The nine firms issued version 3 of their framework for evaluating exceptions and deficiencies resulting from the evaluation of internal control over financial reporting.
Version 3 of the framework has been expanded to cover the evaluation of deficiencies in pervasive controls other than information technology general controls and how to consider and evaluate deficiencies in the aggregate as well as incorporating the evaluation of process/transaction-level and information technology general control exceptions and deficiencies included in previous versions of the framework.
The framework is designed for the use of issuers and auditors. This is to be the final update to the framework.
See Summary.
Related links:
A Framework for Evaluating Control Exceptions and Deficiencies