Big4Guy

Confessions, Thoughts, Observations and Musings of a Big4Guy

Big4Guy

Welcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.

Post details: Adverse Report on Internal Controls - Things You Should Know

09/15/06

Permalink 06:53:54 am, Categories: Sarbanes Oxley, 277 words   English (US)

Adverse Report on Internal Controls - Things You Should Know

Companies complying with Section 404 of the Sarbanes Oxley Act are sometimes faced with an adverse report. An adverse report on the internal control structure over financial reporting requires quick resolution on part of the audit committee and senior management. From a perspective of the audit committee and Board of Directors the steps taken to address a adverse report on internal controls should ensure that:

1. The adverse findings in corrected as soon as possible.

2. The market is assured that the corrective action is taken.

Before deciding on the steps to taken to remediate the material weakness, which have resulted in an adverse opinion, the management team, together with the internal auditors, and independent auditors should try an first understand the deficiency. This is important to make a fully informed decision on the future course of action. Here are a few guiding principles or questions, which management should be asking to help tackle an adverse report on internal controls.

- Who identified the weakness?

1) Is it the management as part of its assessment of internal control over financial reporting or otherwise?
2) The internal audit as part of a routine audit, or in connection with the review of internal control?
3) Independent auditors – As part of its review of internal control over financial reporting?

- What is the nature of the weakness?

- How long has the weakness be there?

- What are the implications of the weakness? Is there a possibility that fraud might have resulted from this weakness?

- What other controls are operating in the weakness area that could have acted as compensating controls.

Related Posts

SOX 404 Project Sponsor
Standard Templates for Sarbanes Oxley
Financial Statement Consolidation Using XBRL
ITGC Scoping for SOX 404

Permalink 1 comment

Comments:

Comment from: bmoran [Visitor] · http://www.oversightsystems.com/knowledge/view_Controls_Automation_webcast.php
In talking about control frameworks like COBIT or COSO, people often ignore or pay less attention to the monitoring component of their controls. Companies are now integrating continuous monitoring as both a control and an automated control test. For more information check out this Forrester webcast: http://www.oversightsystems.com/knowledge/view_Controls_Automation_webcast.php

Webcast with Forrester Research: Controls Automation & Continuous Monitoring

Date: Tuesday, Sept. 26

Time: 1 p.m. EDT/10 a.m. PDT

Duration: 45 minutes ngoing

Sarbanes-Oxley compliance demands controls optimization and continuous monitoring. In the first years of internal control audits, companies labored to satisfy their auditors with manual controls that were costly to implement and then required intensive testing. Forrester Research analyst Paul Hamerman will lead a 45-minute discussion on how companies can take their SOX compliance programs to the next level with controls automation and continuous monitoring. Specifically, Paul will discuss:

* Risk-based controls (and how to implement them)

* Automating compliance processes

* The role of continuous monitoring as a control and control testing

* Business benefits from compliance
Permalink 09/15/06 @ 10:06

Official Websites

Categories


Archives

  • SAP GRC Virsa Rule Sets Updates
  • SAP MM Requirements for Setting up Plant
  • Lessons Learned Log for ASAP Implementation
  • SAP Solution Configuration Realization Phase
  • SAP MDM Master Data Import Manager Loading Data into SAP MDM
  • Compliance Calibrator SOD Conflicts Remediation Strategy
  • SAP Workload Analysis Monitor Tools ST03N
  • SAP BW Data Staging Basics Tutorial
  • How to Implement BW Infoobject Level Security
  • SAP BW Admnistrator Authorizations S_RS_ADMWB
  • BIW Reporting Auth Objects S_RS_COMP
  • SAP BW Security Authorization Objects for SAP BW
  • more...

    • Search

    Google

    Web Big4Guy.com

    September 2008
    Mon Tue Wed Thu Fri Sat Sun
    <<  <   >  >>
    1 2 3 4 5 6 7
    8 9 10 11 12 13 14
    15 16 17 18 19 20 21
    22 23 24 25 26 27 28
    29 30          

    Misc

    Syndicate this blog XML

    What is RSS?