Archive for the ‘regulation and analysis’ Category

Delay on Sec. 404 for SME

December 18, 2007

SEC Chairman Christopher Cox plans to propose giving non-accelerated filers another year’s extension before they must get an auditor’s attestation on their internal controls, as required by Section 404 of Sarbanes-Oxley. Speaking at a House committee hearing Wednesday morning, Cox said the SEC will launch a study of Section 404 costs and benefits early next year; according to Cox, forcing non-accelerated filers to comply with Section 404(b) before that analysis was complete would be unwise.


New internal control monitoring guidance by COSO

October 10, 2007

COSO has released the new guidance for companies to conduct ongoing and special purpose minotoring. The new guidance provides the tools and examples that will help companies more thouroughly understand the monitoring component of the IC framework. It also demonstrates how monitoring controls integrates with management’s responsibility to perform 404 assessment in a cost effective way.

The 40 – page draft has been released. COSO is seeking the feedback by Oct. 31.  The final version is scheduled to be released for Q1, 08.

First AS5 audit – auditor’s and company’s views

September 10, 2007

As large public companies are approaching the first reporting cycle under AS5, how are auditors and companies planning for their first AS5 audit?

After digesting several articles at Compliance Week, I have listed some important findings from both auditor’s and company’s view and opportunity for GRC software. (more…)

Choosing significant accounts after AS5

August 17, 2007

After the Auditing Standard No. 5 with ‘risk based, top down approach’ replaced AS2, companies will change the way of selecting significant accounts from previously ‘whether it exceeds materiality threshold regardless of risks’, to qualitative factors. This ‘qualatative first, quantative second’ approach will allow companies to focus resources on key controls and therefore to reduce the costs.

An article from Compliance week suggested a new way of choosing significant accounts. (more…)

The Top 10 List for Implementing AS5

July 3, 2007

Most people believe that the AS5 will save compliance costs by emphasizing a top down, risk based approach. Todd Neff at Compliance Week mentioned top 10 list for implementing AS5 where to invest most of your time and efforts: (more…)

ITIL V3 focusing on Security and Outsourcing

June 6, 2007 

Version 3 of the IT Infrastructure Library is scheduled to be published on Wednesday by the U.K.’s Office of Government Commerce. ITIL sets out methodologies for managing an IT organization and processes such as help desk operations, as well as procedures for change management. The update covers some new areas that have emerged over the past seven years as major IT concerns, particularly outsourcing and security. (more…)

Hawk Corp Incident and SME Opportunity

June 5, 2007
Did Hawk Fly Too High?

A formal investigation by the SEC appears to question whether the auto-parts maker was actually small enough to delay compliance with Section 404 of Sarbanes-Oxley. According to a filing issued Wednesday by Hawk, the SEC is apparently exploring whether or not various stock transactions might have affected the company’s claim that it qualified as a non-accelerated filer. (more…)

The new PCAOB AS5 will save compliance costs

June 5, 2007

The PCAOB’s Auditing Standard No. 2 is the rule largely blamed for creating excessively high audit fees for companies complying with the Sarbanes-Oxley Act. Since auditors began using AS2, companies have complained that common interpretations of the standard wrought burdensome audits by promoting work for work’s sake and encouraging a rigid checklist approach.

PCAOB recently replaced AS2 with AS5 with improved guidelines which will benefit both companies and auditors. The changes will also make small and medium companies comply easier. Once it is officially approved by SEC, audit firms would have to reference the standard for audits of internal control for fiscal years ending on or after November 15, 2007.  Here are some analysis of new changes to companies, auditors, and software and service providers: (more…)