SAS applies COSO, the internationally recognized framework for internal control, to describe and evaluate SAS’ control structure.
Internal control of financial reporting is a process involving the Board of Directors, executive management and employees, and is designed to provide reasonable assurance regarding the reliability of external reporting.
SAS control structure is based on five areas that together forms the base for a good control structure:
- Control environment
- Risk assessment
- Control activities
- Information and communication
SAS corporate governance report describes how SAS works within these areas in more detail.