DOCSLIB.ORG

G:\Comp\Sec\Sarbanes-Oxley Act of 2002.Xml

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
G:\Comp\Sec\Sarbanes-Oxley Act of 2002.Xml G:\COMP\SEC\SARBANES-OXLEY ACT OF 2002.XML SARBANES-OXLEY ACT OF 2002 [Public Law 107–204, Approved July 30, 2002, 116 Stat. 745] [As Amended Through P.L. 116–222, Enacted December 18, 2020] øCurrency: This publication is a compilation of the text of Public Law 107–204. It was last amended by the public law listed in the As Amended Through note above and below at the bottom of each page of the pdf version and reflects current law through the date of the enactment of the public law listed at https:// www.govinfo.gov/app/collection/comps/¿ øNote: While this publication does not represent an official version of any Federal statute, substantial efforts have been made to ensure the accuracy of its contents. The official version of Federal law is found in the United States Statutes at Large and in the United States Code. The legal effect to be given to the Statutes at Large and the United States Code is established by statute (1 U.S.C. 112, 204).¿ AN ACT To protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the securities laws, and for other purposes. Be it enacted by the Senate and House of Representatives of the United States of America in Congress assembled, SECTION 1. ø15 U.S.C. 7201 note¿ SHORT TITLE; TABLE OF CONTENTS. 1 (a) SHORT TITLE.—This Act may be cited as the ‘‘Sarbanes- Oxley Act of 2002’’. (b) TABLE OF CONTENTS.—The table of contents for this Act is as follows: Sec. 1. Short title; table of contents. Sec. 2. Definitions. Sec. 3. Commission rules and enforcement. TITLE I—PUBLIC COMPANY ACCOUNTING OVERSIGHT BOARD Sec. 101. Establishment; administrative provisions. Sec. 102. Registration with the Board. Sec. 103. Auditing, quality control, and independence standards and rules. Sec. 104. Inspections of registered public accounting firms. Sec. 105. Investigations and disciplinary proceedings. Sec. 106. Foreign public accounting firms. Sec. 107. Commission oversight of the Board. Sec. 108. Accounting standards. Sec. 109. Funding. TITLE II—AUDITOR INDEPENDENCE Sec. 201. Services outside the scope of practice of auditors. Sec. 202. Preapproval requirements. Sec. 203. Audit partner rotation. Sec. 204. Auditor reports to audit committees. Sec. 205. Conforming amendments. Sec. 206. Conflicts of interest. Sec. 207. Study of mandatory rotation of registered public accounting firms. 1 The Sarbanes-Oxley Act of 2002 largely amended other Acts and the amendatory provisions are not shown, however certain provisions, as amended, do appear elsewhere in this compilation. 1 December 21, 2020 As Amended Through P.L. 116-222, Enacted December 18, 2020 VerDate Mar 15 2010 18:34 Dec 21, 2020 Jkt 000000 PO 00000 Frm 00001 Fmt 9001 Sfmt 6611 G:\COMP\SEC\SAO2.BEL HOLC G:\COMP\SEC\SARBANES-OXLEY ACT OF 2002.XML Sec. 1 SARBANES-OXLEY ACT OF 2002 2 Sec. 208. Commission authority. Sec. 209. Considerations by appropriate State regulatory authorities. TITLE III—CORPORATE RESPONSIBILITY Sec. 301. Public company audit committees. Sec. 302. Corporate responsibility for financial reports. Sec. 303. Improper influence on conduct of audits. Sec. 304. Forfeiture of certain bonuses and profits. Sec. 305. Officer and director bars and penalties. Sec. 306. Insider trades during pension fund blackout periods. Sec. 307. Rules of professional responsibility for attorneys. Sec. 308. Fair funds for investors. TITLE IV—ENHANCED FINANCIAL DISCLOSURES Sec. 401. Disclosures in periodic reports. Sec. 402. Enhanced conflict of interest provisions. Sec. 403. Disclosures of transactions involving management and principal stock- holders. Sec. 404. Management assessment of internal controls. Sec. 405. Exemption. Sec. 406. Code of ethics for senior financial officers. Sec. 407. Disclosure of audit committee financial expert. Sec. 408. Enhanced review of periodic disclosures by issuers. Sec. 409. Real time issuer disclosures. TITLE V—ANALYST CONFLICTS OF INTEREST Sec. 501. Treatment of securities analysts by registered securities associations and national securities exchanges. TITLE VI—COMMISSION RESOURCES AND AUTHORITY Sec. 601. Authorization of appropriations. Sec. 602. Appearance and practice before the Commission. Sec. 603. Federal court authority to impose penny stock bars. Sec. 604. Qualifications of associated persons of brokers and dealers. TITLE VII—STUDIES AND REPORTS Sec. 701. GAO study and report regarding consolidation of public accounting firms. Sec. 702. Commission study and report regarding credit rating agencies. Sec. 703. Study and report on violators and violations Sec. 704. Study of enforcement actions. Sec. 705. Study of investment banks. TITLE VIII—CORPORATE AND CRIMINAL FRAUD ACCOUNTABILITY Sec. 801. Short title. Sec. 802. Criminal penalties for altering documents. Sec. 803. Debts nondischargeable if incurred in violation of securities fraud laws. Sec. 804. Statute of limitations for securities fraud. Sec. 805. Review of Federal Sentencing Guidelines for obstruction of justice and ex- tensive criminal fraud. Sec. 806. Protection for employees of publicly traded companies who provide evi- dence of fraud. Sec. 807. Criminal penalties for defrauding shareholders of publicly traded compa- nies. TITLE IX—WHITE-COLLAR CRIME PENALTY ENHANCEMENTS Sec. 901. Short title. Sec. 902. Attempts and conspiracies to commit criminal fraud offenses. Sec. 903. Criminal penalties for mail and wire fraud. Sec. 904. Criminal penalties for violations of the Employee Retirement Income Se- curity Act of 1974. Sec. 905. Amendment to sentencing guidelines relating to certain white-collar of- fenses. Sec. 906. Corporate responsibility for financial reports. December 21, 2020 As Amended Through P.L. 116-222, Enacted December 18, 2020 VerDate Mar 15 2010 18:34 Dec 21, 2020 Jkt 000000 PO 00000 Frm 00002 Fmt 9001 Sfmt 6611 G:\COMP\SEC\SAO2.BEL HOLC G:\COMP\SEC\SARBANES-OXLEY ACT OF 2002.XML 3 SARBANES-OXLEY ACT OF 2002 Sec. 2 TITLE X—CORPORATE TAX RETURNS Sec. 1001. Sense of the Senate regarding the signing of corporate tax returns by chief executive officers. TITLE XI—CORPORATE FRAUD AND ACCOUNTABILITY Sec. 1101. Short title. Sec. 1102. Tampering with a record or otherwise impeding an official proceeding. Sec. 1103. Temporary freeze authority for the Securities and Exchange Commis- sion. Sec. 1104. Amendment to the Federal Sentencing Guidelines. Sec. 1105. Authority of the Commission to prohibit persons from serving as officers or directors. Sec. 1106. Increased criminal penalties under Securities Exchange Act of 1934. Sec. 1107. Retaliation against informants. SEC. 2. DEFINITIONS. (a) ø15 U.S.C. 7201¿ IN GENERAL.—Except as otherwise spe- cifically provided in this Act, in this Act, the following definitions shall apply: (1) APPROPRIATE STATE REGULATORY AUTHORITY.—The term ‘‘appropriate State regulatory authority’’ means the State agency or other authority responsible for the licensure or other regulation of the practice of accounting in the State or States having jurisdiction over a registered public accounting firm or associated person thereof, with respect to the matter in ques- tion. (2) AUDIT.—The term ‘‘audit’’ means an examination of the financial statements of any issuer by an independent public ac- counting firm in accordance with the rules of the Board or the Commission (or, for the period preceding the adoption of appli- cable rules of the Board under section 103, in accordance with then-applicable generally accepted auditing and related stand- ards for such purposes), for the purpose of expressing an opin- ion on such statements. (3) AUDIT COMMITTEE.—The term ‘‘audit committee’’ means— (A) a committee (or equivalent body) established by and amongst the board of directors of an issuer for the purpose of overseeing the accounting and financial report- ing processes of the issuer and audits of the financial statements of the issuer; and (B) if no such committee exists with respect to an issuer, the entire board of directors of the issuer. (4) AUDIT REPORT.—The term ‘‘audit report’’ means a docu- ment or other record— (A) prepared following an audit performed for pur- poses of compliance by an issuer with the requirements of the securities laws; and (B) in which a public accounting firm either— (i) sets forth the opinion of that firm regarding a financial statement, report, or other document; or (ii) asserts that no such opinion can be expressed. (5) BOARD.—The term ‘‘Board’’ means the Public Company Accounting Oversight Board established under section 101. (6) COMMISSION.—The term ‘‘Commission’’ means the Secu- rities and Exchange Commission. December 21, 2020 As Amended Through P.L. 116-222, Enacted December 18, 2020 VerDate Mar 15 2010 18:34 Dec 21, 2020 Jkt 000000 PO 00000 Frm 00003 Fmt 9001 Sfmt 9001 G:\COMP\SEC\SAO2.BEL HOLC G:\COMP\SEC\SARBANES-OXLEY ACT OF 2002.XML Sec. 2 SARBANES-OXLEY ACT OF 2002 4 (7) ISSUER.—The term ‘‘issuer’’ means an issuer (as defined in section 3 of the Securities Exchange Act of 1934 (15 U.S.C. 78c)), the securities of which are registered under section 12 of that Act (15 U.S.C. 78l), or that is required to file reports under section 15(d) (15 U.S.C. 78o(d)), or that files or has filed a registration statement that has not yet become effective under the Securities Act of 1933 (15 U.S.C. 77a et seq.), and that it has not withdrawn. (8) NON-AUDIT SERVICES.—The term ‘‘non-audit services’’ means any professional services provided to an issuer by a reg- istered public accounting firm, other than those provided to an issuer in connection with an audit or a review of the financial statements
Load more

Recommended publications
  • Metropolitan Council Internal Audit Charter A
    METROPOLITAN COUNCIL INTERNAL AUDIT CHARTER A. AUDIT COMMITTEE PURPOSE: The Metropolitan Council has established a special committee of the Council to be called the Metropolitan Council Audit Committee. The purpose of the Committee is to assist the Metropolitan Council in fulfilling its oversight responsibility for the integrity of the Council’s financial and operational results, compliance with legal and regulatory requirements, and the performance of internal audit and external auditors. AUTHORITY: The Audit Committee has authority to conduct or authorize special audits and investigations into any matters within its scope of responsibility. It is empowered to: Approve the Chief Audit Executive’s Audit Plan. Resolve any disagreements between management and the internal/external auditors regarding financial or operational control and reporting. Review and accept external auditors’ reports along with management’s written responses when appropriate. Obtain information from employees or external parties as part of its review. Council employees are directed to cooperate with Audit Committee requests. Meet with Council employees, external auditors, legal counsel, or others as necessary. Be consulted regarding changes in the Chief Audit Executive’s duties. Be informed of all matters that impair the conduct of an audit or review. However, where feasible such matters shall be first brought to the attention of the Regional Administrator for resolution before communicating them to the Audit Committee. Make periodic reports to the Council or appropriate standing committee established by the Council. RESPONSIBILITIES: Financial and Operational Review Oversight Review significant accounting, operational and reporting issues and understand their impact on the financial and operating results on the Metropolitan Council’s system of internal control.
    [Show full text]
  • Internal Control and the Board: What Is All the Fuss About?
    The Deloitte Academy June 2021 Stakeholders Societal licence Shareholders Responsible business Transparency Corporate governance Viability Company purposeAudit committee Culture Strategy Viability Internal control KPIs Audit quality Remuneration Sustainability Trust Shareholders Strategy Assurance KPIs Reputation Capability Stakeholders Company purpose Viability Internal control and the board: What is all the fuss about? Headlines • The UK Corporate Governance Code already establishes a clear responsibility on the whole board to establish a framework of prudent and effective controls – however, behind the UK proposals for a US style internal control attestation are very real questions as to whether responsibilities go far enough and whether there is sufficient guidance for boards, together with sufficiently detailed information from management, to meet these responsibilities effectively. • In particular the guidance does not address the pervasiveness of technology in detail, and boards may not be obtaining sufficient assurance over the effectiveness of IT controls given the complexity and interdependency of the IT infrastructure which exists in many companies today. • The extent of work performed by external auditors is also not well understood - careful questioning of auditors in relation to their audit scope and approach could reveal much about the control environment. • In summary, boards should not wait for further announcements from the Government or FRC/ARGA before taking action in this area, particularly if they are not able to answer the questions which we raise throughout this publication. Internal control and the board: What is all the fuss about? A reminder of the current UK Corporate Governance Code requirements • Overarching board responsibility from Code Principle C: The board should establish a framework of prudent and effective controls, which enable risk to be assessed and managed.
    [Show full text]
  • Risk Management and Internal Controls
    Risk Management and Internal Controls Accounting & Audit Update April 26, 2018 Learning Objectives . Develop an understanding of risks your organization may be facing . Understand the value of enterprise risk management . Know how internal controls can help in addressing risks . Recognize your role in risk management 2 1 Agenda . Overview of Risk Management . The State of Risk Oversight – AICPA & North Carolina Poole College of Management ERM Initiative Study 2017 . COSO ERM Framework . What can I do? 3 Risk Management and IC OVERVIEW 4 2 Introduction . Every choice we make in the pursuit of objectives has its risks. From day- to-day operational decisions to the fundamental trade-offs in the boardroom, dealing with uncertainty in these choices is a part of our operational lives. 5 Risk vs. Uncertainty . Risk – the possibility that event(s) will occur and affect the achievement of strategy and business objectives . Uncertainty – the state of not knowing how or if potential events may manifest 6 3 Variety of Risks & Assessments . Governance . Compliance . Financial . Environmental risk . Operational . Fraud risk . Technology . IT/information . Legal security risk . Reputation . Insurance . Strategic . Investments . HR 7 Governance Risk . Lack of succession planning . Board make-up and structure . Poor advisors . Dysfunctional working relationships between executives and board . Ethical issues . Non-prudent behavior . Changing values 8 4 Financial Risks . Access to/availability of capital . Investment risks . Errors or fraud and financial reporting . Lack of oversight or approvals . Misappropriation of assets . Loss of revenue sources . Loss of key suppliers 9 Operational Risks . Decrease in service quality . Safety . Inadequate internal controls . Lack of accountability by business partners .
    [Show full text]
  • An Audit of Internal Control Over Financial Reporting That Is Integrated with an Audit of Financial Statements
    An Audit of Internal Control Over Financial Reporting 1425 AU-C Section 940 An Audit of Internal Control Over Financial Reporting That Is Integrated With an Audit of Financial Statements Source: SAS No. 130; SAS No. 135; SAS No. 140. Effective for integrated audits for periods ending on or after Decem- ber 15, 2016, unless otherwise indicated. Introduction Scope of This Section .01 This section establishes requirements and provides guidance that ap- plies only when an auditor is engaged to perform an audit of internal control over financial reporting (ICFR) that is integrated with an audit of financial statements (integrated audit). (Ref: par. .A1) .02 Generally accepted auditing standards (GAAS) are written in the con- text of an audit of financial statements but are to be adapted as necessary in the circumstances when applied to an audit of ICFR that is integrated with an audit of financial statements.1 This section includes special considerations related to performing an integrated audit. Effective Date .03 This section is effective for integrated audits for periods ending on or after December 15, 2016. Objectives .04 The objectives of the auditor in an audit of ICFR are to a. obtain reasonable assurance about whether material weaknesses exist as of the date specified in management's assessment about the effectiveness of ICFR (as of date)and b. express an opinion on the effectiveness of ICFR in a written re- port, and communicate with management and those charged with governance as required by this section, based on the auditor's find- ings. (Ref: par. .A2–.A4) Definitions .05 For purposes of GAAS, the following terms have the meanings at- tributed as follows: 1 Paragraph .02 of section 200, Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance With Generally Accepted Auditing Standards.
    [Show full text]
  • Internal Control and Compliance Manual for Tennessee Municipalities Table of Contents
    INTERNAL CONTROL AND COMPLIANCE MANUAL FOR TENNESSEE MUNICIPALITIES TABLE OF CONTENTS TABLE OF CONTENTS Preface i Introduction Overview of Internal Control 1 Component 1 Control Environment GAO Green Book - Principles 1 through 5 3 Component 2 Risk Assessment GAO Green Book - Principles 6 through 9 8 Component 3 Control Activities GAO Green Book - Principles 10 through 12 12 Component 4 Information and Communication GAO Green Book - Principles 13 through 15 20 Component 5 Monitoring GAO Green Book - Principles 16 through 17 25 INTERNAL CONTROL MANUAL FOR LOCAL GOVERNMENTAL ENTITIES AND OTHER AUDITED ENTITIES IN TENNESSEE PREFACE PREFACE Local governments and other entities detailed below must establish and maintain an adequate internal control system for purposes of financial reporting, managing operations, and legal compliance. Various state statutes require the Department of Audit, Comptroller of the Treasury, to prescribe a uniform accounting system for entities that handle public funds. Those statutes require officials to adopt and use the system and the character of books, reports, and records designated by the Comptroller of the Treasury. An accounting system is defined as the methods and records established to identify, assemble, analyze, classify, record and report a government’s transactions and to maintain accountability for the related assets and liabilities. Those methods would necessarily include establishing, documenting, and implementing adequate internal controls. Some of those requirements are listed below: State, county, municipal, and utility district offices – Section 9-2-102, Tennessee Code Annotated (TCA) Emergency communication districts – Section 7-86-304, TCA Development district offices – Section 13-14-108, TCA Human resource agencies – Section 13-26-109, TCA Public charter schools – Section 49-13-111(m), TCA Regional development authorities – Section 64-7-105, TCA In addition, Section 9-18-102(a), TCA, was amended to expressly require each county, municipal, and metropolitan government to establish and maintain internal controls.
    [Show full text]
  • COSO) Oversight Representative COSO Chair John J
    Enterprise Risk Management — Integrated Framework Executive Summary September 2004 Copyright © 2004 by the Committee of Sponsoring Organizations of the Treadway Commission. All rights reserved. You are hereby authorized to download and distribute unlimited copies of this Executive Summary PDF document, for internal use by you and your firm. You may not remove any copyright or trademark notices, such as the ©, TM, or ® symbols, from the downloaded copy. For any form of commercial exploitation distribution, you must request copyright permission as follows: The current procedure for requesting AICPA permission is to first display our Website homepage on the Internet at www.aicpa.org, then click on the "privacy policies and copyright information" hyperlink at the bottom of the page. Next, click on the resulting copyright menu link to COPYRIGHT PERMISSION REQUEST FORM, fill in all relevant sections of the form online, and click on the SUBMIT button at the bottom of the page. A permission fee will be charged for th e requested reproduction privileges. Committee of Sponsoring Organizations of the Treadway Commission (COSO) Oversight Representative COSO Chair John J. Flaherty American Accounting Association Larry E. Rittenberg American Institute of Certified Public Accountants Alan W. Anderson Financial Executives International John P. Jessup Nicholas S. Cyprus Institute of Management Accountants Frank C. Minter Dennis L. Neider The Institute of Internal Auditors William G. Bishop, III David A. Richards Project Advisory Council to COSO Guidance Tony Maki, Chair James W. DeLoach John P. Jessup Partner Managing Director Vice President and Treasurer Moss Adams LLP Protiviti Inc. E. I. duPont de Nemours and Company Mark S.
    [Show full text]
  • Guide to the Sarbanes-Oxley Act: IT Risks and Controls (Second Edition)
    1. FPO Guide to the Sarbanes-Oxley Act: IT Risks and Controls Second Edition Table of Contents Introduction .............................................................................................................................. 1 Overall IT Risk and Control Approach and Considerations When Complying with Sarbanes-Oxley .... 2 1. Is there an overall approach to IT risk and control consideration that should be followed? .......................... 2 2. Why is it so important to consider IT when evaluating internal control over financial reporting? ............... 4 3. How should Section 404 compliance teams define “IT risks and controls”? .................................................. 5 4. How does management identify and prioritize IT risks? ................................................................................. 5 5. What guidance does COSO provide with respect to IT controls? .................................................................. 6 6. What guidance is provided by the Information Systems Audit and Control Association’s (ISACA) Control Objectives for Information and Related Technologies (COBIT) framework with respect to IT controls? ........................................................................................................... 6 7. How do COSO and COBIT facilitate a Section 404 compliance effort? ........................................................ 6 8. If a Section 404 project strictly and only follows COBIT, will the project be compliant with the Section 404 compliance efforts? .......................................................................................................................
    [Show full text]
  • Internal Control Questionnaires and Verification Procedures
    ICQs and Verification Procedures Comptroller’s Handbook December 2007 Internal Control Questionnaires and Verification Procedures Table of Contents Introduction............................................................................................................ 1 Pre-Examination Planning..............................................................................................1 During the Examination.................................................................................................2 Accounts Receivable and Inventory Financing........................................................6 Internal Control Questionnaire .....................................................................................6 Verification Procedures.................................................................................................8 Agricultural Lending .............................................................................................11 Verification Procedures...............................................................................................11 Allowance for Loan and Lease Losses ...................................................................14 Internal Control Questionnaire ...................................................................................14 Verification Procedures...............................................................................................15 Asset and Liability Management ...........................................................................17 Internal Control
    [Show full text]
  • Guide to Internal Control Over Financial Reporting
    GUIDE TO INTERNAL CONTROL OVER FINANCIAL REPORTING ABOUT THE CENTER FOR AUDIT QUALITY Please note that this publication is intended as general information and should not be relied upon as being The Center for Audit Quality (CAQ) is an autonomous definitive or all-inclusive. As with all other CAQ resources, public policy organization dedicated to enhancing this is not authoritative, and readers are urged to refer investor confidence and public trust in the global capital to relevant rules and standards. If legal advice or other markets. The CAQ fosters high-quality performance by expert assistance is required, the services of a competent public company auditors; convenes and collaborates professional should be sought. The CAQ makes no with other stakeholders to advance the discussion of representations, warranties, or guarantees about, and critical issues that require action and intervention; assumes no responsibility for, the content or application and advocates policies and standards that promote of the material contained herein. The CAQ expressly public company auditors’ objectivity, effectiveness, and disclaims all liability for any damages arising out of the responsiveness to dynamic market conditions. Based in use of, reference to, or reliance on this material. This Washington, DC, the CAQ is affiliated with the American publication does not represent an official position of the Institute of CPAs. CAQ, its board, or its members. GUIDE TO INTERNAL CONTROL OVER FINANCIAL REPORTING GUIDE TO INTERNAL CONTROL OVER FINANCIAL REPORTING
    [Show full text]
  • An Audit of Internal Control Over Financial Reporting That Is Integrated with an Audit of Financial Statements
    1666 K Street, NW Washington, D.C. 20006 Telephone: (202) 207-9100 Facsimile: (202) 862-8430 www.pcaobus.org STAFF VIEWS AN AUDIT OF INTERNAL CONTROL OVER FINANCIAL REPORTING THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES JANUARY 23, 2009 This publication presents the views of the staff of the Public Company Accounting Oversight Board on how auditors can apply certain provisions of Auditing Standard No. 5 to audits of internal control over financial reporting of smaller, less complex public companies. The statements contained in this publication are not rules of the Board, nor have they been approved by the Board. Staff Views January 23, 2009 Page 2 of 62 TABLE OF CONTENTS Chapter Topic Page Introduction ...........................................................................................................3 1 Scaling the Audit for Smaller, Less Complex Companies ............................6 2 Evaluating Entity-Level Controls ..................................................................12 3 Assessing the Risk of Management Override and Evaluating Mitigating Actions ..........................................................................................18 4 Evaluating Segregation of Duties and Alternative Controls.......................24 5 Auditing Information Technology Controls in a Less Complex Information Technology Environment..........................................................27 6 Considering Financial Reporting Competencies and Their Effects on Internal
    [Show full text]
  • Information Technology Risk and Controls 2Nd Edition
    IPPF – Practice Guide Information Technology Risk and Controls 2nd Edition 120366 PRO-GTAG_1_COVER.indd 1 3/28/12 2:18 PM Building on Experience, Shaping the Future of Audit Technology As the world’s leading audit management software, TeamMate has revolutionized the audit industry, empowering audit departments of all sizes to do more with less. Introduced in 1994, TeamMate has a long standing commitment to advancing the audit profession. From consistently innovative product updates, to hosted solutions, and now mobile apps, we are dedicated to leveraging the latest technology for our clients. Don’t take our word for it... TeamMate’s outreach extends beyond our customers to support Check out what our and enrich the professional community through research projects, educational programs and initiatives such as our Open customers are saying at Audit Innovation Contest. TeamMateSuccess.com To learn about TeamMate, visit us on the web at CCHTeamMate.com or call 1.888.830.5559. Copyright © 2012 Wolters Kluwer Financial Services, Inc. All Rights Reserved. 2119-ARC-TM-GTAG-AD 12/15/11 120366 PRO-GTAG_1_COVER.indd 2 3/28/12 2:18 PM Global Technology Audit Guide (GTAG®) 1 Information Technology Risk and Controls 2nd Edition March 2012 120366 PRO-GTAG_1_TEXT.indd 1 3/28/12 2:17 PM 120366 PRO-GTAG_1_TEXT.indd 2 3/28/12 2:17 PM GTAG — Table of Contents EXECUTIVE SUMMARY .........................................................................................................................................2 1. INTRODUCTION ................................................................................................................................................3
    [Show full text]
  • Sarbanes-Oxley Section 404
    SARBANES-OXLEY SECTION 404: A Guide for Management by Internal Controls Practitioners SARBANES-OXLEY SECTION 404: A Guide for Management by Internal Controls Practitioners The Institute of Internal Auditors 2nd Edition, January 2008 Table of Contents About the Second Edition...........................................................................................................iii How to Use This Guide .............................................................................................................. iv Introduction.................................................................................................................................1 Summary for the CEO and CFO .................................................................................................3 A. Section 404: Rules or Principles ............................................................................................9 B. Revisiting the Principles of Internal Control ...................................................................... 11 The COSO Framework ....................................................................................................... 15 C. What Constitutes an Effective System of Internal Control as it Relates to the Requirements of Section 404? ............................................................................................. 18 D. Who Is Responsible for Internal Controls? ......................................................................... 19 E. What Is the Scope of Management’s Assessment of the System
    [Show full text]