For discussion purposes, treat Oxalite, Inc. as a public company. Based on this assumption, reflect on the following:
a. What were some internal control deficiencies and even material weaknesses? How would they have been discovered? What would be the implications for Sarbanes-Oxley Section 404 compliance?
b. Analyze this case using the COSO Fraud Risk Management Guide Principles 1,2 and 5 relating to the COSO internal control components of control environment, risk assessment, and monitoring.
3. How could the internal audit function have helped evaluate the design and operating effectiveness of internal controls?