A nonissuer transaction is a transaction involving a security that does not benefit the original issuer of the security. This situation most commonly arises when an investor sells his holdings to another investor. A nonissuer transaction is exempt from the Securities and Exchange Commission’s registration requirements.

Unsolicited orders, which are those executed through a broker at the request of his or her client, are also considered exempt. Even with exempt transactions, investors and companies are responsible for any misleading or false statements.

Issuer transactions are those where the proceeds of the offering go to the issuing company. APOs (additional public offerings), IPOs (initial public offerings), and SPOs (subsequent public offerings) all result in funds going to the issuer.

Issuer: These are public companies that issue securities and file with the SEC. Non-issuer: These are private companies and do not issue securities or file with the SEC.

A non-issuer transaction is a transaction involving a security that is not directly or indirectly executed for the benefit of the issuing company.

Section 102(18): Nonissuer transaction or nonissuer distribution: Prior Provisions: 1956 Act Section 401(h); RUSA Section 101(9). Nonissuer transaction” or “nonissuer distribution” means a transaction or distribution not directly or indirectly for the benefit of the issuer.

Integrated audits are required for larger publicly held companies. The controls audit is a requirement imposed by section 404 of the Sarbanes-Oxley Act. Guidance for how the controls audit is to be conducted is issued by the Public Company Accounting Oversight Board (PCAOB).

Public companies must undergo an integrated audit, and only CPAs can perform them. All public companies, when filing the annual report with the SEC, are required to include an internal control report.

An integrated audit considers the relationship between information technology, financial and operational controls in establishing an effective and efficient internal control environment.

An integrated audit is an audit that combines the financial statement audit with an audit of the effectiveness of internal controls over financial reporting (ICFR), whereas a compliance audit is an audit to determine whether the entity has conformed with regulations, rules, or processes.

AS 2201: An Audit of Internal Control Over Financial Reporting That Is Integrated with An Audit of Financial Statements.

A comfort letter is a business document that is intended to assure the recipient that a financial or contractual obligation with another party can and will be met. The sender is often an independent auditor or accountant. A comfort letter is also known as a letter of intent or, in some cases, a solvency opinion.

30. Which overview defines audit strategy? A. The determination of the amount of time to spend testing the client’s internal controls and conducting detailed testing of transactions and account balances.

Internal control consists of the following five interrelated components and the seventeen principles associated with them.

• Control Environment.
• Communication (and Information)
• Risk Assessment.
• Control Activities.
• Monitoring.

The audit strategy sets out in general terms how the audit is to be conducted and sets the scope, timing and direction of the audit. The audit strategy then guides the development of the audit plan, which contains the detailed responses to the auditor’s risk assessment.

In establishing the overall audit strategy, the auditor shall: (a) Determine the characteristics of the engagement that define its scope. (b) Ascertain the reporting objectives of the engagement to plan the timing of the audit and the nature of the communications required.

10 The auditor should develop and document an audit plan that includes a description of:

• The planned nature, timing, and extent of the risk assessment procedures;
• The planned nature, timing, and extent of tests of controls and substantive procedures;12 and.

An effective audit is completed to schedule, and with minimal disruption to the company. Prerequisites for an effective audit are an effective audit firm and team. The firm needs sound procedures; the team needs an understanding of the company and industry, together with judgement, objectivity and independence of mind.