How to Comply with Sarbanes-Oxley Section 404: Assessing the Effectiveness of Internal Control
暂无分享,去创建一个
Chapter 1. The Engagement Approach. Chapter Summary. Management's Required Assessment of the Entity's Internal Control. The Independent Auditor's Reporting Responsibilities. A Structured, Comprehensive Approach for Evaluating Internal Control. Considerations for Outside Consultants. Appendix A: Action Plan: Structuring the Engagement. Appendix B: Understanding the Independent Auditors' Attestation Standards. Appendix C: Pre-Engagement Questioning Strategy and Example Questions. Chapter 2. Internal Control Criteria. Chapter Summary. The Need for Control Criteria. The COSO Internal Control Integrated Framework. Business Process Activities. Controls Over Information Technology Systems. Disclosure Controls and Procedures. Appendix A: Example Value Chains. Chapter 3. Engagement Planning. Chapter Summary. The Objective of Planning. Information Gathering for Decision-Making. Information Sources. Structuring the Engagement Team. Coordinating with the Independent Auditors. Documenting Your Planning Decisions. Appendix A: Action Plan: Engagement Planning. Appendix B: Summary of Planning Questions. Chapter 4. Identifying Significant Control Objectives. Chapter Summary. Introduction. Entity-Level Control Objectives Presumed to be Significant. Identifying Significant Activity-Level Control Objectives. Coordinating with the Independent Auditors. Appendix A: Action Plan: Identifying Significant Control Objectives. Appendix B: Example Significant Control Objectives. Appendix C: Map to the COSO Framework. Chapter 5. Documentation of Significant Controls. Chapter Summary. Documentation: What It Is...And Is Not. Assessing the Adequacy of Existing Documentation. Documentation of Entity-Level Control Policies and Procedures. Documenting Activity Level Controls. Coordinating with the Independent Auditors. Appendix A: Action Plan: Documentation. Appendix B: Evaluating the Design and Implementation of Sarbanes-Oxley. Automated Compliance Tools. Appendix C: Linkage of Significant Control Objectives to Example Control. Policies and Procedures. Appendix D: Documentation Example. Chapter 6. Testing and Evaluating Entity-Level Controls. Chapter Summary. Introduction. Internal Control Reliability Model. Overall Objective of Testing Entity-Level Controls. Testing Techniques. Evaluating the Effectiveness of Entity-Level Controls. Coordinating with the Independent Auditors. Appendix A: Action Plan: Testing and Evaluating Entity-Level Controls. Appendix B: Survey Tools. Appendix C: Example Inquiries of Management Regarding Entity-Level Controls. Chapter 7. Testing and Evaluating Activity-Level Controls. Chapter Summary. Introduction. Assessing the Effectiveness of Design. Operating Effectiveness Test Design Considerations. Operating Effectiveness Types of Tests. Evaluating Test Results. Coordinating With the Independent Auditors. Appendix A: Action Plan: Documentation. Appendix B: Example Inquiries. Appendix C: Example Control Activities. Chapter 8. Reporting. Chapter Summary. A