expressed a view on this question noted that Auditing Standard No. 5 appropriately addresses the concept of materiality when planning and performing an integrated audit.[25] Some commenters elaborated that while application of materiality concepts in the context of planning and performing an audit requires the use of judgment, Auditing Standard No. 5 specifies the basis on which those judgments should be made.[26]

A few commenters expressed a view that some auditors may need further and clearer guidance than is provided.[27] However, one commenter indicated its view that the Commission should not provide more guidance and interpretation, especially as related to the application of quantitative criteria to the definitions of material weakness and significant deficiency.[28] Moreover, another commenter noted that although its view was that materiality was not sufficiently defined in Auditing Standard No. 5, it recognized that the definition of materiality extends to matters beyond just Section 404 of the Act.[29]

The Commission agrees that Auditing Standard No. 5 adequately addresses materiality throughout the standard. For example, as a number of commenters observed, paragraph 20 of Auditing Standard No. 5 states that “in planning the audit of internal control over financial reporting, the auditor should use the same materiality considerations he or she would use in planning the audit of the company's financial statements.” Further, the Commission does not believe that the auditing standard is the appropriate forum to address broader questions about materiality, as the concept of materiality is fundamental to the federal securities laws.

(2) Please comment on the requirement in Paragraph 80 that the auditor consider whether there are any deficiencies or combinations of deficiencies that are significant deficiencies and, if so, communicate those to the audit committee. Specifically, will the communication requirement regarding significant deficiencies divert auditors' attention away from material weaknesses?

Commenters who expressed a view on this matter overwhelmingly observed that the auditor's requirement to communicate significant deficiencies would not divert auditors' attention away from material weaknesses since Auditing Standard No. 5 clearly directs the auditor to identify material weaknesses, with many of the commenters noting the importance of communicating significant deficiencies to the audit committee.[30]

The Commission agrees with commenters that the communication requirement related to significant deficiencies should not divert auditors' attention away from material weaknesses due to the clear statement in Auditing Standard No. 5 that in planning the audit, the auditor is not required to search for deficiencies that, individually, or in combination, are less severe than a material weakness. Further, the Commission agrees with the Board that limiting the discussion regarding significant deficiencies to the section of the auditing standard that relates to communications is appropriate in order to help clarify that the audit should not be scoped to identify deficiencies that are less severe than a material weakness.

(3) Is AS5 sufficiently clear that for purposes of evaluating identified deficiencies, multiple control deficiencies should only be looked at in combination if they are related to one another?

Most of those commenting on this question agreed that multiple control deficiencies should be aggregated for assessment purposes if they are related to each other and that Auditing Standard No. 5 is sufficiently clear in this regard.[31] Two commenters disagreed with the direction that multiple control deficiencies should only be evaluated in combination if they are related to one another given that the auditor is expressing an opinion on the effectiveness of internal control as a whole.[32]

The Commission agrees with the view of most of the community that Auditing Standard No. 5 is sufficiently clear with respect to aggregation of control deficiencies and further notes that this guidance is appropriately aligned with Start Printed Page 42145the guidance that is contained in the Commission's interpretive guidance for management.

(4) Please comment on whether the definition of “material weakness” in Paragraph A7 (which is consistent with the definition that the SEC adopted) appropriately describes the deficiencies that should prevent the auditor from finding that ICFR is effective.

The majority of those commenting on this topic expressed agreement with Auditing Standard No. 5's definition of material weakness and stated that it appropriately describes those deficiencies that should prevent the auditor from concluding that internal control over financial reporting is effective,[33] while a couple commenters stated that the definition was not as clear as it could be, thereby potentially leading to subjective assessments of whether a control deficiency is a material weakness.[34] One commenter suggested providing guidance regarding the period of time to which reasonable possibility relates,[0] [35] and another suggested reconsideration of the likelihood threshold included in the definition.[36] Two commenters suggested that the requirement to evaluate deficiencies against interim results due to the reference to interim financial statements in the definition of material weakness should be eliminated,[37] with one of these two commenters stating that this consideration should not delay the Commission's prompt approval of Auditing Standard No. 5.[38]

The Commission agrees that the definition of material weakness included in Auditing Standard No. 5, which is aligned with the Commission's interpretive guidance for management, appropriately describes the conditions that, if they exist, should be disclosed to investors and should preclude a conclusion that internal control over financial reporting is effective. Regarding the reference to interim financial statements in the definition of material weakness, the Commission continues to believe, as it stated in its release adopting the definition of a material weakness, that:

“* * *[while] annual materiality considerations are appropriate when making judgments about the nature and extent of evaluation procedures, the Commission believes that judgments about whether a control is adequately designed or operating effectively should consider the requirement to provide investors reliable interim and annual financial reports. Further, if a deficiency is identified that poses a reasonable possibility of a material misstatement in the company's quarterly reports, the Commission believes that the deficiency should be disclosed to investors and internal control over financial reporting should not be assessed as effective.” [39]

(5) Is AS5 sufficiently clear about the extent to which auditors can use the work of others?

The majority of those who commented on this question expressed their view that Auditing Standard No. 5 is clear about the extent to which auditors can use the work of others to gain efficiencies in the audit,[40] with some noting that Auditing Standard No. 5 provides substantial flexibility in the application of auditor judgment when determining whether, and to what extent, to use the work of others.[41] A small number of commenters noted that further clarification regarding the extent that auditors can rely on the work of others when conducting walkthroughs would be helpful.[42] Two commenters recommended that if the work of others is found to be competent and reliable, then the standard should require the auditor to utilize it.[43]

The Commission agrees that Auditing Standard No. 5 is sufficiently clear about the extent to which the auditor can use the work of others. Further, while the Commission would anticipate auditors would use the work of others under appropriate circumstances, including when the approach results in greater efficiency, the Commission does not believe it is necessary or appropriate to preclude the auditor from utilizing his or her judgment in determining whether or not to use the work of others based on the particular facts and circumstances of the engagement.

(6) Will AS5 reduce expected audit costs under Section 404, particularly for smaller public companies, to result in cost-effective, integrated audits?

A number of commenters stated their view that Auditing Standard No. 5, as approved by the PCAOB, together with the Commission's guidance for management on assessing internal control over financial reporting, will result in a reduction of the total Section 404 compliance effort.[44] Some commenters agreed that a cost reduction would occur, but also noted that the amount of reduced effort and cost associated with the audit of internal control over financial reporting will vary by company depending on factors such as size, complexity, the degree of change from year-to-year, the quality of internal control systems and documentation, and the extent to which management appropriately applies the Commission's interpretive guidance for management.[45] None of the commenters suggested that costs would increase.

Some of the features of Auditing Standard No. 5 that the Commission expects will result in improved effectiveness and efficiency include the direction provided to auditors to focus on what matters most, the elimination of unnecessary procedures from the audit, the ability to scale the audit to fit the size and complexity of the company, the alignment with the Commission's interpretive guidance for management, and its less prescriptive nature. Consequently, the Commission believes that Section 404 compliance costs, for both management's evaluation as well as the external audit, will decrease as a result of the Commission's efforts and Auditing Standard No. 5.

Some commenters noted that while Auditing Standard No. 5 may curtail excessive testing of controls and reduce some of the unnecessary documentation currently required for Section 404 audits, they still have concerns about the extent to which it will reduce costs for smaller public companies.[46] A number of commenters urged the Commission and PCAOB to monitor Start Printed Page 42146closely the extent to which the standard as implemented achieves a reduction in cost, and to take action if there is not an appropriate reduction.[47]

In response to continued concerns about the extent of cost reductions, the Commission's staff is planning to analyze and report on the costs associated with the implementation of the Commission's interpretive guidance for management as well as the implementation of Auditing Standard No. 5. The staff will make any recommendations it believes appropriate to the Commission.

(7) Does AS5 inappropriately discourage or restrict auditors from scaling audits, particularly for smaller public companies?

With regards to scalability, most commenters who responded to this question noted that Auditing Standard No. 5 appropriately discusses the concepts of scalability based on size and complexity without including inappropriate restrictions on the auditor's ability to scale the audit.[48] Other commenters observed that where feasible, Auditing Standard No. 5 should also provide additional guidance on how to effectively plan an integrated audit for smaller public companies and a discussion of related best practices to enhance a broader understanding of risk-based auditing.[49] One commenter expressed concern that an objective definition of “smaller company” is necessary in order to provide meaningful direction in scaling the audit and that the standard should clarify that both smaller and less complex companies would be subject to scaled audits.[50]

The Commission believes that Auditing Standard No. 5 appropriately discusses the concepts of scalability without including inappropriate restrictions on the auditor's ability to scale the audit. Further the Commission agrees with the guidance in Auditing Standard No. 5 that provides for scaling and tailoring of all audits to fit the relevant facts and circumstances. The Commission also agrees with the statement made by the Board in its release to Auditing Standard No. 5 that “scaling will be most effective if it is a natural extension of the risk-based approach and applicable to all companies.” [51] As a result, Auditing Standard No. 5 contains not only a separate section on scaling the audit, but it also contains specific discussion of scaling concepts throughout the standard. The Commission believes that these concepts will enable tailoring of internal control audits to fit the size and complexity of the company being audited rather than the company's control system being made to fit the auditing standard. Additionally, as some commenters observed, the PCAOB's project to develop guidance and education for auditors of smaller public companies, along with the Committee of Sponsoring Organizations of the Treadway Commission's (“COSO”) project to develop guidance designed to help organizations monitor the quality of their internal control systems and other COSO guidance directed to smaller public companies, should also facilitate the implementation of Section 404 in an effective and efficient manner.[52]

In summary, the Commission believes that Auditing Standard No. 5, the related independence rule, and the conforming amendments will enable better integrated, more effective, and more efficient audits while satisfying the requirements set forth in Sections 103 and 404 of the Act. Further, the Commission notes that Auditing Standard No. 5 is appropriately aligned with the Commission's own rules and interpretive guidance for management.

IV. Conclusion

On the basis of the foregoing, the Commission finds that proposed Auditing Standard No. 5, the related independence rule, and the conforming amendments are consistent with the requirements of the Act and the securities laws and are necessary and appropriate in the public interest and for the protection of investors.

It is therefore ordered, pursuant to Section 107 of the Act and Section 19(b)(2) of the Exchange Act, that proposed Auditing Standard No. 5, An Audit of Internal Control Over Financial Reporting that is Integrated with an Audit of Financial Statements, the Related Independence Rule, and Conforming Amendments (File No. PCAOB-2007-02) be and hereby are approved.

Start Signature

By the Commission.

Nancy M. Morris,

Secretary.

End Signature End Preamble

Footnotes

1.  Release No. 34-55876 (June 7, 2007); 72 FR 32340 (June 12, 2007).

Back to Citation

2.  Release No. 34-55912 (June 15, 2007); 72 FR 34052 (June 20, 2007); Notice of Additional Solicitation of Comments on the Filing of Proposed Rule on Auditing Standard No. 5, An Audit of Internal Control Over Financial Reporting That is Integrated with an Audit of Financial Statements, and Related Independence Rule and Conforming Amendments.

Back to Citation

3.  Section 101(a) of the Act.

Back to Citation

4.  Item 308 of Regulations S-B and S-K.

Back to Citation

5.  See Commission Press Release dated April 4, 2007, “SEC Commissioners Endorse Improved Sarbanes-Oxley Implementation To Ease Smaller Company Burdens, Focusing Effort On What Truly Matters.”

Back to Citation

6.  Alamo Group; Pepsico; and XenoPort, Inc.

Back to Citation

7.  BDO Seidman, LLP; Deloitte & Touche LLP; Ernst & Young LLP; Grant Thornton LLP; KPMG LLP; and PricewaterhouseCoopers LLP.

Back to Citation

8.  American Bankers Association; American Bar Association Section of Business Law Committees on Federal Regulation of Securities and Law and Accounting; America's Community Bankers; Biotechnology Industry Organization; Center for Audit Quality; Independent Community of Bankers of America; Institute of Chartered Accountants in England and Wales; Institute of Internal Auditors (IIA); Institute of Management Accountants; Organization for International Investment; National Venture Capital Association; New York State Society of Certified Public Accountants; The Hundred Group of Finance Directors; and U.S. Chamber Center for Capital Markets Competitiveness.

Back to Citation

9.  California Public Employees Retirement System; Centre for Financial Market Integrity; and Council of Institutional Investors.

Back to Citation

10.  Accretive Solutions; Thomas E. Damman; David A. Doney; Benjamin P. Foster; Frank Gorrell; Simone Heidema and Erick Noorloos; J. Lavon Morton; Monica Radu; Robert Richter; R.G. Scott & Associates, LLC; and United States Government Accountability Office.

Back to Citation

11.  See for example, Accretive Solutions; America's Community Bankers; BDO Seidman, LLP; California Public Empolyees Retirement System; Center for Audit Quality; Council of Institutional Investors; Deloitte & Touche LLP; Ernst & Young LLP; Grant Thornton LLP; KPMG LLP; Institute of Chartered Accountants in England and Wales; New York State Society of Certified Public Accountants; PricewaterhouseCoopers LLP; The 100 Group of Finance Directors; and United States Government Accountability Office.

Back to Citation

12.  See for example, America's Community Bankers; BDO Seidman, LLP; California Public Employees Retirement System; Council of Institutional Investors; Deloitte & Touche LLP; Ernst & Young LLP; Grant Thornton LLP; KPMG LLP; and PricewaterhouseCoopers LLP.

Back to Citation

13.  See for example, American Bankers Association; Accretive Solutions; BDO Seidman, LLP; Center for Audit Quality; KPMG LLP; PricewaterhouseCoopers LLP; and The 100 Group of Finance Directors.

Back to Citation

14.  See for example, American Bankers Association; America's Community Bankers; Council of Institutional Investors; Ernst & Young LLP; Grant Thornton LLP; The 100 Group of Finance Directors; and United States Government Accountability Office.

Back to Citation

15.  See for example, BDO Seidman, LLP; Center for Audit Quality; Ernst & Young LLP; Institute of Chartered Accountants in England and Wales; PricewaterhouseCoopers LLP; and The 100 Group of Finance Directors.

Back to Citation

16.  See for example, Alamo Group; Robert Richter; Institute of Chartered Accountants in England and Wales; Institute of Management Accountants; and The 100 Group of Finance Directors.

Back to Citation

17.  See Release No. 33-8809 (June 20, 2007), Amendments to Rules Regarding Management's Report on Internal Control Over Financial Reporting.

Back to Citation

18.  Ibid.

Back to Citation

19.  America's Community Bankers and the Institute of Chartered Accountants in England and Wales.

Back to Citation

20.  See for example, America's Community Bankers, the Institute of Chartered Accountants in England and Wales, The 100 Group of Finance Directors and U.S. Chamber Center for Capital Markets Competitiveness.

Back to Citation

21.  See for example, SEC Press Release 2006-75 (May 16, 2006).

Back to Citation

22.  See PCAOB Press Release dated April 18, 2007, “Board Issues Second Year Report On Auditors' Implementation of Internal Control Standard”.

Back to Citation

23.  American Bar Association Section of Business Law Committees on Federal Regulation of Securities and Law and Accounting.

Back to Citation

24.  KPMG LLP.

Back to Citation

25.  See for example, BDO Seidman, LLP; California Public Employees Retirement System; Center for Audit Quality; Deloitte & Touche LLP; Ernst & Young LLP; Grant Thornton LLP; Institute of Chartered Accountants in England and Wales; KPMG LLP; New York State Society of Certified Public Accountants; PepsiCo; PricewaterhouseCoopers LLP; and The Hundred Group of Finance Directors.

Back to Citation

26.  See for example, KPMG LLP and PricewaterhouseCoopers LLP.

Back to Citation

27.  See for example, Accretive Solutions; The Institute of Internal Auditors; Rod G. Scott; National Venture Capital Association; and U.S. Chamber Center for Capital Markets Competitiveness.

Back to Citation

28.  The Institute of Chartered Accountants in England and Wales.

Back to Citation

29.  National Venture Capital Association.

Back to Citation

30.  See for example, American Bar Association Section of Business Law Committees on Federal Regulation of Securities and Law and Accounting; Accretive Solutions; BDO Seidman, LLP; Center for Audit Quality; Centre for Financial Market Integrity; Council of Institutional Investors; Deloitte & Touche LLP; Ernst & Young LLP; Grant Thornton LLP; Institute of Chartered Accountants in England and Wales; KPMG LLP; J. Lavon Morton; New York State Society of Certified Public Accountants; PepsiCo; PricewaterhouseCoopers LLP; Rod G. Scott; and The 100 Group of Finance Directors, but see The Institute of Internal Auditors.

Back to Citation

31.  See for example, Accretive Solutions; BDO Seidman, LLP; Center for Audit Quality; Deloitte & Touche LLP; Ernst & Young LLP; Grant Thornton LLP, Institute of Chartered Accountants in England and Wales; PepsiCo; PricewaterhouseCoopers LLP; R.G. Scott; and The 100 Group of Finance Directors.

Back to Citation

32.  See California Public Employees' Retirement Systems; and United States Government Accountability Office.

Back to Citation

33.  See for example, BDO Seidman, LLP; Center for Audit Quality; California Public Employees Retirement System; Council of Institutional Investors; Deloitte & Touche LLP; Ernst & Young LLP; Grant Thornton LLP; Institute of Chartered Accountants in England and Wales; New York State Society of Certified Public Accountants; PepsiCo; PricewaterhouseCoopers LLP; and The 100 Group of Finance Directors.

Back to Citation

34.  See for example, Accretive Solutions; R.G. Scott; and U.S. Chamber Center for Capital Markets Competitiveness.

Back to Citation

35.  See The Institute of Internal Auditors.

Back to Citation

36.  See National Venture Capital Association.

Back to Citation

37.  See National Venture Capital Association and PricewaterhouseCoopers LLP.

Back to Citation

38.  PricewaterhouseCoopers LLP.

Back to Citation

39.  See Release No. 33-8809 (June 20, 2007), Amendments to Rules Regarding Management's Report on Internal Control Over Financial Reporting.

Back to Citation

40.  See for example, Accretive Solutions; BDO Seidman, LLP; Center for Audit Quality; Council of Institutional Investors; Deloitte & Touche LLP; Ernst & Young LLP; Grant Thornton LLP; KPMG LLP; PepsiCo; and PricewaterhouseCoopers LLP.

Back to Citation

41.  See for example, Deloitte & Touche LLP; KPMG LLP; and PricewaterhouseCoopers LLP.

Back to Citation

42.  See for example, The 100 Group of Finance Directors; and J. Lavon Morton.

Back to Citation

43.  See American Bankers Association and Biotechnology Industry Organization.

Back to Citation

44.  See for example, BDO Seidman, LLP; Center for Audit Quality; Council of Institutional Investors; Deloitte & Touche LLP; Ernst & Young LLP; KPMG LLP; New York State Society of Certified Public Accountants; PricewaterhouseCoopers LLP; The 100 Group of Finance Directors; and The Institute of Internal Auditors.

Back to Citation

45.  See for example, Accretive Solutions; BDO Seidman, LLP; Center for Audit Quality; Deloitte & Touche LLP; Ernst & Young LLP; Grant Thornton LLP; and PricewaterhouseCoopers LLP.

Back to Citation

46.  See for example, America's Community Bankers; David A. Doney; Independent Community Bankers of America; National Venture Capital Association; J Lavon Morton; R.G. Scott; XenoPort, Inc.; and U.S. Chamber Center for Capital Markets Competitiveness.

Back to Citation

47.  See for example, American Bankers Association; America's Community Bankers; Biotechnology Industry Organization; Independent Community Bankers of America; Institute of Chartered Accountants in England and Wales; Institute of Management Accountants; The 100 Group of Finance Directors; and U.S. Chamber Center for Capital Markets Competitiveness.

Back to Citation

48.  See for example, BDO Seidman, LLP; Center for Audit Quality; Council of Institutional Investors; Deloitte & Touche LLP; Ernst & Young LLP; Grant Thornton LLP; PepsiCo; PricewaterhouseCoopers LLP; and The Institute of Internal Auditors.

Back to Citation

49.  See for example, New York State Society of Certified Public Accountants.

Back to Citation

50.  Biotechnology Industry Organization.

Back to Citation

51.  See PCAOB Release No. 2007-005 (May 24, 2006).

Back to Citation

52.  See for example, Center for Audit Quality, Deloitte & Touche LLP; and PricewaterhouseCoopers LLP.

Back to Citation

[FR Doc. E7-14858 Filed 7-31-07; 8:45 am]

BILLING CODE 8010-01-P