In order for ICFR to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with the issuer’s GAAP, ICFR should generally include the following components:
(a) controls for initiating, authorizing, recording and processing transactions relating to significant accounts and disclosures;
(b) controls for initiating, authorizing, recording and processing non-routine transactions and journal entries, including those requiring judgments and estimates;
(c) procedures for selecting and applying appropriate accounting policies that are in accordance with the issuer’s GAAP;
(d) controls to prevent and detect fraud;
(e) controls on which other controls are dependent, such as information technology general controls; and
(f) controls over the period-end financial reporting process, including controls over entering transaction totals in the general ledger, controls over initiating, authorizing, recording and processing journal entries in the general ledger and controls over recording recurring and non-recurring adjustments to the financial statements (e.g., consolidating adjustments and reclassifications).