Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
Modules
· Home
· Content
· Directory
· Downloads
· FAQ
· Forums
· Search
· Sox_Admin
· Statistics
· Submit News
· Surveys
· Top 10
· Your Account

Sarbox Compliance
The appropriately named Sarbanes-Oxley Compliance Toolkit includes a whole range of materials specifically put together to both introduce, and take you through this most important of legislation.

For detailed information see the toolkit's own website: Sarbanes-Oxley Compliance


SOX Act and Security
As security is such a major theme on the Act, many organizations are using the international ISO standards. The ISO 27001 Portal outlines these. A copy of the standards, and security policies, can be obtained via the ISO 17799 Toolkit.

The SOX email storage requirements can be fulfilled using the GFI MailArchiver


SOX Advertisers


Sarbanes What?
Our server logs indicate some interesting mis-spellings: Sarbannes Oxley, Sorbane Oxley, Sarbanne Oxley, Sarbaines Oxley, Sarbanesoxley, Sorbanes Oxley, Sabanes Oxley, Sarbane Oxley, and Sarbanes Oaxley, to name but a few!

Enterprise Risk Management Approach to Management Fraud




The June 2004 issue of Journal of Forensic Accounting includes a Letter From The Publisher entitled "Audit Committees: The Last Best Hope," where an Enterprise Risk Management (ERM) perspective is used to specifically consider Executive Management Fraudulent Financial Reporting (EMFFR) in public companies.


EMFFR is determined to be a catastrophic risk beyond the scope of SOA/COSO internal controls. A simplified EMFFR risk model incorporates the “fraud triangle” into an enterprise perspective and offers an alternative approach to application of risk response interventions. Public company audit committees are presented as both owning EMFFR risk and as being “the party bestplaced to manage the risk response effectively.”

Current influences on corporate governance within the U.S. are reviewed, management of EMFFR risk is recognized as a non-discretionary, non-delegatable function of the audit committee, and a structure for the audit committee to effectively manage EMFFR risk is introduced. The EMFFR risk management structure has three components:

1) forensic accountants as professional audit advisors to the audit committee;

2) use, by the audit committee, of the external auditor as a tool to obtain quality financial reporting from management through insistence upon neutral reporting; and,

3) forensic accountants embedded within the integrated internal controls/financial statement audit and focused exclusively upon active detection of EMFFR. A testable heuristic intended to improve the efficiency of peremptory EMFFR detection is offered.

An overview of the Letter is available here.









Copyright © by Sarbanes-Oxley Act Forum All Right Reserved.

Published on: 2004-05-05 (9237 reads)

[ Go Back ]
Content ©

 
Trademarks referenced on the SOX Act Forum are property of their respective owners. Comments are property of their respective posters.
Sarbanes-Oxley Act Implementation Portal: Sarbanes Oxley compliance, information, software, & internal audit committee resources. Sarbox.
Site source is copyright nuke (c)2003, and is Free Software under the GNU / GPL licence agreement. All Rights Are Reserved.