O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Sarbanes-Oxley Internal Controls: Effective Auditing with AS5, CobiT, and ITIL

Sarbanes-Oxley Internal Controls: Effective Auditing with AS5, CobiT, and ITIL

by Robert R. Moeller
Publisher: John Wiley & Sons
Release Date: April 2008
ISBN: 9780470170922
View table of contents
Start reading

Book Description

Sarbanes-Oxley Internal Controls: Effective Auditing with AS5, CobiT, and ITIL is essential reading for professionals facing the obstacle of improving internal controls in their businesses. This timely resource provides at-your-fingertips critical compliance and internal audit best practices for today's world of SOx internal controls. Detailed and practical, this introductory handbook will help you to revitalize your business and drive greater performance.

Table of Contents

  1. Copyright
  2. Preface
  3. 1. Introduction: Sarbanes-Oxley and Establishing Effective Internal Controls
    1. 1.1. Changes Since SOx Was First Introduced
    2. 1.2. CONVERGING TRENDS: ITIL, COBIT, AND OTHERS
  4. 2. Sarbanes-Oxley Act Today: Changing Perspectives
    1. 2.1. SARBANES-OXLEY ACT: KEY ELEMENTS
    2. 2.2. IMPACT OF THE SARBANES-OXLEY ACT
  5. 3. AS5 Standards for Auditing Internal Controls
    1. 3.1. AS5 OBJECTIVES
    2. 3.2. REVIEWING SECTION 404 INTERNAL CONTROLS UNDER AS5: INTRODUCTION
    3. 3.3. PLANNING THE SOx AS5 AUDIT
    4. 3.4. AS5'S TOP-DOWN APPROACH
    5. 3.5. TESTING INTERNAL CONTROLS
    6. 3.6. EVALUATING IDENTIFIED AUDIT DEFICIENCIES
    7. 3.7. WRAPPING UP THE AS5 AUDIT
    8. 3.8. REPORTING ON AS5 AUDIT INTERNAL CONTROLS
    9. 3.9. IMPROVING INTERNAL CONTROLS USING AS5 GUIDANCE
    10. 3.10. GOING FORWARD: POTENTIAL RISKS AND REWARDS
  6. 4. Establishing Internal Controls Through COSO
    1. 4.1. IMPORTANCE OF EFFECTIVE INTERNAL CONTROLS
    2. 4.2. INTERNAL CONTROL STANDARDS: BACKGROUND
    3. 4.3. EVENTS LEADING TO THE TREADWAY COMMISSION
    4. 4.4. COSO INTERNAL CONTROL FRAMEWORK
    5. 4.5. OTHER DIMENSIONS OF THE COSO INTERNAL CONTROL FRAMEWORK
  7. 5. Using CobiT Framework to Improve SOx Controls and Governance
    1. 5.1. COBIT FRAMEWORK
    2. 5.2. USING COBIT TO ASSESS INTERNAL CONTROLS
    3. 5.3. COBIT AND SARBANES-OXLEY
  8. 6. Performing Section 404 Reviews Under AS5: An Ongoing Process
    1. 6.1. SOx SECTION 404 ASSESSMENTS OF INTERNAL CONTROLS TODAY
    2. 6.2. SOx SECTION 404 REQUIREMENTS
    3. 6.3. SECTION 404 FILING RULES: CHANGING DEADLINES FOR ELIGIBILITY
    4. 6.4. GAPS AND COMPLIANCE COMMITTEES UNDER TODAY'S SOx RULES
    5. 6.5. DOCUMENTING INTERNAL CONTROLS GOING FORWARD
    6. 6.6. CONTROL OBJECTIVES AND RISKS UNDER SECTION 404
  9. 7. Other SOx Requirements: Sections 302, 409, and Others
    1. 7.1. OTHER IMPORTANT SOx COMPLIANCE RULES
    2. 7.2. SECTION 302: MANAGEMENT'S FINANCIAL REPORT RESPONSIBILITIES
    3. 7.3. SECTION 401: OFF-BALANCE SHEET DISCLOSURES
    4. 7.4. SECTION 409: DISCLOSURES ON FINANCIAL CONDITIONS AND OPERATIONS
    5. 7.5. SECTION 802: PENALTIES FOR ALTERING DOCUMENTS
    6. 7.6. SECTION 806: WHISTLEBLOWER PROVISIONS
    7. 7.7. KEEPING SOx RULES IN FOCUS
  10. 8. Using ITIL to Align IT with Business Processes
    1. 8.1. IMPORTANCE OF THE INFORMATION TECHNOLOGY INFRASTRUCTURE
    2. 8.2. ITIL FRAMEWORK
    3. 8.3. ITIL SERVICE DELIVERY BEST PRACTICES
    4. 8.4. ITIL SERVICE SUPPORT BEST PRACTICES
    5. 8.5. SECURITY MANAGEMENT
    6. 8.6. LINKING ITIL WITH COBIT AND SOx INTERNAL CONTROLS
  11. 9. Importance of Enterprise Risk Management
    1. 9.1. IMPORTANCE OF RISK MANAGEMENT
    2. 9.2. COSO ERM FRAMEWORK
    3. 9.3. OTHER DIMENSIONS OF THE COSO ERM FRAMEWORK
    4. 9.4. PUTTING IT ALL TOGETHER
    5. 9.5. AUDITING COSO ERM PROCESSES
    6. 9.6. COSO ERM IN PERSPECTIVE
  12. 10. International Standards: ISO, Quality Auditing, and Sox
    1. 10.1. IMPORTANCE OF ISO STANDARDS IN TODAY'S GLOBAL WORLD
    2. 10.2. ISO STANDARDS OVERVIEW
    3. 10.3. QUALITY AUDIT PROCESS
    4. 10.4. IFAC INTERNATIONAL ACCOUNTING STANDARDS
  13. 11. Internal Audit in a Sarbanes-Oxley Environment
    1. 11.1. PROFESSION OF INTERNAL AUDITING
    2. 11.2. INTERNAL AUDIT PROFESSIONAL STANDARDS
    3. 11.3. CBOK: INTERNAL AUDIT'S COMMON BODY OF KNOWLEDGE
  14. 12. Importance of Effective Corporate Governance
    1. 12.1. REPORTING WHISTLEBLOWER INCIDENTS: ESTABLISHING A HOTLINE FACILITY
    2. 12.2. BUILDING AN ENTERPRISE-WIDE ETHICAL CULTURE
    3. 12.3. CHIEF COMPLIANCE OFFICER ROLES AND RESPONSIBILITIES
    4. 12.4. BOARD OF DIRECTORS AND THE AUDIT COMMITTEE
    5. 12.5. ASSESSING SOX INTERNAL CONTROLS