SOX/Internal Control Services
Internal control is not a new concept or a new responsibility for management. The need for a strong system of internal controls that considers the risks an entity faces, including fraud and technology, has not changed. In 1992, the first version of the report on Internal Control – Integrated Framework by the Committee of Sponsoring Organizations of the Treadway Commission (COSO Report) was issued. The COSO internal control framework serves as a benchmark for entities in today’s business environment. So if internal control isn’t new and internal control frameworks have been widely published for years, what has changed?
In response to the wide adoption of COSO framework, fundamental concepts underlying the five components of COSO have been formalized as principles. The updated framework is due to be released in the first quarter of 2013.
Cherry Bekaert provided feedback on the Exposure Draft (ED) to COSO as a member firm of the American Institute of Certified Public Accountants (AICPA) Internal Control Task Force for the 2012 COSO Internal Control over External Financial Reporting (ICEFR).
Some key takeaways of the Task Force’s review of the ED:
The business and regulatory environment has changed. It has changed in such a way that what was once, and still is, just good business sense can now be, at its most extreme, a regulated function – requiring management to self-certify the internal control environment and, in some cases, requiring an external auditor to opine on management’s process of evaluating internal controls and on the internal control environment itself.
Cherry Bekaert recognizes the challenges facing entities in today’s environment and has designed a continuum of internal control services to complement our Risk Advisory suite of services. The internal control service continuum allows us to adjust the engagement depth and breadth to meet the unique needs of your organization – from a simple review of internal controls for a not-for-profit organization to a full-blown Sarbanes-Oxley Section 404 (SOX 404) implementation project.
Our professionals are up-to-date on the regulatory challenges facing your organizations, and we will work with you to design a service that is right for your needs.