« 日本では何パーセントの企業が1年目に「内部統制は有効でない」と意見表明するか? | Main | 内部統制の評価と監査の制度は軌道にのるのか? »

2006.06.20

米国の場合 IT全般統制に重要な欠陥があった場合

 こんにちは、丸山満彦です。「 IT全般統制に重要な欠陥があった場合」の例示です。

 
■EDGAR
●AVX社
・・Form10-K 9A as of 2005.03.31
=====
2. As of March 31, 2005, the Company did not maintain effective controls over access to financial application programs and data. Specifically, certain Company personnel had incompatible duties and were permitted unrestricted access to financial application programs and data beyond that needed to perform their individual job responsibilities. Additionally, there were not effective controls in place to monitor users for inappropriate use of programs or access to data. These deficiencies existed in North America, Europe and Asia and in certain systems and processes including cash, accounts receivable, fixed assets, other assets, accounts payable, accrued liabilities, payroll accounts, inventory accounts and the related income statement accounts. This control deficiency did not result in a misstatement to the Company's consolidated financial statements. However, it could result in the misstatement of account balances and disclosures that would result in a material misstatement to annual or interim financial statements that would not be prevented or detected. Accordingly, management determined that this control deficiency constitutes a material weakness.
=====

AVX社はその後、内部統制の不備について改善を行い、2006.03.31の決算では内部統制報告書に不備はありません。
・・Form10-K 9A as of 2006.03.31
=====
(a) To remediate the information technology material weakness described above, we have implemented new policies and procedures to ensure proper access controls are maintained and monitored. We have increased the supervisory control over access controls, centralizing it for more direct monitoring. In some instances, we have adjusted system configurations and incorporated software tools where appropriate to limit and restrict the ability of system users to enter, change and view data and to provide a detailed history of changes to the applications and data.
=====

●AFFIRMATIVE INSURANCE HOLDINGS, INC.
・・Form 10-K 9A as of 2005.12.31
=====
(a) We did not maintain effective controls over access to, and changes in, our information technology systems’ operational and financial applications and underlying financial data. Specifically, we lacked adequate controls over: (i) the design, documentation and enforcement of internal access security policies and procedures, and (ii) changes to masterfile or standing data to prevent errors and irregularities in financial information. Changes to tables and standing data did not follow the approved change management process and lacked user approval and/or testing. Furthermore, access to financial applications and underlying financial data was not adequately restricted or monitored to ensure unauthorized individuals do not have access to add, change or delete the underlying premiums, commissions and fee income, claims, commission expense, accounts payable, or general accounting data. This control deficiency did not result in any adjustments to our 2005 annual or interim consolidated financial statements. However, this deficiency could result in a material misstatement to significant accounts and disclosures including premium revenue, claims expense and the related receivables and reserves that would result in a material misstatement to our annual or interim consolidated financial statements that would not be prevented or detected. Accordingly, management has determined that this control deficiency constitutes a material weakness.
=====

=====

|

« 日本では何パーセントの企業が1年目に「内部統制は有効でない」と意見表明するか? | Main | 内部統制の評価と監査の制度は軌道にのるのか? »

Comments

トラックバックがおもしろかったw

ぺけぽん

Posted by: 佐藤慶浩 | 2006.06.21 09:22

トラックバックけしちゃったよ~。

Posted by: 丸山満彦 | 2006.06.21 09:31

ちぇ~
それではトラックバックを見れなかった人に、もやもや感だけを残しておきましょう。。。w

Posted by: 佐藤慶浩 | 2006.06.21 09:49

Post a comment



(Not displayed with comment.)




TrackBack


Listed below are links to weblogs that reference 米国の場合 IT全般統制に重要な欠陥があった場合:

« 日本では何パーセントの企業が1年目に「内部統制は有効でない」と意見表明するか? | Main | 内部統制の評価と監査の制度は軌道にのるのか? »