• | a sufficient number of trained personnel with assigned responsibility and accountability for the conduct of financial reporting processes and the design and effective operation of internal controls in accordance with the COSO 2013 Framework; |
• | a sufficient process to evaluate the performance of internal control responsibilities, nor a sufficient program to provide performance incentives and rewards or exercise disciplinary actions, as appropriate; and |
• | a sufficient process to hold personnel accountable for their internal control responsibilities through performance measurement plans and goals, and did not have a sufficient program to educate personnel on the COSO 2013 Framework and their financial reporting and related internal control responsibilities. |
• | the communication of materiality relevant to the components of the business organization such that those responsible for financial reporting across the organization understood the required level of accuracy and precision required for financial reporting and the risk tolerance associated with internal controls; |
• | a timely process to identify and analyze the risk of misstatement due to error and/or fraud, including management override of controls, to determine appropriate internal controls to manage the financial reporting risks during 2018; and |
• | a process to implement necessary changes in internal controls that were responsive to the Company’s periodic risk assessment. |
• | sufficient processes and controls in place to ensure the timely identification and communication of relevant and reliable information sourced internally and externally to financial reporting personnel, management, and the Board of Directors, to enable appropriate measurement and disclosure of such information in the financial reporting processes; and |
• | sufficient controls over various information technology systems to ensure that information used in financial reporting is timely, current, accurate, complete, accessible, protected and verifiable and retained. |
• | effective controls to ascertain whether the processes and internal controls related to the five COSO 2013 Framework components (and underlying principles) were present and functioning throughout the year. |
• | written policies and procedures at a sufficient level of precision to support the operating effectiveness of the controls to prevent and detect potential errors; and |
• | effective control activities at the transaction level at an appropriate level of precision to mitigate the risk of material misstatement in financial reporting including the following various deficient control activities: |
◦ | Ineffective design, implementation and operation of controls over the completeness, existence and accuracy of the financial statement close and reporting process and financial statement disclosures; |
◦ | Ineffective general information technology controls (GITCs) over all IT operating systems, databases, and IT applications supporting financial reporting processes across the organization; |
◦ | Ineffective automated process-level controls and manual controls that are dependent upon the information derived from IT systems; |
◦ | Ineffective end-user computing controls over spreadsheets used in the financial reporting process; |
◦ | Ineffective design, implementation and operation of controls over the completeness, existence, accuracy and presentation of intercompany transactions; |
◦ | Ineffective design, implementation and operation of controls over the completeness, existence, accuracy and valuation of inventory transactions; |
◦ | Ineffective design, implementation and operation of controls over the completeness, existence, accuracy, valuation and presentation of content library assets; |
◦ | Ineffective design, implementation and operation of controls over the completeness, existence, accuracy, valuation and presentation of the capitalization of internally developed software costs and related amortization expense; |
◦ | Ineffective design, implementation and operation of controls over the completeness, existence, accuracy, valuation and presentation of long-lived assets and related depreciation expense; |
◦ | Ineffective controls to assess the existence of impairment indicators and to perform an impairment assessment of customer relationship intangible assets in accordance with the relevant accounting guidance; |
◦ | Ineffective design, implementation and operation of controls over the completeness and accuracy of the data provided to third-party consultants for purposes of the goodwill impairment analysis; |
◦ | Ineffective design, implementation and operation of controls over the appropriateness of the assumptions and methodology used to measure the fair value of reporting units and the reasonableness of the conclusions in consultants’ reports; |
◦ | Ineffective design, implementation and operation of controls over the completeness, existence and accuracy of the procurement of goods and services and invoice processing and cash disbursements, and the completeness, existence, accuracy and presentation of accounts payable and accrued liabilities and operating expenses; |
◦ | Ineffective design, implementation and operation of controls over the completeness, existence, accuracy and presentation of revenue and deferred revenue transactions and accounts receivable, including cash receipts, and the collectability of accounts receivable and its related allowance; |
◦ | Ineffective design, implementation and operation of controls over the completeness, accuracy and presentation of cost of sales and related accrued liabilities; |
◦ | Ineffective design, implementation and operation of controls over the completeness, existence, accuracy, valuation and presentation of income tax accounts including income tax expense (benefit) and withholding tax expense, deferred tax assets and liabilities, uncertain tax positions, and taxes payable and receivable; |
◦ | Ineffective design, implementation and operation of controls over the completeness, existence, accuracy and presentation of payroll and related expenses; |
◦ | Ineffective design, implementation and operation of controls over the completeness, existence, accuracy, valuation and presentation of certain financial liabilities, specifically in relation to the valuation methods selected and third-party pricing data used; |
◦ | Ineffective controls over cash management functions; |
◦ | Ineffective design, implementation and operation of controls over the completeness, existence and accuracy of the fair value of acquired assets and assumed liabilities in connection with the finalization of purchase price allocations; and |
◦ | Ineffective processes and related internal controls to execute and account for an acquired business. |