The Sarbanes-Oxley Section 404 Implementation Toolkit
Description
More details
Other editions
Additional editions
Previous edition
Person
Content
Preface ix
Acknowledgments xi
Part I Tools for Management 1
ADM-1 General Work Program 3
ADM-2 Project Planning Summary 17
ADM-2a Checklist for Summarizing Project Team Competence and Objectivity 31
ADM-2b.1 Worksheet for Determining and Documenting Significant Accounts and Disclosures 34
ADM-2b.2 Mapping of Business Processes to Significant Accounts and Disclosures 40
ADM-2c Example Inquiries to Identify Changes to Internal Control 45
ADM-3 Senior Management Review Checklist 47
ADM-4 Checklist for Preparation of Management's Report on Internal Control Effectiveness 52
Part II Documentation of Internal Control Design 57
DOC-1 Work Program for the Review of Documentation of Entity-Level Controls 59
DOC-1a Assessment of Internal Control Effectiveness: Overall Approach to Review of the Documentation of Entity-Level Controls 62
DOC-1b Assessment of Internal Control Effectiveness: Checklist for the Review of the Documentation of Entity-Level Controls 66
DOC-2 Work Program for the Review of Documentation of Activity-Level Controls 80
DOC-2a Assessment of Internal Control Effectiveness: Overall Approach to Review of the Documentation of Activity-Level Controls 82
DOC-2b Assessment of Internal Control Effectiveness: Checklist for the Review of the Documentation of a Significant Transaction or Business Unit/Location 85
DOC-3 Documentation Techniques and Selected Examples for Routine Transactions 87
DOC-4 Checklist for Evaluating SOX 404 Software 110
Part III Internal Control Testing Programs 113
Entity-Level Controls Testing Tools 115
TST-ENT-1 Summary of Observations and Conclusions about Entity-Level Control Effectiveness 119
TST-ENT-1a Checklist for Small Business Entity-Level Controls 135
TST-ENT-2 Work Program for Testing Entity-Level Control Effectiveness 143
TST-ENT-3 Index to Tests of Entity-Level Controls: Inquiries and Surveys 171
TST-ENT-3a Entity-Level Tests of Operating Effectiveness: Inquiry Note Sheets-Management 176
TST-ENT-3b Entity-Level Tests of Operating Effectiveness: Inquiry Note Sheets-Board Members 187
TST-ENT-3c Entity-Level Tests of Operating Effectiveness: Inquiry Note Sheets-Audit Committee Members 193
TST-ENT-3d Entity-Level Tests of Operating Effectiveness: Inquiry Note Sheets-Employees 200
TST-ENT-3e Example Employee Survey 207
TST-ENT-4 Index to Tests of Entity-Level Controls: Inspection of Documentation 215
TST-ENT-4a Worksheet to Document Inspection of Documentation of Performance of Entity-Level Controls 217
TST-ENT-5 Index to Tests of Entity-Level Controls: Observation of Operations 220
TST-ENT-5a Worksheet to Document Observation of Operation of Entity-Level Controls 222
TST-ENT-6 Index to Tests of Entity-Level Controls: Reperformance of Controls 225
TST-ENT-6a Worksheet to Document Reperformance of Entity-Level Controls 227
TST-ENT-7 Work Program for Reviewing a Report on IT General Control Effectiveness 230
TST-ENT-7a Planning and Review of Scope of Tests of IT General Control Effectiveness 235
TST-ENT-8 Work Program for Performing an IT General Controls Review 241
Guidelines for Testing Activity-Level Control Effectiveness 245
TST-ACT-1 Guidelines and Example Inquiries for Performing Walkthroughs 253
TST-ACT-2 Example Testing Program for Activity-Level Tests of Controls 261
TST-ACT-2a Example Testing Program for Control Operating Effectiveness: Revenue 262
TST-ACT-2b Example Testing Program for Control Operating Effectiveness: Purchases and Expenditures 267
TST-ACT-2c Example Testing Program for Control Operating Effectiveness: Cash Receipts and Disbursements 271
TST-ACT-2d Example Testing Program for Control Operating Effectiveness: Payroll 275
TST-ACT-3 Work Program for the Review of a Type 2 SAS No. 70 Report 279
TST-ACT-3a Type 2 SAS No. 70 Report Review Checklist 282
TST-ACT-4 Process Owners' Monitoring of Control Effectiveness 289
Part IV Example Letters and Other Communications 295
COM-1 Example Engagement Letter for Outside Consultants to Management 297
COM-2 Example Management Representation Letter 301
COM-3 Example Management Reports on Effectiveness of Internal Control over Financial Reporting 303
COM-4 Example Subcertification 305
Appendix A 307
About the CD-ROM 385
Index 389
