Check out the news and events affecting your IT internal controls.
- CPA Control Coach™

News - Events and Recent Developments

ProtectPro Solutions presents "What's Happening in IT Internal Controls" — summarizing
events and developments that can affect you. A key part of the ProtectPro Solutions
service is to ensure that you are in compliance with legislative and other developments
that could impact your IT system.

What's happening in IT internal controls — news you can, and should, use

Sarbanes-Oxley Act, Section 404, reporting requirement.  The act requires companies to include in their annual reports a report by management on the company's internal control over financial reporting and the accompanying auditor's report.


AICPA offers SASs in response to Sarbanes-Oxley.  The AICPA has new and amended Statements on Auditing Standards codifying new requirements for reporting and communication regarding internal control issues (available at www.cpa2biz.com or www.aicpa.org/members/div/auditstd/drafts.htm):
Sarbanes-Oxley Omnibus SAS No. 98
Auditing an Entity's Internal Control over Financial Reporting in Conjunction with the Financial Statement Audit
Communication of Internal Control Related Matters Noted in an Audit
(supersedes SAS No. 60)
Reporting on an Entity's Internal Control over Financial Reporting (supersedes SSAE No. 10)


Also see the website for the Public Company Accounting Oversight Board (PCAOB) for its release of auditing standards that, for the most part, incorporate the SASs listed above.


New updated COSO Report Enterprise Risk Management — Integrated Framework released September 29, 2004. This new report expands on the original COSO report, Internal Control — Integrated Framework, by adding "strategic" to the category of entity objectives requiring focus by management and the board of directors as part of enterprise risk management. Specifically, organizations need to set and periodically realign their strategic objectives related to high-level goals of their mission/vision statements. The report, still sponsored by the Treadway Commission and authored by PricewaterhouseCoopers, also expands the number of integrated components from five to eight, adding objective setting, event identification, and risk response. The first component, previously called "control environment," is now referred to as "internal environment". Control activities, now the sixth component, are still broadly grouped as either "general controls" or "application controls."    www.erm.coso.org


The 9/11 Commission concluded that the private sector, which controls 85% of the nation's critical infrastructure, is not prepared.  Testimony disclosed a stark reality — that most organizations would not survive a major attack. This should be a wakeup call for business owners to prepare. www.rer.org/roundtable/previousissues/...


Internal control checklist helps Audit Committees meet new demands by Sarbanes-Oxley.  The recently published AICPA Audit Committee Toolkit provides handy checklists. The internal control section includes questions on the interrelated components of an internal control structure. www.aicpa.org/AudCommCtr  


Just click on Order Now ...  for two easy ways to purchase ProtectPro for Networks.
Order Now    or continue on    Tour of this Site    or go to the    Game Room

Copyright © 2004-2005 ProtectPro Solutions. All rights reserved.
Clipart Images Copyright, New Vision Technologies Inc.