Big4Guy

Confessions, Thoughts, Observations and Musings of a Big4Guy

Big4Guy

Welcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.

Post details: Indirect Company Level Controls - Sarbanes Oxley Controls Assessment

04/27/06

Permalink 02:26:59 am, Categories: Sarbanes Oxley, 180 words   English (US)

Indirect Company Level Controls - Sarbanes Oxley Controls Assessment

Sometime back, I had discussed how company level controls work here and here. Today, I am discussing the first type of company level controls i.e. indirect company level controls. Just a reminder though, company level controls can be bifurcated into -

- Indirect Company Level Controls; and
- Direct Company Level Controls

Indirect company level controls normally have an indirect relationship with the control activities. At a process or transaction level, auditors get limited comfort from effective indirect company level controls. By limited comfort I mean that testing efforts may be reduced based on indirect CLC's. However indirect company level controls do not provide evidence of operating effectiveness of key controls. Indirect company level controls work in tandem with the softer COSO components. Examples of indirect company level controls may include, management style and philosophy, control environment, control culture, policies defined by management, top management's approach to control, fraud risk management by top management etc.

More on Internal Controls

Continous Auditing of Controls
How to Evaluate Internal Control Exceptions?
Role of Process Owners in SOX Compliance
Cost Estimates for Sarbanes Oxley Compliance

Permalink Leave a comment

Comments:

No Comments for this post yet...

Official Websites

Categories


Archives

  • SAP ABAP Changes to Database Tables
  • ABAP Runtime Analysis - How to Perform ABAP Runtime Analysis SE30
  • SAP Netweaver WebDynpro Programming Model - How the SAP Web Dynpro Phased Model Works
  • SAP Netweaver XI Components - What are the Components of EXchange Infrastructure
  • SAP Business Configuration BC Sets - What are BC Sets Types
  • SAP Migration to New GL Implementation Project Phased Model
  • SAP Function groups ABAP Programming in Finance
  • SAP Web Dynpro ABAP Professional User Interface Development NW
  • SAP Netweaver BI Business Intelligence Basics
  • SAP GRC Virsa Rule Sets Updates
  • SAP MM Requirements for Setting up Plant
  • Lessons Learned Log for ASAP Implementation
  • more...

    • Search

    Google

    Web Big4Guy.com

    October 2009
    Mon Tue Wed Thu Fri Sat Sun
    <<  <   >  >>
          1 2 3 4
    5 6 7 8 9 10 11
    12 13 14 15 16 17 18
    19 20 21 22 23 24 25
    26 27 28 29 30 31  

    Misc

    Syndicate this blog XML

    What is RSS?