What is the SEC Looking For in Your Internal Control Environment?

This Article was co-written by Nicole Saldamarco

At the recent AICPA year-end conference, SEC staff members indicated that they will be looking more closely at internal controls for this year end including control considerations for new accounting pronouncements, the evaluation of deficiencies, the overall impact of a deficiency and cyber security. With the much talked about revenue recognition standard (ASC 606) becoming effective for December 31, 2018 fiscal year-end companies and the new lease standard (ASC 842) going into effect in the following year,the SEC will consider transition controls, as well as the addition of daily controls designed to ensure revenue and leases are appropriately accounted for on an on-going basis.  In addition to the new accounting pronouncements, the SEC staff indicated that management should really consider the severity of control deficiencies and the severity should be considered through the eyes of a “prudent official.”   While management is evaluating a deficiency, they should also consider the impact of the deficiency on not only the specific area to which the control pertains, but also consider if any other financial statement areas could be impacted.  Finally, how can we talk about accounting or internal controls without considering “cyber.” The SEC staff noted that nearly all companies are impacted by potential cyber attacks and this risk should be included in management’s risk assessment. The SEC wants to ensure that public companies consider the risk of a material weakness to their financial statements and, as such, consider the controls implemented to mitigate this risk.

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at contactSD@schneiderdowns.com.

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2019 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on

Cybersecurity BY Matthew Dunn
Questions to Ask Before Ransomware Hits Your Business
Cybersecurity BY Stephen Bish
The Physical Side of Cybersecurity
Cybersecurity BY Sean Thomas
Vulnerability Scanning versus Penetration Testing
Cybersecurity BY Sean Thomas
Ransomware Still a Growing Problem for Organizations of All Sizes
Great Hands-On Experience in Cybersecurity
Imperva Alert

Register to receive our weekly newsletter with our most recent columns and insights.

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

contactsd@schneiderdowns.com
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

contactsd@schneiderdowns.com
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102