Knowledge Center
 White Papers
 Data Sheets
 Advisors Research

Wednesday, September 07, 2005

Integrating IT Controls and Sarbanes-Oxley

IT is often new territory for both internal and external auditors. IT entity-level, general, and application controls have not been a traditional education focus in business schools or training through companies and public accounting firms. Although this is now changing, the learning curve is not necessarily easy, as voiced by companies and auditors alike in response to Section 404 challenges and escalating costs.

A company's tone at the top, starting with its chief executive officer (CEO), drives its control environment and is considered the foundation of all controls. The Committee of Sponsoring Organizations of the Treadway Commission (COSO) helped set the stage through its Internal Control – Integrated Framework, by defining control environment as "an atmosphere in which people conduct their activities and carry out their control responsibilities." Documenting, testing, and reporting on an atmosphere is new territory for many. Fortunately, the COSO framework provides solid guidance to accomplish this feat.

posted by Brian Moran @ 10:33 AM   0 comments


Post a Comment

<< Home


Powered by Blogger