Big4Guy

Confessions, Thoughts, Observations and Musings of a Big4Guy

Big4Guy

Welcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.

Post details: Implementing the Enterprise Risk Management Integrated Framework COSO and Complying with Sarbanes Oxley 404 - Difference between COSO ERM Compliance and Sarbanes Oxley Compliance

02/07/06

Permalink 10:25:01 pm, Categories: Sarbanes Oxley, 214 words   English (US)

Implementing the Enterprise Risk Management Integrated Framework COSO and Complying with Sarbanes Oxley 404 - Difference between COSO ERM Compliance and Sarbanes Oxley Compliance

My topic for discussion today hovers on a recent dilemma one of my clients faced. The client asked "Whether it made sense to implement the Enterprise Risk Management Integrated Framework COSO alongwith the Sarbanes Oxley 404?". Well, my opinion is Sarbanes Oxley compliance is a statutory requirement which cannot be done away with. On the other hand, complying with COSO's Enterprise Risk Management Framework is optional. Let use try and find out the difference between implementation of Section 404 of the Sarbanes Oxley act and implementation of COSO's Enterprise Risk Management Integrated Framework.

Section 404 of the Sarbanes Oxley stresses on Internal Controls over financial reporting. COSO's ERM has aspects of risk management and goes one step further i.e. beyond internal controls over financial reporting. COSO's ERM framework deals with risk appetite, risk tolerance, overall control objectives and strategy of the management. Companies adopting COSO's Enterprise Risk Management Framework definetely will beenfit from a consistent approach to risk management. We all know that internal controls are not limited to just financial reporting. ERM takes care of internal controls across the entire organization and achieveing better controls.

Related Posts on Sarbanes Oxley >>

>> SOX Key Issues for CFO's and CEO's
>> Antifraud Action Plan for Internal Audit
>> Section 404 Maturity Framework
>> How to Develop a Testing Strategy for Internal Controls

Permalink Leave a comment

Comments:

No Comments for this post yet...

Official Websites

Categories


Archives

  • SAP Netweaver BI Business Intelligence Basics
  • SAP GRC Virsa Rule Sets Updates
  • SAP MM Requirements for Setting up Plant
  • Lessons Learned Log for ASAP Implementation
  • SAP Solution Configuration Realization Phase
  • SAP MDM Master Data Import Manager Loading Data into SAP MDM
  • Compliance Calibrator SOD Conflicts Remediation Strategy
  • SAP Workload Analysis Monitor Tools ST03N
  • SAP BW Data Staging Basics Tutorial
  • How to Implement BW Infoobject Level Security
  • SAP BW Admnistrator Authorizations S_RS_ADMWB
  • BIW Reporting Auth Objects S_RS_COMP
  • more...

    • Search

    Google

    Web Big4Guy.com

    January 2009
    Mon Tue Wed Thu Fri Sat Sun
    <<  <   >  >>
          1 2 3 4
    5 6 7 8 9 10 11
    12 13 14 15 16 17 18
    19 20 21 22 23 24 25
    26 27 28 29 30 31  

    Misc

    Syndicate this blog XML

    What is RSS?