" /> Sarbanes-Oxley: July 2006 Archives

« June 2006 | Main | August 2006 »

July 24, 2006

Internal Control Objectives, Components, and Principles for SOX

The COSO guidance documents Internal Control over Financial Reporting – Guidance for Smaller Public Companies expand on its 1992 Internal Controls – Integrated Framework to address the Sarbanes-Oxley (SOX) internal control provisions. The 1992 Framework document had three Objectives:

  1. Effectiveness and efficiency of operations.
  2. Reliability of financial reporting.
  3. Compliance with applicable laws and regulations.
Each Objective was impacted the five Components:
  1. Control Environment
  2. Risk Assessment
  3. Control Activities
  4. Information and Communication
  5. Monitoring
The new guidance focuses on the 2nd Objective, financial reporting, and expands on the five Components into Twenty Internal Control Principles:
  1. Integrity and Ethical Values
  2. Board of Directors
  3. Management’s Philosophy and Operating Style
  4. Organizational Structure
  5. Financial Reporting Competencies
  6. Authority and Responsibility
  7. Human Resources
  8. Financial Reporting Objectives
  9. Financial Reporting Risks
  10. Fraud Risk
  11. Integration with Risk Assessment
  12. Selection and Development of Control Activities
  13. Policies and Procedures
  14. Information Technology
  15. Financial Reporting Information
  16. Internal Control Information
  17. Internal Communication
  18. External Communication
  19. Ongoing and Separate Evaluations
  20. Reporting Deficiencies

For SOX implementers from Operations working on the 1st Objective, effectiveness and efficiency, this new structure and its associated evaluation tools are useful as it provides straightforward explanations on working with finance and accounting to implement and maintain better controls over financial reporting.

Posted by John Walz at 08:23 AM | | Comments (1)

July 21, 2006

Twenty Internal Control Principles for SOX

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has published a four volume set Internal Control over Financial Reporting – Guidance for Smaller Public Companies on using its Internal Controls – Integrated Framework to address the Sarbanes-Oxley (SOX) internal control provisions. This $75 set contains:

  • 16 page Executive Summary,
  • 116 page Guidance,
  • 72 page Evaluation Tools, and
  • 14 page Frequently Asked Questions (FAQ).
This final version is much better than the exposure draft which I criticized on my 14-Jan-06 blog. While several of my criticisms remain, the best outcome is the description of the
Twenty Internal Control Principles which are useful to businesses of all sizes. For SOX implementers from Operations, this document will be useful to better understand how to implement and maintain better controls over financial reporting.

Posted by John Walz at 08:38 AM | | Comments (0)