Big4Guy

Confessions, Thoughts, Observations and Musings of a Big4Guy

Big4Guy

Welcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.

Post details: Using the Work of Others in Sarbanes Oxley Compliance

06/19/06

Permalink 07:12:05 am, Categories: Sarbanes Oxley, 228 words   English (US)

Using the Work of Others in Sarbanes Oxley Compliance

Under Sarbanes Oxley an auditor must test the operating effectiveness of internal controls over financial reporting to form an opinion on financial statements. Primarily the auditor should use the results of his own testing in forming such opinion. This means that the tests of operational effectiveness conducted by the auditor will form the basis of the auditor's opinion. However, SOX allows auditors to use the work of others to alter the nature, timing and extent of procedures performed independently.

So what does "Work of Others" means here. For SOX purposes, work of others means work perfomed by company's internal auditors, consultants, other company personnel, and third parties working under the direction of the management or audit committees. In using the work of others, auditors must take into consideration the following:

1) Evaluate the nature of controls subject to the work of others.
2) Evaluate the competency and objectivity of the individuals who performed the work.
3) Test some of the work performed by others to evaluate the quality and effectiveness of their work.

However, firstly, an auditor cannot use the work performed by others for controls that form part of the control environment including controls specifically established to prevent and detect fraud and secondly in
performing walkthroughs.

Related Posts on Sarbanes Oxley

Resonable Assurance Vs Absolute Assurance
SOX Application and Data Owners
Multi-Disciplinary Audit Teams for SOX Audit
Application Level Controls

Permalink Leave a comment

Comments:

No Comments for this post yet...

Official Websites

Categories


Archives

  • SAP ABAP Changes to Database Tables
  • ABAP Runtime Analysis - How to Perform ABAP Runtime Analysis SE30
  • SAP Netweaver WebDynpro Programming Model - How the SAP Web Dynpro Phased Model Works
  • SAP Netweaver XI Components - What are the Components of EXchange Infrastructure
  • SAP Business Configuration BC Sets - What are BC Sets Types
  • SAP Migration to New GL Implementation Project Phased Model
  • SAP Function groups ABAP Programming in Finance
  • SAP Web Dynpro ABAP Professional User Interface Development NW
  • SAP Netweaver BI Business Intelligence Basics
  • SAP GRC Virsa Rule Sets Updates
  • SAP MM Requirements for Setting up Plant
  • Lessons Learned Log for ASAP Implementation
  • more...

    • Search

    Google

    Web Big4Guy.com

    October 2009
    Mon Tue Wed Thu Fri Sat Sun
    <<  <   >  >>
          1 2 3 4
    5 6 7 8 9 10 11
    12 13 14 15 16 17 18
    19 20 21 22 23 24 25
    26 27 28 29 30 31  

    Misc

    Syndicate this blog XML

    What is RSS?