The Sarbanes-Oxley Act of 2002 (SOX) was enacted into law in 2002 in the wake of corporation financial reporting scandals involving large publicly held companies. SOX instituted new strict financial regulations with the intent of improving accounting practices and protecting investors from corporate misconduct. SOX requires corporate executives to vouch for the accuracy of financial statements, and to institute and monitor effective internal controls over financial reporting. The cost of implementing an effective internal control structure are onerous, and SOX inflicts opportunity costs upon an enterprise as executives have …show more content…
3). Companies use this framework to implement internal control systems tailored to their own needs. No internal control system is infallible, however, effective controls provide reasonable assurance company assets are protected and financial reporting is accurate. Section 404 compliance. Section 404 mandates that Securities and Exchange Commission (SEC) registered companies implement and maintain adequate internal control procedures for financial reporting, and also appropriately assess and report on the internal controls’ effectiveness (Conway, 2003, p. 19). Company executives and audit committees are expected to take an active role in defining and evaluating the internal control structure and procedures. The COSO internal control framework is widely accepted as the best criteria for evaluation of a company’s internal control structure.
Documentation of internal control procedures is essential to the evaluation process. Documentation provides evidence that controls have been identified and can be monitored. All relevant financial statement assertions and each of the five COSO internal control components should be documented. When documentation is lacking or nonexistent, independent auditors will report either a significant deficiency or material weakness in internal control (Conway, 2003, p. 19).