SOX Glossary

0-9

3PL.
Acronym: 3LP
Type: Accounting
Definition: Third party logistics
10K Filing
Acronym: 10K
Type: Accounting
Definition: Annual reports that must include audited financial statements
10Q Filing
Acronym: 10Q
Type: Accounting
Definition: Quarterly reports that include unaudited financial statements

Back To Top

A

Accounts Payable
Acronym: AP
Type: Accounting
Accounts Receivable
Acronym: AR
Type: Accounting
American Institute of Certified Public Accounts
Acronym: AICPA
Type: Organization
Automated Clearing House
Acronym: ACH
Type: Accounting
Definition: An electronic network for financial transactions in the United States

Back To Top

B

Benford’s Law
Definition: Used for fraud detection. Benford’s Law, also called the First-Digit Law, refers to the frequency distribution of digits in many (but not all) real-life sources of data. In this distribution, the number 1 occurs as the leading digit about 30% of the time, while larger numbers occur in that position less frequently: 9 as the first digit less than 5% of the time. Benford’s Law also concerns the expected distribution for digits beyond the first, which approach a uniform distribution.
Big 4
Definition: The four largest international audit firma: Deloitte, PWC, Ernst & Young, KMPG
Bill of Materials
Acronym: BOM
Type: Accounting
Definition: A list of the raw materials, sub-assemblies, intermediate assemblies, sub-components, parts, and the quantities of each needed to manufacture an end product
Board of Directors
Acronym: BOD
Type: Accounting
Definition: A body of elected or appointed members who jointly oversee the activities of a company or organization

Back To Top

C

CAPX
Acronym: CAPX
Type: Accounting
Definition: Capital expenditure
Certified Fraud Examiner
Acronym: CFE
Type: Certification
Definition: CFEs have a unique set of skills that combine knowledge of complex financial transactions with an understanding of methods, law, and how to resolve allegations of fraud. They are also trained to understand not only how fraud occurs, but why.
Certified Information Security Manager
Acronym: CISM
Type: Certification
Definition: Uniquely management-focused certification that promotes international security practices and recognizes those who manage, design, oversee, and assess an enterprise’s information security
Certified Information Systems Auditor
Acronym: CISA
Type: Certification
Definition: CISA designation is a globally recognized certification for IS (Information Systems) audit control, assurance and security professionals. Being CISA-certified showcases your audit experience, skills and knowledge, and demonstrates you are capable to manage vulnerabilities, ensure compliance, and institute controls within the enterprise.
Certified Internal Auditor
Acronym: CIA
Type: Certification
Certified in Financial Forensics
Acronym: CFF
Type: Certification
Definition: Forensic accounting combines accounting with information technology. Using sophisticated computer programs to analyze financial data and find evidence that would be legally valid during a court proceeding. Often forensic accounting is used to review financial records for mergers and acquisitions or a CFE may serve as an advisor to a corporation’s audit committee.
Certified in Governance of Enterprise IT
Acronym: CGEIT
Type: Certification
Definition: Certification means you have demonstrated the capability of bringing IT governance into an organization and that you understand the complex subject holistically and can enhance value to the enterprise
Certified in Risk & Information Systems Control
Acronym: CRISC
Type: Certification
Definition: Certification prepares and enables IT professionals for the unique challenges of IT and enterprise risk management
Chartered Accountant
Acronym: ACA
Type: Certification
Definition: CPA type of certification offered in England and internationally
Committee of Sponsoring Organizations
Acronym: COSO
Type: Audit
Definition: A joint initiative of the five private sector organizations (American Institute of CPA’s, Financial Executives International, The Association of Accountants & Financial Business Professionals, The Institute of Internal Auditors) listed on the left and is dedicated to providing thought leadership through the development of frameworks and guidance on enterprise risk management, internal control, and fraud deterrence.
Customer relationship management
Acronym: CRM
Type: Software
Definition: Software for managing a company’s interactions with current and future customers. It involves using technology to organize, automate and synchronize sales, marketing, customer service, and technical support

Back To Top

D

Deloitte
Acronym: DT or D&T
Type: Organization
Definition: One of the Big 4, headquartered in the United States
Detailed Test Plan
Acronym: DTP
Definition: Excel workbook summarizing the full year’s SOX testing plan. Also referred to as a “Consolidated RCM.” Teams can use a DTP for various purposea: viewing key controls at the consolidated level, specifying for each control the total number of samples to be tested during the year and breakout by quarters of testing (usually in accordance with the external auditors “Sample Size Matrix”), tracking completion status of testing at the quarterly or annual level, tracking results of testing at the quarterly or annual level, and can be used to provide client with status of testing at the quarterly or annual level.

Back To Top

E

EGC
Acronym: EGC
Type: Accounting
Definition: Emerging Growth Company
ELC
Acronym: ELC
Type: Accounting
Definition: Entity Level Controls
Earnings Before Interest, Tax, Deprec. & Amort.
Acronym: EBITDA
Type: Accounting
Definition: An approximate measure of a company’s operating cash flow based on data from the company’s income statement. Calculated by looking at earnings before the deduction of interest expenses, taxes, depreciation, and amortization. The formula ia: EBITDA = Revenue – Expenses (excluding interest, taxes, depreciation and amortization)
Emerging Issues Task Force
Acronym: EITF
Type: Accounting
Definition: An organization formed in 1984 by the Financial Accounting Standards Board (FASB) to provide assistance with timely financial reporting. The EITF holds public meetings in order to identify and resolve accounting issues occurring in the financial world.
Employee Stock Purchase Plan
Acronym: ESPP
Type: Accounting
Definition: A company-run program in which participating employees can purchase company shares at a discounted price. Typically employees contribute to the plan through payroll deductions.
Enterprise resource planning
Acronym: ERP
Type: Software
Definition: A business management software—usually a suite of integrated applications—that a company can use to collect, store, manage, and interpret data from many business activities, includina: product planning-cost & development, manufacturing or service delivery, marketing & sales, inventory management, shipping & payment.
Entity Level Control
Acronym: ELC
Type: Audit
Definition: Internal controls that help ensure that management directives pertaining to the entire entity (company) are carried out. They are the second level of a “top-down approach” to understanding the risks of an organization.
Equity & Stock Administration
Acronym: ESA
Type: Audit
Ernst & Young
Acronym: EY or E&Y
Type: Organization
Definition: One of the Big 4, headquartered in the United Kingdom.
eXtensible Business Reporting Language
Acronym: XBRL
Type: Accounting
Definition: A freely available and global standard for exchanging business information. It is a standards-based way to communicate and exchange business information between business systems.

Back To Top

F

Financial Accounting Standards Board
Acronym: FASB
Definition: Private sector body that establishes GAAP for all non-government entities
Financial Planning & Analysis
Acronym: FP&A
Type: Accounting
Financial Statement
Acronym: FS
Type: Accounting
Fix Asset
Acronym: FA
Type: Audit
Definition: Fixed assets, also known as “tangible assets” or property, plant, and equipment (PP&E), is a term used in accounting for assets and property that cannot easily be converted into cash
Foreign Corrupt Practices Act
Acronym: FCPA
Type: Audit
Definition: Foreign Corrupt Practices Act of 1977 (FCPA) (15 U.S.C. § 78dd-1, et seq.) is a United States federal law known primarily for two of its main provisions, one that addresses accounting transparency requirements under the Securities Exchange Act of 1934 and another concerning bribery of foreign officials

Back To Top

G

GITC
Acronym: GITC
Type: Accounting
Definition: General IT controls (a.k.a. ITGC or IT General Controls)
GST
Acronym: GST
Type: Accounting
Definition: Goods and services tax
General Ledger
Acronym: GL
Type: Accounting
General Public License
Acronym: GPL
Generally Accepted Accounting Principles
Acronym: GAAP
Type: Accounting

Back To Top

H

HRIS
Acronym: HRIS
Type: Accounting
Definition: Human Resource Information Systems
Human Resource & Payroll
Acronym: HRP
Type: Audit
Definition: One of the SOX cycles
Hyperion Financial Management
Acronym: HFM
Type: Software
Definition: An Oracle product used for global financial consolidation, reporting, and analysis

Back To Top

I

IT Application Controls
Acronym: ITAC
Definition: Application controls refers to the transactions and data relating to each computer-based application system and are, therefore, specific to each such application. The objectives of application controls, which may be manual or programmed, are to ensure the completeness and accuracy of the records and the validity of the entries made therein.
IT General Controls
Acronym: ITGC
Definition: One of the SOX cycles. Controls that apply to all systems components for a business organization or information technology (IT) environment, includes access controls, computer operations, change management, and program development. The objectives of ITGCs are to ensure the proper development and implementation of applications, as well as the integrity of programs, data files, and computer operations.
Intangible Assets
Acronym: IA
Internal Audit
Acronym: IA
International Accounting Standard
Acronym: IAS
Type: Accounting
Inventory
Acronym: INV

Back To Top

J

Journal Entry
Acronym: JE
Type: Accounting

Back To Top

K

KPMG
Acronym: KPMG
Definition: One of the Big 4, headquartered in Amsterdam

Back To Top

L

Lead Sheet
Definition:
Lightweight Directory Access Protocol
Acronym: LDAP
Definition: An open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory services play an important role in developing intranet and internet applications by allowing the sharing of information about users, systems, networks, services, and applications throughout the network. As examples, directory services may provide any organized set of records, often with a hierarchical structure, such as a corporate email directory.

Back To Top

M

MW
Acronym: MW
Definition: Material weakness
Management Representation Letter
Acronym: MRL
Mergers & Acquisitions
Acronym: M & A

Back To Top

N

Non Disclosure Agreement
Acronym: NDA
Type: Accounting

Back To Top

O

Open Action Item
Acronym: OAI
Operational Level Agreement
Acronym: OLA
Order to Cash
Acronym: OTC
Type: Audit
Definition: Normally refers to the business process for receiving and processing customer sales

Back To Top

P

Platform-as-a-Service
Acronym: PaaS
Type: Accounting
Point of Contact
Acronym: POC
Definition: A person or a department serving as the coordinator or focal point of information concerning an activity or program
PricewaterhouseCoopers
Acronym: PwC
Type: Organization
Definition: One of the Big 4, headquartered in the United Kingdom
Procure to Pay
Acronym: PTP
Type: Audit
Provided By Client
Acronym: PBC
Definition: List of items (piece of information that are usually a document or file) that are provided by a client
Public Company Accounting Oversight Board
Acronym: PCAOB

Back To Top

R

RPA
Acronym: RPA
Definition: Robotic process automation
Restricted Stock Units
Acronym: RSUs
Type: Accounting
Risk and Control Matrix
Acronym: RCM
Type: Audit
Definition: Show the primary (key) and secondary (non-key) controls to be tested in the company. Basically a quick summary of our action plan, we document key controls and how we test these controls to cover areas of risk from the client company. The matrix will have extra details about what areas the control affects, description of risk mitigated by control, control owners, effective dates of the control, testing methodology, test findings, etc.

Back To Top

S

SOC
Acronym: SOC
Definition: Service organization control
SOX 404A
Acronym: SOX 404A
Definition: Section of SOX that pertains to Emerging Growth Companies
SOX 404B
Acronym: SOX 404B
Definition: Section of SOX that pertains to Accelerated Filers
Sarbanes-Oxley
Acronym: SOX
Type: Audit
Definition: U.S. federal law that set new or enhanced standards for all U.S. public company boards, management and public accounting firms. It was named after sponsors U.S. Senator Paul Sarbanes and U.S. Representative Michael G Oxley.
Service Organization Report
Acronym: SSAE 16/SOC I Type II Report
Single Sign On
Acronym: SSO
Definition: A session/user authentication process that permits a user to enter one name and password in order to access multiple applications
Statement on Auditing Standards
Acronym: SAS
Type: Audit
Definition: Statements are issued by the Accounting Standards Board of the AICPA

Back To Top

T

TOD
Acronym: TOD
Definition: Test of design
TOE
Acronym: TOE
Definition: Test of effectiveness
The Institute of Internal Auditors
Acronym: IIA
Type: Organization
Treasury & Cash Management
Acronym: TCM
Type: Audit

Back To Top

V

VAT
Acronym: VAT
Definition: Value added tax

Back To Top

W

Work Paper/Test Paper
Definition: Work papers are documents that are used to record results, evidence, and descriptions of testing and services performed for the client

Back To Top

 

Scroll To Top