Sarbanes-Oxley and Internal Controls

A very significant change to the accounting profession occurred in 2002 when the Sarbanes-Oxley Act of 2002 (SOX) was enacted. This legislation had a significant impact on corporations and their audit firms. The objective was to improve corporate governance and its quality of financial reporting to improve investor confidence. This paper provides instructors with a background on SOX and suggests readings and activities that reflect the requirements of SOX as it relates to the AIS environment and the analysis of internal controls. These activities can strengthen students' understandings of how corporations respond to the various reporting requirements of this Act.

Download Full-text

Investor Perceptions of Government Deregulation: Evidence from Section 404 of the Sarbanes-Oxley Act

Accounting Horizons ◽

10.2308/horizons-17-176 ◽

2020 ◽

Author(s):

Benjamin W Hoffman ◽

John L. Campbell ◽

Jason L. Smith

Keyword(s):

Financial Reporting ◽

Government Regulation ◽

Abnormal Returns ◽

Reporting Quality ◽

Internal Controls ◽

Litigation Risk ◽

Section 404 ◽

Fraud Risk ◽

Sarbanes Oxley ◽

Public Company

We investigate the stock market's reaction to events leading up to the Securities and Exchange Commission's (SEC) and Public Company Accounting Oversight Board's (PCAOB) 2007 regulatory changes that reduced the scope of and documentation requirements for assessments of firms' internal controls over financial reporting (ICFR), as required by Section 404 of the Sarbanes-Oxley Act. The stated goal of these regulations was to reduce firms' and auditors' compliance costs with mandatory ICFR assessments, while maintaining the effectiveness of these assessments. We examine abnormal returns surrounding key dates leading to the passage of these regulations and offer two main findings. First, investors reacted negatively on key event dates, suggesting that investors viewed the regulations as likely to reduce financial reporting quality rather than to drive firm and audit efficiencies. Second, this negative market reaction is larger when ICFR effectiveness should matter most - when firms are more complex, have higher litigation risk, and greater fraud risk. In additional analysis, we find that restatements increase in the post-regulation time period, consistent with investors' concerns that the effect of the legislation would be a reduction in ICFR effectiveness. Overall, our results may imply that investors prefer stronger government regulation when it comes to the assessments of a firm's internal controls over financial reporting.

Download Full-text

The Impact of Client and Misstatement Characteristics on the Disposition of Proposed Audit Adjustments

Auditing A Journal of Practice & Theory ◽

10.2308/ajpt-50007 ◽

2011 ◽

Vol 30 (2) ◽

pp. 103-124 ◽

Cited By ~ 29

Author(s):

Jennifer Joe ◽

Arnold Wright, and ◽

Sally Wright

Keyword(s):

Financial Reporting ◽

Internal Controls ◽

Data Availability ◽

Audit Firm ◽

Sarbanes Oxley ◽

Big 4 ◽

Time Period ◽

Confidentiality Agreement ◽

Financial Scandals ◽

The Impact

SUMMARY We present evidence on the resolution of proposed audit adjustments during a unique time period, immediately following several U.S. financial scandals and surrounding calls for reforms in auditing and financial reporting, which culminated in the passage of the Sarbanes-Oxley Act (SOX). During this period, auditors and their clients faced increased scrutiny from investors and regulators. In addition, auditors had to contend with changed incentives, a new external regulator (i.e., the PCAOB), and upcoming annual PCAOB inspections. We extend prior studies by considering a broader range of factors potentially impacting the resolution of proposed adjustments, including the effect of client tenure, strength of internal controls, and repeat adjustments. Data on 458 proposed adjustments are obtained from the working papers of a sample of 163 audit engagements conducted during 2002 by a Big 4 firm. We find that 24.2 percent of proposed adjustments were subsequently waived. The results indicate audit adjustments are more likely to be waived for clients with whom the audit firm has had a longer relationship, although the pattern does not reflect favoring such clients. We also find that adjustments are more likely to be waived for repeat adjustments. Data Availability: Due to a confidentiality agreement with the participating audit firm the data are proprietary.

Download Full-text

Audit Partner Tenure and Audit Planning and Pricing

Auditing A Journal of Practice & Theory ◽

10.2308/aud.2010.29.2.45 ◽

2010 ◽

Vol 29 (2) ◽

pp. 45-70 ◽

Cited By ~ 54

Author(s):

Jean C. Bedard ◽

Karla M. Johnstone

Keyword(s):

Financial Reporting ◽

Audit Quality ◽

Internal Controls ◽

First Year ◽

Public Companies ◽

Audit Opinion ◽

Audit Firm ◽

Audit Planning ◽

Sarbanes Oxley ◽

Client Knowledge

SUMMARY: This paper investigates the association between audit engagement partner tenure and audit planning and pricing. Prior archival research from countries requiring partner signature on the audit opinion provides mixed results on the implications of partner tenure for audit quality. While variation in audit quality based on partner tenure implies some difference in the conduct of the engagement, prior research has not yet addressed whether engagement processes differ based on partner tenure. Using proprietary data from a large audit firm, we find that planned engagement effort increases following partner rotation, suggesting that new partners invest effort to gain client knowledge in the first year on the engagement. We also examine planned realization rates, finding them to be lower following partner rotation. This implies that new partners’ investments in client knowledge are not compensated by clients. We also find higher planned realization rates on audits having the same engagement partner for more than five years, a longer tenure than is now allowed for public companies following the Sarbanes-Oxley Act. We obtain these results while controlling for client risks that affect audit planning and pricing, including those related to financial reporting, management integrity, and internal controls.

Download Full-text

The Impact of Internal Controls and Penalties on Fraud

Journal of Information Systems ◽

10.2308/jis.2010.24.1.1 ◽

2010 ◽

Vol 24 (1) ◽

pp. 1-21 ◽

Cited By ~ 11

Author(s):

Roberta Ann Barra

Keyword(s):

Internal Control ◽

Internal Controls ◽

Reliability Engineering ◽

Ceteris Paribus ◽

Sarbanes Oxley ◽

Internal Control System ◽

Analytical Reliability ◽

Net Assets ◽

Managerial Employees ◽

The Impact

ABSTRACT: Little prior research exists on the parameters of internal control activities. The Sarbanes-Oxley Act of 2002 (SOX 2002) makes identifying the properties of these parameters under various conditions important. In this paper, an analytical/reliability engineering methodology is used to investigate the relative impact of penalties versus other types of internal controls on managerial and non-managerial employees’ propensity to commit fraud. Ceteris paribus, increasing required effort with internal controls and/or increasing employee penalties, increases the minimum amount stolen when a fraud incident occurs; that is, more net assets will be taken per fraud incident with controls than without controls. The findings show that the firm’s least-cost scenario with managerial employees is to enforce maximum penalties. The firm’s least-cost scenario with non-managerial employees is to utilize alternative internal controls while imposing minimum penalties. Further, the effectiveness of separation of duties is dependent on the detective controls in the internal control system.

Download Full-text

Information Security and Sarbanes-Oxley Compliance: An Exploratory Study

Journal of Information Systems ◽

10.2308/jis.2011.25.1.185 ◽

2011 ◽

Vol 25 (1) ◽

pp. 185-211 ◽

Cited By ~ 25

Author(s):

Linda Wallace ◽

Hui Lin ◽

Meghann Abell Cefaratti

Keyword(s):

Internal Control ◽

Internal Controls ◽

Future Research ◽

Internal Auditors ◽

Sarbanes Oxley ◽

Current Usage ◽

Survey Results ◽

Organizational Focus ◽

It Personnel ◽

Control Implementation

ABSTRACT: The Sarbanes-Oxley Act of 2002 (SOX) created a resurgence of organizational focus on internal controls. In this study, we examine the extent to which the information technology (IT) controls suggested by the ISO 17799 security framework have been integrated into organizations’ internal control environments. We collected survey data from 636 members of the Institute of Internal Auditors (IIA) on the current usage of IT controls in their organizations. In addition to identifying the most and least commonly implemented IT controls, the survey results indicate that control implementation differences exist based on a company’s status as public or private, the size of the company, and the industry in which the company operates. Training of internal auditors and/or IT personnel is also associated with significant differences in implemented controls. We discuss the implications of our research and offer suggestions for future research.

Download Full-text

Rapporteren over interne controle

Maandblad Voor Accountancy en Bedrijfseconomie ◽

10.5117/mab.79.11810 ◽

2005 ◽

Vol 79 (10) ◽

pp. 512-521

Author(s):

P. A. M. Diekman

Keyword(s):

Internal Controls ◽

Sarbanes Oxley

Sinds juli 2002 is de Sarbanes Oxley wet van kracht. De wet heeft tot doel de interne beheersing van fi nanciële verslaggeving te verbeteren en kan worden gezien als een poging van de Amerikaanse wetgever om het tanende publieke vertrouwen in het bedrijfsleven en de beurs een halt toe te roepen. Dit artikel gaat in op de gevolgen van deze wet voor Nederlandse ondernemingen met een beursnotering in Amerika. Meer in het bijzonder wordt ingegaan op de voorbereiding op specifieke artikelen in de wet, met name de artikelen 302, 906 en 404. Het laatste artikel bepaalt dat de voorzitter van de raad van bestuur en de fi nancieel directeur ieder jaarlijks een verklaring omtrent de interne controle op de fi nanciële rapportering moeten afl eggen. Deze verklaring moet door de externe accountant worden geattesteerd. Het artikel beschrijft hoe een onderneming zich kan voorbereiden opdat de beide leden van de raad van bestuur deze verklaring kunnen ondertekenen. Hierbij wordt ingegaan op de definiëring van de belangrijkste processen en internal controls in de onderneming, de rol en verantwoordelijkheid van het management en van de interne accountant alsmede de samenwerking met de externe accountant. Ten slotte wordt kort stilgestaan bij de kosten die zijn verbonden aan de naleving van deze wet.

Download Full-text

An Examination Of Underreporting Of Time And Premature Signoffs By Internal Auditors

Review of Business Information Systems (RBIS) ◽

10.19030/rbis.v14i4.359 ◽

2010 ◽

Vol 14 (4) ◽

Author(s):

Qianhua (Q) Ling ◽

Michael D. Akers

Keyword(s):

Internal Audit ◽

Internal Controls ◽

Professional Skepticism ◽

Internal Auditors ◽

External Auditors ◽

Considerable Research ◽

Internal Audit Function ◽

Sarbanes Oxley ◽

Audit Team ◽

The Impact

The passage of the Sarbanes-Oxley Act of 2002 (SOX) heightened the importance of internal controls and accordingly, a key control - the internal audit function. Consequently, management and external auditors have both increased their reliance on internal auditors’ work. While there has been considerable research regarding the impact of the underreporting of time and premature sign-offs on the external audit, there has only been one study that has examined the impact of these two items on the internal auditors’ work. Such research is dated (1994) and prior to the passage of SOX. We surveyed members of the Institute of Internal Auditors (IIA) in the Midwest to examine their behavior and perceptions regarding these two items. The respondents in our study believe the underreporting of time is unethical and is supported by their reporting of all time worked, even if such time exceeded the budget. Our findings also show that the respondents feel premature sign-offs are unethical and result primarily from lack of professional skepticism and inadequate training. Increasing training in audit areas and improving communications within the audit team are possible solutions to reduce premature sign-offs. Premature sign-offs are more likely to occur in operational audits and to a lesser degree in financial audits and compliance audits.

Download Full-text

Assessing Students Learning Of Internal Controls: Closing The Loop

American Journal of Business Education (AJBE) ◽

10.19030/ajbe.v2i2.4036 ◽

2009 ◽

Vol 2 (2) ◽

pp. 47-54

Author(s):

T. S. Amer ◽

Lawrence C. Mohrweis

Keyword(s):

Internal Control ◽

Rank Order ◽

Internal Controls ◽

Assessment Process ◽

Advisory Council ◽

Control Group ◽

Accounting Faculty ◽

Sarbanes Oxley ◽

Novel Approach ◽

Essay Question

This study describes the multifaceted components of an assessment process. The paper explains a novel approach in which an advisory council participated in a fun, hands-on activity to rank-order learning outcomes. The top ranked learning competency, as identified by the advisory council, was the need for students to gain a better understanding of internal controls. With this competency identified, the advisory council exercise was then followed-up by a modification in the auditing course. An empirical study, consisting of a control group and a treatment group, was conducted to assess whether performance on an internal control essay question by students now met or exceeded established expectations. The results indicated that students preliminary understanding of internal controls had been enhanced. The accounting faculty further closed the loop by approving a new internal controls course designed to cover, in greater detail, topics such as the COSO internal controls framework, Sarbanes-Oxley requirements, recent PCAOB statements, and real-world cases involving internal control failures.

Download Full-text

Sarbanes-Oxley Internal Controls

10.1002/9781119197119 ◽

2012 ◽

Keyword(s):

Internal Controls ◽

Sarbanes Oxley

Download Full-text