Segregation of duties (SODs) is an important concept to internal control frameworks, financial reporting and regulatory compliance, including the Sarbanes-Oxley Act (SOX). It is a component of an effective control environment. The overall effectiveness of management’s internal controls depends on SoDs to a large extent. For effective internal controls, there needs to be an adequate division of responsibilities.
Segregation of Duties: Key Facts You Need to Know
Topics: COSO, Internal Controls, IT Controls, Process-Level Control, Segregation of Duties
COSO Integrated Control Framework: Important Changes You Need to Know
In January 2013, the updated version of the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Integrated Internal Control Framework went into effect (https://www.coso.org/). If you’re wondering what this model is, you probably work for a privately held corporation or a non-profit or are very new to internal audit.
Topics: Compliance, COSO, Internal Controls, Risk Assessment, Entity-Level Control
Disclosure Controls and Procedures: Key Facts You Need to Know
The SEC introduced “disclosure controls and procedures” as a new term in its initial August 29, 2002, release following the enactment of Sarbanes-Oxley.
Topics: Internal Controls, Entity-Level Control, Sarbanes-Oxley Act, Financial Reporting, Section 302 - Executive Certs.
Fraud: Corporate fraud, employee theft, insurance scams/workers compensation fraud, employer fraud, forgery/falsified documents and even money laundering. Nobody likes to think it’s happening in their company, and yet global fraud studies by the Association of Certified Fraud Examiners (ACFE) estimate a median of 5% of revenue is lost every year due to fraud. While the ACFE found that both large and small organizations fall victim to occupational and workplace fraud, employee theft and financial fraud are especially detrimental to businesses with less than 100 employees.
Topics: Fraud, Ethics, Internal Controls, Segregation of Duties
A Guide to Self-Assessment Value Proposition
Self-assessment is a process through which an organization utilizes its internal knowledge to identify and assess uncertainties and the extent to which current practices are sufficient and appropriate to manage and achieve strategic objectives. Self-assessment drives the "tone at the top" down to process owners.
Topics: Internal Audit, Internal Controls, Entity-Level Control, Self-Assessment
Comparing U.S. Sarbanes-Oxley with C-SOX (Bill 198) and J-SOX (FIE)
As a result of the infamous Enron and WorldCom scandals, the U.S. reacted with strict guidelines to re-establish confidence in the financial market. Commonly referred to as the Sarbanes-Oxley Act, or “SOX,” the Public Company Accounting Reform and Investor Protection Act of 2002 was implemented to protect shareholders and the general public from fraud and general accounting errors. SOX has come to be considered part of the total fabric driving reliable financial reporting, impacted by securities laws and regulatory oversight, exchange listing requirements, accepted accounting principles, effective auditing standards, accounting firm oversight, effective standards for audit committees of boards, and independence requirements for directors and auditors, among other things.
Topics: Internal Controls, PCAOB
What Is Internal Audit’s Role in Cyber Security?
Corporations today are thinking about how to protect assets. A few of the white collar crime problems include hacking/intrusions (cyber vulnerability), insider/outsider trading (convergence of cyber and financial crimes), the Foreign Corrupt Practices Act (FCPA), spear fishing (email compromise) and economic espionage. They must consider the possibility of internal corruption or external corruption, and environmental factors such as culture and competition contributing to these crimes. As protection, organizations can use cyber security, pen testing and data loss prevention tactics.
Topics: Enterprise Risk Management, Internal Audit, Internal Controls, Risk Assessment, Cybersecurity, IT Controls
Add a Comment: