Internal auditors need to consider many new standards and directives as they produce the reports, both SOX-specific and traditional, that contribute to improved corporate governance—and keep executives fully informed.
The IIA, the foremost international professional association for internal auditors, says:
Internal auditors have been confronted with a range of questions and issues related to their role and involvement in Sections 302 and 404 initiatives. These questions include both short-term issues during the implementation phase of reporting processes, as well as longer-term questions on the role and responsibilities of internal audit in this process.1
Accordingly, the IIA is establishing more inclusive standards in response to both the SOX legislation and subsequent directives from the various oversight agencies that protect the interests of investors. The IIA standards that most affect the report-writing process are reviewed in this chapter, followed by a look at some of the possible implications of SEC, PCAOB, and AICPA regulations and standards. How the COSO framework might relate to the report process is covered as well. While the IIA standards directly apply to internal auditors, much of the guidance from other agencies can also be profitably incorporated into the reporting process.
Now that the deadlines for SOX compliance are being met, the reality of putting that compliance into practice can use all the collective wisdom it can get. ...