NokiaInternalControlsamptheSarbanesOxleyAct.doc

Nokia Internal Controls & the Sarbanes-Oxley ActNokia generic training materialNokia Internal Controls&the Sarbanes-Oxley ActThis training provides an introduction to Nokia Internal Controls and the Sarbanes-Oxley ActWelcome! Nokia Internal ControlsSarbanes-Oxley ActLearning objectivesAfter this module you shouldunderstand what a good internal controls arebe aware that internal controls will be modified due to SOXunderstand how Nokia internal controls will be made transparentunderstand how Nokia will implement internal controls by maintaining commitment to empowermentbe able to identify internal controls within your own functional and process arearealize that internal controls will continuously be tested internally and audited externallyknow whom to contact to get further BG/HG-specific informationTable of ContentsWhat are internal controls in practice?Your own responsibility 30 minAction points & discussionHow Nokia implements internal controls and SOX?An example of internal controls and processes 30 minWhat will change in working practices?30 minWhat are internal controls and the Sarbanes-Oxley Act (SOX) and why are they important?Internal controls are good business practices Internal controls consist of measures to provide reasonable assurance of effectiveness and efficiency of operations reliability of external and internal reportingcompliance with applicable laws and regulations Internal controls ensure completeness, accuracy and timeliness of our processesGood internal controlsare designed with business benefits in mindfocus on critical processes are precise and define assignment of responsibilitygive instructions on how to deal with unexpected resultsprevent or detect errors or fraudare documented and easy to test and auditInternal controls are listed in control cataloguesPreventive vs4>>. detective controls Preventive controlsPreventive controls are designed to keep errors or irregularities from occurring in the first place>. They are built into internal control systems and require a larger effort in the initial design and implementation stages>. However, preventive controls tend not to require significant ongoing investments>. Preventive controls include:segregation of duties to prevent intentional wrongdoingrestricted system authorization to critical transactionsprocedures to avoid improper transactionsphysical control over equipment and other assets to prevent improper useDetective controlsDetective controls are designed to detect errors and irregularities that have already occurred and to assure their prompt correction>. These controls represent a continuous operating expense and are often costly, but necessary>. Detective controls supply the means with which to correct data errors, modify controls or recover missing assets>. Detective controls include:account reconciliationstaking a physical inventoryauditsReview QuestionIs the dividing of responsibilities for important activities a preventive or detective control?Question:The Sarbanes-Oxley Act was the answer to major corporate and accounting scandalsThe winter of 2001 and spring of 2002 saw major corporate and accounting scandals involving several prominent companies in the Unites Statestimeline2 December 2001 Enron files for bankruptcy, in the US' biggest ever corporate failure10 January 2002 Arthur Andersen admits its staff shredded thousands of documents concerning the Enron audit15 June 2002 Arthur Andersen is found guilty of obstructing justice by shredding evidence relating to the Enron scandal25 June 2002 WorldCom, announces its intention to restate its financial statements, reducing previously reported earnings by nearly $4 billion21 July 2002 WorldCom files for bankruptcy protection, the largest such filing in U>.S>. history8 November 2001 Enron revises its financial statements to reduce earnings by $586 million over the past four yearsJuly 2002 Sarbanes-Oxley Act is passedIn July 2002, one of the most influential pieces of US corporate legislation related to corporate governance, financial disclosure, and public accounting was passed by the US Congress by a nearly unanimous vote>. One of the most important aspects of the Act is the effect it will have on companies’ internal controls>.The Sarbanes-Oxley Act protects investorsSOX has been designed “to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes>.”Section 404 - Internal controls for financial reportingstates that management must take responsibility for maintaining an effective system of internal controlsCEOs and CFOs are required to certify personally in writing the accuracy and completeness of the financial information and management assessment of internal controlsSect。