The Relationship between Sarbanes Oxley Act to Internal Control

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Five areas of thought when setting up internal controls, for your business; Information and communication, decision makers, rather it is the owner, or investors, need accurate information to make sound decisions. Control procedures these procedures should assure that the business goals are achieved. Control environment, also called the tone-at-top the attitude of the owner trickles down, so having ethical persons in key positions, especially important. Having all employee practice ethically is just as important. Risk assessment, businesses should identify and manage risk, last but not least Monitoring of controls, companies hire outside auditors to monitor the business controls.

Section 404 Sarbanes-Oxley Act to Management Assessment of Internal Controls

(a) RULES REQUIRED- The Commission shall prescribe rules requiring each annual report required by section 13 of the Securities Exchange Act of 1934 (15 U.S.C. 78m) to contain an internal control report, which shall--

(1) State the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting; and

(2) Contain an assessment, as of the end of the most recent fiscal year of the issuer, of the effectiveness of the internal control structure and procedures of the issuer for financial reporting.

(b) INTERNAL CONTROL EVALUATION AND REPORTING- With respect to the internal control assessment required by subsection (a), each registered public accounting firm that prepares or issues the audit report for the issuer shall attest to, and report on, the assessment made by the management of the issuer. An attestation made under this subsection shall be made in accordance with standards for attestation engagements issued or adopted by the Board. Any such attestation shall not be the subject of a separate engagement. (KarlN, 2002)

The Sarbanes-Oxley Act is Congress response to the accounting sandals with Enron and WorldCom. Section 404 speaks directly to Internal Controls attempt to eradicate corporate and accounting frauds. Enron and WorldCom have confirmed the shortage of internal controls with regard to revenue recognition. The Sarbanes-Oxley Act legally holds the CEO and CFO accountable for mistakes or omissions in financial filings, but internally, organizations are holding their direct reporter accountable for erroneous information. (Garrison Chad, 2003)

However, every business big or small should have internal controls in place, following the guidelines of SOX. The Sarbanes-Oxley Act examines businesses to locate any flaws the way the business collects, and discloses its financial information. The guidelines when followed will tighten the business structure with the implementation of internal controls, which will provide a system of keeping financial records that represent the business transactions fairly and truthfully, with a reasonable expectation that transactions are recorded in accordance with GAAP. The internal controls are necessary to document for revenues under GAAP. These controls are aimed at ensuring compliance with revenue recognition guidelines, which have been the source of past corporate scandals. (Bloch, 2003)

Department heads, and management are required to review the internal controls hey already have in place to prevent poor financial reporting. If the evaluation finds that controls are weak or nonexistent it is mandatory for the owner/management to implement stronger internal controls ASAP. This will aid the business, as well as protect the owner from possible prosecution. Allowing poor internal controls open the door to theft, inefficiency in the operations of the business, and could cause a complete breakdown of the control structure.

In order for management to make its annual assessment on the effectiveness of its internal control, management is required to document and evaluate all controls that are deemed significant to the financial reporting processes. However, there are limitations to the best of internal controls, because of the human factor. Even though internal controls have limitation businesses are required to provide assurance of the reliability of their reports. Companies also are required to file an internal control report.

Understanding what internal controls supposed to accomplish. Controls are policies, activities and procedures, which may be present in a selected activity. Controls can be many things, for instance, bank reconciliation is one control, separation of task or duties is another control, and there are financial reporting controls.

Controls can be either directly or indirectly related to a financial reporting element. Bank reconciliation would affect reporting directly, controls put into place to make sure personnel are counting and recording the physical inventory relates directly to the inventory.

Separation of duties, separate operations from accounting, and separate the custody of assets from accounting. Audit auditors must examine the internal controls. Electronic devices, aid in prevention. Documentation evidence of transactions could be faxing orders, bank statements, and invoices.

In conclusion, the prevision made with section 404 are mandatory, they are to be put into place to protect the way financial transactions are recorded, also to make sure the you are following the GAAP guidelines. Public companies are regulated and must comply with section 404 or face penalties and or imprisonment. Private companies even though not mandated by SOX Act; they should implement internal controls these controls can assist in preventing theft. There are parts that all business must comply to and that is GAAP when reporting and documenting their financial records.