In the wake of Enron and WorldCom the role of internal auditors in corporate governance has taken on a whole new meaning. The passage of the Sarbanes-Oxley Act and actions by the U. S. Securities and Exchange Commission imposed new requirements on auditors, corporate boards and management. This section of AuditNet ® provides tools and resources for internal auditors to acquaint themselves with the new rules and share guidance and best practices for partnering with audit committees. Internal auditors now have a unique opportunity to work together with audit committees to help in the corporate governance mandate. If you have resources or links you would added to this page please contact us.
Sarbanes-Oxley Software Solutions
SARBANES-OXLEY SECTION 404: A Guide for Management by Internal Controls Practitioners from the IIA
Guidance for Smaller Public Companies Reporting on Internal Control over Financial Reporting
Sarbanes-Oxley 404 Implementation Costs - Report from A.R.C. Morgan
SARBANES-OXLEY IN THE NEWS
ComputerWorld Sarbanes-Oxley Coverage
UPDATED LAWS & REGULATIONS
For current US audit committee rules and the SEC (US Securities and Exchange Commission)
SEC Grants One-Year Extension for SOX Compliance - Affects Non-Accelerated Filers
Certification of Disclosure in Companies' Quarterly and Annual Reports
Sarbanes-Oxley FAQ from the SEC
INTERNAL CONTROL EVALUATIONS PRESENTATIONS & GUIDES
Note: Presentations without a hyperlink are available on a one for one exchange.
Sarbanes-Oxley and Accounts Payable Template - an excellent basis for an internal presentation on S-Ox and the payables function.
A Framework for Evaluating Control Exceptions and Deficiencies
Auditing into an ISO9001:2000 Quality Management System by Dexter Hansen
Planning an IT Audit for Sarbanes-Oxley Compliance by Michelle Johnston
Executing an IT Audit for Sarbanes-Oxley Compliance by Michelle Johnston
Internal controls and the Sarbanes-Oxley Act by Matthew Leitch
Integrating Sarbanes-Oxley Act Internal Controls
Making Sense of Sarbanes-Oxley Tools by Richard Lanza from Internal Auditor (February 2004)
The New Importance of Materiality Journal of Accountancy May 2005
AUDIT PROGRAMS & QUESTIONNAIRES
Integrating Sarbanes-Oxley Act Internal Controls Auditing into an ISO9001:2000 Quality Management System
IT Control Objectives for Sarbanes-Oxley from the IT Governance Institute
Management Discussion & Analysis Checklist (GAAP)
Sarbanes-Oxley 404 Network Security (Sep 04)
Sarbanes-Oxley Implementation Checklist
SekChek for SOX and PCAOB compliance testing of General IS Security Controls. A tool for automated host-computer security reviews of non-mainframe platforms, including Unix, Windows, Novell & AS/400.
User Access Controls Work Program (SOX) (May 04)
The following audit programs are available to subscribers by logging in and access is provided on the Subscriber Audit Programs page (not from this page). If you are a non-subscriber you may receive these programs by contributing material (one for one) that you have permission to share with other auditors or organizations. If you are unable to share consider subscribing to annual access to the AuditNet® audit programs. Annual audit program subscription provide subscribers with access to all audit programs (including those below) that require a contribution. After paying the subscription fee you will receive a confirmation email (to the address you use for your PayPal account) with instructions on how to access the audit programs. If that email is not your business address you will need to contact us and indicate where you want your confirmation sent. Annual subscribers to the audit programs service will also receive a copy of The Auditor's Guide to Internet Resources, 2nd Edition ($50 value). If you are interested in a corporate subscription to the Audit Programs Database providing multiple users with access then click here!
Please note that the following programs are available to Subscribers or Enterprise site license authorized users (excludes Basic level) from the templates section of the site. YOU CANNOT DOWNLOAD THE AUDIT PROGRAMS FROM THIS PAGE!
Sox First Management & Compliance - blog devoted to Sarbanes-Oxley
Sarbanes-Oxley Act Forum - an interactive community portal
Sarbanes-Oxley Discussion Forum - The purpose of this Listserv is to provide a vehicle in which individuals can provide information, ask questions, and hopefully provide some sharing of knowledge as it pertains to the issues and challenges of Sarbanes-Oxley compliance.
Send the following email message:
SUBJECT: (leave blank)
BODY OF MESSAGE: (leave blank)
You will receive an acknowledgment email which requires an email confirmation before you become a list member. By joining the listserv you agree to abide by its terms and conditions. After your confirmation to join is received, a welcome message will be issued containing listserv guidelines, web site location of archived messages, and additional important information.
WEB SITE RESOURCES
404 Institute KPMG established an open forum for the exchange of ideas and a venue for the development of research and leading practices related to; meeting the requirements of section 404 of the Sarbanes-Oxley Act of 2002, effectively leveraging current and future investments in internal controls, and enhancing the overall integrity of the financial reporting process.
Audit Committee Charters Web site of the Financial Executives Institute provides links to sample charters for audit committees.
CBIZ Internal Audit Services Sarbanes-Oxley Services page offers articles, tools, surveys, internal control considerations and more.
Center for Corporate Governance from Deloitte (registration required)
Committee on Sponsoring Organizations (COSO) a voluntary private sector organization dedicated to improving the quality of financial reporting through business ethics, effective internal controls and corporate governance.
Corporate governance links (From the Institute of Chartered Accountants in England and Wales (ICAEW)) ICAEW published the final guidance on the implementation of the internal control requirements of the Combined Code on Corporate Governance, and 'Implementing Turnbull: A Boardroom Briefing'.
Internal Controls Summaries Library from Ernst & Young
UK site that
provides links to IT governance, risk management,
compliance and information security information.
Public Company Accounting Oversight Board provides a central resource to access CPA registration filings and research standards and regulations mandated by Sarbanes-Oxley
Sarbanes-Oxley Information Center from CFO Direct
Sarbanes-Oxley, corporate governance, and audit committee resources -from KnowledgeLeader
SOX Expert: Solving SOX, Creating Value SOX Expert is a cost effective, comprehensive Sarbanes Oxley compliance and Internal Audit software solution that will enable companies to streamline their GRC program while ensuring the highest degree of risk mitigation. Based on the Microsoft Excel platform, SOX Expert is easy to understand, implement and use. Free software demo available on the website.
Sarbanes-Oxley Information from Reckenen Accountants and Consultants
AUDIT COMMITTEE TOOLS & RESOURCES
Audit Committees and Governance from the IIA
Audit Committee Charter from the UK IIA
Audit Committee Institute Web site from KPMG provides information for corporate audit committees including newsletters, publications, surveys and other resources.
Audit Committee Performance Self Assessment Survey
Audit Committee Evaluation of Internal Audit is a questionnaire for audit committee members.
Corporate Governance Reform Initiatives and the Profession of Internal Auditing