Sarbanes Oxley (SOX) Overview
Author: Lynn Fountain
||2 hours for CPAs
This on-demand course will provide an overview of the legislation as well as the proper processes, controls and tests companies must use to determine adequate internal and financial controls. We discuss how to recognize components of SOX and the Internal Control Framework, the requirements for Top-Down Risk Assessment, as well as how to identify legislation changes and challenges, Auditing Standard 2 and Auditing Standard 5, and how to discover the SOX Sequence of process (documentation, design, evaluation).
Sarbanes-Oxley was passed in 2002 and year one of attestation for publicly traded companies was 2004. Ten plus years later the legislation continues to challenge companies, auditors and compliance professionals when evaluating a company’s control structure. SOX section 404, although the most prominent, is only one of the many requirements covered under the legislation.
In addition, the impetus of COSO 2013 has re-focused companies' efforts on evaluating their key controls. Companies must continually evaluate whether they have designed and identified the proper controls and have adequate tests in place to determine control efficiency. With the evolution of technology solutions, the impact of information systems changes must be continually evaluated to ensure controls are adequately addressed.
Publication Date: January 2019
Internal auditors, Professionals considering the role of internal audit, Chief Audit Executives Accountants and Finance professionals, CFOs, CEOs, Legal and Compliance professionals, Board members, and Audit Committee members.
- Examine the various sections of the SOX legislation
- Explore the initial challenges of the legislation and the accounting standards supporting the legislation
- Explore the SOX sequence of events in complying with section 404 including: Performing a top down risk assessment, Documenting processes, Sourcing risks to the achievement of objectives, Documenting key controls, Assessing design of key controls, Testing control operation, and Report on management's assertion
- SOX Overview
- SOX Challenges
- SOX Process — 404 Overview
- SOX 404 Process
- The COSO Connection
- Identify the various sections of the SOX legislation
- Recognize and examine initial challenges of the legislation
- Evaluate the SOX sequence of events and important components of an accounting risk assessment, process documentation, sourcing risks, documenting controls, assessing design, testing operation and reporting
- Identify the connection of SOX to the COSO Internal Control Framework
- Recognize which entity was created to provide independent oversight of public accounting firms that audit services
- Differentiate sections of Sarbanes-Oxley Act (SOX)
- Identify and apply correct statements about SOX
- Recognize the first step in complying with SOC Section 404
- Describe correct statements describing documentation procedures under SOX Section 404
- Recognize entity's control activities
NASBA Field of Study
Auditing (2 hours)