Sox 404 Guide

Topics: Auditing, Internal control, Internal audit Pages: 101 (30792 words) Published: March 1, 2013
SARBANES-OXLEY SECTION 404:

A Guide for Management by Internal Controls Practitioners

SARBANES-OXLEY SECTION 404:
A Guide for Management by Internal Controls Practitioners

The Institute of Internal Auditors
2nd Edition, January 2008

Table of Contents
About the Second Edition...........................................................................................................iii How to Use This Guide .............................................................................................................. iv Introduction................................................................................................................................. 1 Summary for the CEO and CFO ................................................................................................. 3 A. Section 404: Rules or Principles ............................................................................................ 9 B. C. Revisiting the Principles of Internal Control ...................................................................... 11 The COSO Framework ....................................................................................................... 15 What Constitutes an Effective System of Internal Control as it Relates to the Requirements of Section 404?............................................................................................. 18

D. Who Is Responsible for Internal Controls? ......................................................................... 19 E. F. What Is the Scope of Management’s Assessment of the System of Internal Control Over Financial Reporting?.................................................................................................. 21 Defining the Detailed Scope for Section 404 ....................................................................... 25 1) 2) 3) 4) 5) 6) 7) Using a Top-down and Risk-based Approach to Defining the Scope .......................... 25 The Detailed Process for Defining the Scope ............................................................... 27 Materiality .................................................................................................................. 28 Significant Accounts and Disclosures.......................................................................... 28 Financial Statement Assertions ................................................................................... 30 Significant Locations, Business Processes, and Major Classes of Transactions............ 30 Key Control ................................................................................................................ 31 a. b. c. d. e. 8) 9) Identifying Key Controls Within Business Processes ........................................... 32 Identifying Key ITGCs ........................................................................................ 35 Other Entity-level Controls .................................................................................. 39 Spreadsheets and Other End-user Computing Issues ........................................... 41 Controls Performed by Third-party Organizations (SAS 70 Type II Reports)...... 44

Fraud Risk Assessment ............................................................................................... 45 Process and Control Documentation .......................................................................... 46

The Institute of Internal Auditors / www.theiia.org

i

TABLE Of CONTENTS

G. Testing Key Controls .......................................................................................................... 48 1) 2) Testing Automated Controls ....................................................................................... 51 Testing Indirect Entity-level Controls.......................................................................... 52

H. Assessing the Adequacy of Controls, Including Assessing Deficiencies .............................. 54 I. J....
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • SOX- Essay
  • sox compliance Essay
  • History of Sox Essay
  • The Effect of SOX Section 404: Costs, Earnings Quality, and Stock Prices Essay
  • Section 404 Sarbanes Oxley Essay
  • SOX research Essay
  • Sarbanes-Oxley Section 404 Essay
  • SOX Act Essay

Become a StudyMode Member

Sign Up - It's Free