The passage of the Sarbanes-Oxley Act (SOx) in 2002 almost seems like distant history today. That legislation became effective after a series of accounting scandals led to the failure of several then major corporations, such as Enron and WorldCom, the conviction and imprisonment of multiple key executives, and the failure of the major public accounting firm, Arthur Andersen. With a time-based registration schedule to become SOx compliant, enterprises worldwide have struggled to change their processes to become compliant with all aspects of these new SOx procedures, and there certainly have been many "bumps" on that road along the way.

Perhaps the largest impediment to SOx compliance was that many enterprises initially struggled with the new internal control documentation requirements and the auditing standards rules published by the newly established Public Company Accounting Oversight Board (PCAOB) regulator. Enterprise management and their internal auditors often did not have consistent and well-recognized approaches for reviewing and understanding internal accounting controls and for complying with their external auditor's attest requirements. As SOx compliance was being rolled out to a wider group of enterprises both at smaller entities in the United States and others worldwide, there has been a recognized need for some changes surrounding SOx compliance.

The overall objective of this book is to describe and discuss some of the changes to SOx-related rules and supporting ...

Get Sarbanes-Oxley Internal Controls: Effective Auditing with AS5, CobiT, and ITIL now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.