Full Newsletter   Newsletter Archives

  Home    5 Practices    5 Business Sectors    8 Industries    Partners    Resources



Printable version 

Landmark Study Reveals SOX Compliance Issues

 

COSO 1992 Control Framework and Management Reporting on Internal Control: Survey and Analysis of Implementation Practices, a landmark research study by the Institute of Management Accountants (IMA), reveals two key cost drivers for public companies complying with Sarbanes Oxley (SOX) Section 404.

 “IMA’s study is the first comprehensive study of its kind that goes beyond estimating the cost of compliance. This study helps to identify the real drivers of cost and provides actionable insights for policy makers, regulators and professionals associations,” Paul Sharman, president and chief executive officer (CEO) of the IMA, said in a prepared statement announcing the results. “We have hypothesized for some time that current controls frameworks are inadequate, as they do not allow management practitioners to conduct cost-effective, risk-based assessments covering internal controls over financial reporting, fraud risk, general IT controls, and other areas.”

The study, conducted by professor Parveen P. Gupta of Lehigh University, assessed the views of nearly 400 experienced chief financial officers (CFOs), controllers, internal auditors, and SOX compliance specialists at publicly traded companies. The two key factors identified were a lack of practical management implementation guidance and the incomplete nature of the Committee of Sponsoring Organizations (COSO) 1992 framework in assessing the effectiveness of internal controls over financial reporting (ICoFR). Other key findings include:

  • Approximately two-thirds of those responding attributed the two key factors as major cost drivers.
  • More than half of respondents acknowledged that they did not use COSO 1992 to assess IT control effectiveness, in spite of indicating their control assessment was done in accordance with COSO 1992. Almost 52 percent of respondents used COBIT for the critical aspect of their ICoFR assessment.
  • More smaller companies, 45 percent compared to 35 percent of larger companies, are using a “bottom-up” approach to internal controls rather than a “risk-based” point-of-view, suggesting a skills gap in applying robust risk assessment methods.
  • Only 38 percent of respondents did not believe that the COSO 1992 controls framework was guiding their internal control assessments, while 62 percent primarily rely on Accounting Standard 2 (AS2), which has become the de facto assessment standard for company management.
  • Fifty-seven percent of respondents did not believe that the COSO 1992 framework alone was sufficient guidance for determining the effectiveness of internal controls, strongly suggesting that practical assessment methodologies linked to the framework are necessary to assert to the Securities and Exchange Commission (SEC) that an organization has an effective system of internal controls.

“These results suggest that our hypotheses have been proven to a reasonable degree. Now it is time to develop the long awaited assessment guidance so desperately needed by American businesses to cost-effectively comply with SOX while protecting shareholder interests,” Sharman added.

The study was designed to determine the extent to which companies are using COSO’s 1992 internal controls framework and identify the factors which inhibit a successful and cost-effective SOX compliance outcome, including high-cost compliance activities, definition and use of “risk based” models, application of risk assessments (fraud, plausible, and inherent risk), integrated audits, IT controls assessments, skills gap issues and other practical areas. The study, COSO 1992 Control Framework and Management Reporting on Internal control: Survey and Analysis of Implementation Practices, includes an Executive Summary that is available free of charge. The full study is available for purchase from IMA at www.imanet.org.

AccountingWEB.com - Oct-16-2006 -
__________________________________
Managing business risk in today’s volatile environment takes time and understanding of the cause and effect of such risk.  SLGG offers a suite of services listed below to assist organizations in identifying, correcting, and monitoring their key business risks through our Enterprise Risk Management Services.

·          IT Internal Audit

·          Application Control and ERP review

·          SOX IT Services

·          SAS 70

·          Security and Vulnerability

·          Computer Forensics Assistance

·          IT Process Assessments
Regulatory & Industry Compliance

·          SOX Implementation and Projects

·          Internal Audit Services

·          Accounting Advisory Services

·          Business Risk Assessments
Corporate Governance

Singer Lewak Greenbaum & Goldstein LLP is the leading accounting firm headquartered in Los Angeles, founded in 1959. The firm performs audit, accounting, tax consultation, business management, SEC filing and transactions, SOX 404 compliance, enterprise risk management, forensic accounting, business valuations, litigation support, consulting, and entrepreneurial business services to public and private companies, nonprofit organizations, and high net-worth individuals.  Call today 310.477.3924


 Save article  Send us an email  Email to a Friend
Is this item worthy of implementation? Yes No Maybe
Is this item worth sharing with other associates? Yes No Maybe
Did this item present value to you and your business? Yes No Maybe
Comments:

Our firm provides the information in this e-newsletter for general guidance only, and does not constitute the provision of tax advice, accounting services, investment advice, or professional consulting of any kind. The information provided herein should not be used as a substitute for consultation with professional tax, accounting, legal, or other competent advisers. Before making any decision or taking any action, you should consult a professional adviser who has been provided with all pertinent facts relevant to your particular situation. Tax articles in this e-newsletter are not intended to be used, and cannot be used by any taxpayer, for the purpose of avoiding accuracy-related penalties that may be imposed on the taxpayer. The information is provided "as is," with no assurance or guarantee of completeness, accuracy, or timeliness of the information, and without warranty of any kind, express or implied, including but not limited to warranties of performance, merchantability, and fitness for a particular purpose.