 |
 |
Global Home > Belgium Home > Issues & Perspectives > Evaluating internal controls at the entity level
 US SURVEYS
FPI SURVEYSINSIGHTS
METHODOLOGY
|
Sarbanes-OxleyEvaluating internal controls - Considerations for evaluating internal controls at the entity levelThe Sarbanes-Oxley Act of 2002 (the Act) makes reporting on internal controls mandatory for SEC registrants and their independent auditors. Section 404 of the Act directs the SEC to adopt rules requiring annual reports of public companies to include an assessment, as of the end of the fiscal year, of the effectiveness of internal controls and procedures for financial reporting. Section 404 also requires the company's independent auditors to attest to and report on management's assessment. The SEC issued its proposed rules in October 2002 and, if adopted as proposed, they will be effective for companies with fiscal years ending on or after September 15, 2003. Therefore, companies should be getting ready now for the comprehensive documentation and evaluation of internal control that will be needed to support management's assessment and the auditors' attestation report. Our publication, Preparing for Internal Control Reporting - A Guide for Management's Assessment under Section 404 of the Sarbanes-Oxley Act (the Guide) (Ernst & Young SCORE Retrieval File No. EE0677), provides a methodology and framework for completing the evaluation. The methodology outlined in the Guide includes five phases:
A logical place to begin any comprehensive evaluation of internal controls is at the top entity-level controls that might have a pervasive effect on the organization. This includes a consideration of factors in each of the five components of internal control that can have a pervasive effect on the risk of errors or fraud. These five interrelated components are:
 |
More info If you have questions regarding Sarbanes-Oxley, please contact: |
+
32 3 270 14 65