« Twenty Internal Control Principles for SOX | Main | Book: ISO 9001 & Sarbanes-Oxley, A System of Governance, William A. Stimson »

Internal Control Objectives, Components, and Principles for SOX

The COSO guidance documents Internal Control over Financial Reporting – Guidance for Smaller Public Companies expand on its 1992 Internal Controls – Integrated Framework to address the Sarbanes-Oxley (SOX) internal control provisions. The 1992 Framework document had three Objectives:

  1. Effectiveness and efficiency of operations.
  2. Reliability of financial reporting.
  3. Compliance with applicable laws and regulations.
Each Objective was impacted the five Components:
  1. Control Environment
  2. Risk Assessment
  3. Control Activities
  4. Information and Communication
  5. Monitoring
The new guidance focuses on the 2nd Objective, financial reporting, and expands on the five Components into Twenty Internal Control Principles:
  1. Integrity and Ethical Values
  2. Board of Directors
  3. Management’s Philosophy and Operating Style
  4. Organizational Structure
  5. Financial Reporting Competencies
  6. Authority and Responsibility
  7. Human Resources
  8. Financial Reporting Objectives
  9. Financial Reporting Risks
  10. Fraud Risk
  11. Integration with Risk Assessment
  12. Selection and Development of Control Activities
  13. Policies and Procedures
  14. Information Technology
  15. Financial Reporting Information
  16. Internal Control Information
  17. Internal Communication
  18. External Communication
  19. Ongoing and Separate Evaluations
  20. Reporting Deficiencies

For SOX implementers from Operations working on the 1st Objective, effectiveness and efficiency, this new structure and its associated evaluation tools are useful as it provides straightforward explanations on working with finance and accounting to implement and maintain better controls over financial reporting.

Posted by John Walz on July 24, 2006 08:23 AM |

Email this entry to:


Your email address:


Message (optional):




Comments

I wish to join to a training course which covering Internal Control Objectives, Components, and Principles for SOX

Posted by: Yahia El Sadig Sulieman | June 19, 2008 12:49 PM

I want to attend Internal Control course & training in how to create an effective Risk Assessment framework.
The preferable training country are:
1- AUE - Dubai.
2- Malaysia - KL

Posted by: Yahia El Sadig Sulieman | July 8, 2008 02:45 AM

I want to attend internal control course and training for effective audit

Posted by: Vijayalaxmi | August 10, 2008 05:11 AM

I would like to attend the internal control training because it is important to the quality of my work as an internal auditor.

Posted by: phirum | September 11, 2008 10:44 PM

Post a comment