External Audit/Compliance 1654
How often does a company need to change the external audit firm they use regarding SOX compliance? I hear it was every three years, but can not find that anywhere
harrywaldron last edited by
Hi - I’m not certain if SOX regulations mandate that a company switch external audit firms every 3 years, based on some searches this morning. I could be wrong on this as my role is more IT related.
The use of different external audit companies periodically may be more of a best practice to gain perspectives from other firms. Costs are also a factor, as external audit firms are now charging companies about twice as much as they did before SOX (albeit, there are more services rendered and it’s a cost of doing business).
Finally, as extensive audit firms provide a service, companies also want to ensure the team has the appropriate SOX related expertise and track record to meet their needs. These factors may also play a role in why companies are actively changing firms.
I am on the IT side also, so thus the post. I had heard it was required, but I too could not find anything on it. It was told to me that it was for audit safeguards. The big firms now are peer audited, and if you are required to switch firms every few years you are assured of an unbiased opinion.
I will keep looking… maybe Letakis (frequent to this site) has some info so I’ll post to him…
I found an answer:
The external auditor for the attestation (AUDIT) of the financial statements
and the attestation of management’s assessment of internal controls has to rotate the audit partner every 5 years (Section 203 of Sarbanes-Oxley Act).
Further note. The PCOAB is now auditing the public accounting firms that
audit public companies. They have replaced the pier reviews that we saw in the past. I do not think we will see the pier review process continuing in
the near future for these SEC registered firms
kymike last edited by
That is correct. There is no requirement to rotate the audit firm at all, only the lead partner on the audit.
NC last edited by
rotation of Auditors would only help the Auditee. Each time a new auditor comes in, they would take some time to understand our process and hence would give the compliance certificaiton without causing the regular havoc :twisted: