Analysis of Sarbanes-Oxley and IT Control: Robert Freeman.

Slides:

Advertisements

Similar presentations

Corporate Governance in UK “The effectiveness with which boards discharge their responsibilities determines Britain's competitive position. They must be.

Advertisements

Their relationship and attendant issues 1. Shareholders are the owners, but directors’ duties are to the company – not to any particular class of stakeholders.

Managed Funds Association’s Sound Practices for Hedge Fund Managers 2009 Edition.

How to Audit an ERP System via the Risk Management Route Presented by: Gabriel Lung ISACA London Chapter Events 2003/2004 ABN-AMRO, 250 Bishopsgate, London.

McGraw-Hill/Irwin Copyright © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 The Role of Government.

Sarbanes-Oxley Compliance Process Automation

Sarbanes-Oxley: where Information-Technology, Finance and Ethics Meet

ProCognis SOX 404 & COSO Implementation Presentation

Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.

MODULE 3 THE ENVIRONMENTAL PRINCIPLES Session 2: Principle 8

Adam Bearhalter Kristy Kelly Julie Bland Alex Tiset.

By: Stephanie Wallace, Yoichi Miyahira, Rui Matsuura.

© 2007 Prentice Hall, Inc. All rights reserved.14–1 Chapter 14 The Role of Accountants and Accounting Information.

Office of Inspector General (OIG) Internal Audit

Internal Audits, Governmental Audits, and Fraud Examinations

Fundraising Benchmarks to determine Institutional Readiness.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

The Integrity of Financial Reporting

Disaster Recovery Policy & Procedures An Overview for Staff Prepared by MSM Compliance Services Pty Ltd.

“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.

1 Business Continuity and Compliance Working Together Kristy Justice, AVP WaMu Card Services 08/19/2008.

SAS 112: The New Auditing Standard Jim Corkill Controller Accounting Services & Controls.

SAS 70 (Statement on Auditing Standards No. 70) Kelley Piner Charles Roberts Ashley Walker.

Corporate Governance for SMEs SME Success Series – September 2013 Rami Raslan - GradICSA Senior Corporate Secretary.

Internal Auditing and Outsourcing

C H A P T E R 2 Stakeholder Relationships, Social Responsibility, and Corporate Governance.

The Institutionalization of Business Ethics

Implementing and Auditing Ethics Programs

Michael Nugent. Sustainability Reporting An External Audit Perspective Michael Nugent IFAC.

Managing the Privacy Function at a Large Company Kimberly S. Gray, Esq., CIPP Chief Privacy Officer Highmark Inc.

Implementation Issues of Sarbanes-Oxley CASE Presentation September 23, 2004 By Denise Farnan.

Chapter 5 Internal Control over Financial Reporting

Slide 1 The 9 th European Financial Markets Convention “Towards true integration by 2009” Brussels May 2005 Corporate Governance Session by the ECGI.

Page 1 Internal Audit Outsourcing The Moss Adams Approach to Internal Audit Outsourcing Proposed SOX 404 Changes.

Overview:  Different controls in an organization  Relationship between IT controls & financial controls  The Mega Process Leads  Application of COBIT.

Market Health SOME CONCLUDING REMARKS. This project has received funding from the European Union’s Seventh Framework Programme for research, technological.

© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.

INTERNAL CONTROLS and UNC-CHAPEL HILL Stan Koziol, CPA.

Corporate Governance.  It is the reporting on environmental, social & governance issues as well as the traditional financial report.  It ties in with.

1 © 2012 John Wiley & Sons, Ltd, Accounting for Managers, 4th edition, Chapter 2 Accounting and its Relationship to Shareholder Value and.

1 Information Technology (IT) Auditing & Control Instructor: Dr. Princely Ifinedo Cape Breton University (CBU)

TWO FIELDS…ONE JOB: THE RELATIONSHIP BETWEEN ACCOUNTING AND IT By: Jodi L. Benson July 2005.

Connecting the Dots A Practical Approach to Integrating Compliance, Risk and Quality Jody Ann Noon RN, JD Partner Health Care Regulatory Practice.

[Hayes, Dassen, Schilder and Wallage, Principles of Auditing An Introduction to ISAs, edition 2.1] © Pearson Education Limited 2007 Slide 4.1 An Auditor’s.

Internal Controls Christina Urias Managing Director – International Regulatory Affairs NAIC.

AUDIT COMMITTEES کمیته های حسابرسی. مطلب تویی طالب تویی، هم منتها، هم مبتدا خورشید را حاجب تویی، امید را واجب تویی.

University of Minnesota Internal\External Sales “The Internal Sales Review Process” An Overview of What Happens During the Review.

WHAT THE REGULATORS EXPECT FROM PENSION FUNDS Anne Maher Chief Executive The Pensions Board Ireland 23 November 2005.

International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.

Corporate Governance in Hong Kong Stephen Y. L. Cheung Professor (Chair) of Finance Department of Economics and Finance City University of Hong kong.

Sustainability Assessment: The Way Ahead for Corporate Reporting.

By: Mark Nelson. Sarbanes-Oxley Overview Named after sponsors Senator Paul Sarbanes and Representative Michael G. Oxley Enacted on July 30, 2002 Contains.

Vector INTERNAL CONTROL Mike Trigg. vector WHAT IS INTERNAL CONTROL? A key part of effective corporate governance Policies and processes to: - make operations.

Developing an Effective Ethics Program

GOVERNANCE. In the year under review the DoW has a Risk Management Committee that meets to monitor the implementation of risk management initiatives and.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 20-1 Chapter Twenty Assurance, Related Services and Internal.

Copyright © Houghton Mifflin Company. All rights reserved.8-1 Chapter 8 Developing an Effective Ethics Program.

Internal Audit Section. Authorized in Section , Florida Statutes Section , Florida Statutes (F.S.), authorizes the Inspector General to review.

F8: Audit and Assurance. 2 Audit and Assurance Designed to give you knowledge and application of: Section A: Audit Framework and Regulation Section B:

1 Chapter 2 Corporate Governance and Ethics. 2 Introduction Companies need strong corporate governance and sound ethical practices: Scandals cause the.

Copyright © 2012 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 The Role of Government McGraw-Hill.

Governance, Risk and Ethics. 2 Section A: Governance and responsibility Section B: Internal control and review Section C: Identifying and assessing risk.

Promoting Regional Capital Market Integration

The Institutionalization of Business Ethics

Lombard Odier Darier Hentsch & Cie | World Civil Society Forum

Is Your Ethics Program in Order?

Aija Punāne LASA, Deputy Board Chairperson

Good Governance and an Effective Board of Trustees

Management commitment and responsibility Safety accountability of managers Appointment of key safety personnel SMS Implementation Plan Coordination.

Presentation transcript:

Analysis of Sarbanes-Oxley and IT Control: Robert Freeman

2 Agenda Introduction The Origins of Sarbanes-Oxley and IT Auditing Examining IT Governance Controls Creating Value Assessing Trust Conclusion

3 The Origins of Sarbanes-Oxley and IT Control Sarbanes-Oxley was passed in July, 2002 to correct problems of internal control in both accounting and IT areas. Created the PCAOB, as well as further requirements on management. Code of Ethics required, but still comes from corporate attitude. History of IT control stems from Equity Funding Corporation of America scandal, CobiT 4.1 latest version of internal control.

4 Examining IT Governance Controls Utilizing document of controls from the IT Governance Institute. Important Objectives: Understanding the organization’s internal control program and its financial reporting process. Identifying risks related to these IT systems, designing and implementing controls designed to mitigate the identified risks and monitoring them for continued effectiveness. Monitoring IT controls for effective operation over time.

5 IT Control Road Map Source:

6 Examining IT Governance Control Types of Controls Entity-Level Controls useful on a macro scale. Activity-Level Controls good for accounting applications, such as the general ledger. Road Map Important for measuring scope, formalizing the process. Critical for long-term sustainability of IT control implementation. Human Factor Change of culture must begin from top-down.

7 Creating Value Sarbanes-Oxley must be able to foster trust, confidence, compliance, and improve company value. Negative Has increased company expenses by 130%, hurt small businesses. Positive Has encouraged change in controls, culture. Companies are creating greater returns on value through improved IT governance structures.

8 Assessing Trust Trust and confidence between parties is important for greater returns from market. Negative Investors want to see positive returns, regardless of status of company’s internal process control. Positive Companies are improving controls, not “racing to the bottom”. Quantity and quality of financial information to investors has improved.

9 Conclusion IT will continue to grow in importance as a means of communication and control. Sarbanes-Oxley is a good start, but not enough. Companies must create value through change in culture, and improvement in controls in all departments, including IT (increased flexibility). Compliance is not enough to create value.

10 Questions