Sarbanes Oxley (SOX) – Section 404 Management Assessment of Internal Controls

SOX Introduction

Sarbanes Oxley Act 2002 commonly referred to as SOX, is the single most important piece of legislation affecting corporate governance, financial disclosure and the practice of public accounting since the US securities laws of the early 1930s. SOX Section 404 requires management to file an internal report with its annual report. The SOX internal control report must articulate

• Management’s responsibilities to establish and maintain adequate internal controls and procedures for financial reporting
• Management’s conclusions as to the effectiveness of these internal controls and procedures for financial reporting based on management’s evaluation of them at year-end.

SOX Internal Controls SOX Financial Controls SOX IT Controls

SOX’s proposed rules on section 404 also require management to evaluate the effectiveness of the design and operation of the company’s internal controls over financial reporting on a quarterly basis. SOX would require the company to include the accountant’s attestation in the company’s annual report. The attestation must indicate the scope of the accountant’s examination and set for the accountant’s opinion as to whether the company’s assertions about the effectiveness of its internal controls over financial reporting are fairly stated. SOX section 404 also demands the accountants overall opinion about the company’s internal controls in all respects.

Section 404 of SOX states that the internal control report requirement applies to companies filing annual reports with SEC under the Securities Exchange Act of 1934. Banks and thrift holding companies, which are required to file reports under section 13(a) or 15 (d) of the Exchange act are also subject to the internal control reporting requirements proposed by SOX section 404. Investment companies including mutual funds, subject to filings under the investment act are exempt from the provision of SOX section 404 even though they must comply with section 302 of SOX.

The Value proposition accomplished by SOX section 404 is the reduction of regulatory risk, which is accomplished through well-documented and monitored processes, and controls that provide a credible body of evidence that the certifying officers have established effective internal controls over financial reporting.  SOX section 404 helps management to review the processes and procedures and thereby reducing the risk of financial reporting restatements and fraud.

Preparing Windows Servers for Sarbanes Oxley Section 404 Testing and Auditing

Sarbanes Oxley Section 404 Deadline

Sarbanes Oxley Compliance - No Easy Trick