The SOX 404 Internal Control Audit: Key Regulatory Events
Posted: 28 Sep 2016
Date Written: 2015
Section 404b of the 2002 Sarbanes Oxley Act (SOX) requires auditors to attest to the effectiveness of a client’s internal control over financial reporting (ICFR). In this paper, we provide an overview of key regulatory events in the implementation of the 404 internal control audit. We discuss the early years (under Auditing Standard No. 2) as well as the later years (under Auditing Standard No. 5) of the 404 audit, emphasizing areas of improvement in the efficiency and effectiveness of the audit as well as the remaining problems and challenges highlighted in PCAOB inspection reports and practice alerts. Finally, we address recent regulatory developments pertinent to the 404 audit such as Auditing Standard No. 12 and the recent 2013 update to the Committee of Sponsoring Organizations of the Treadway Commission’s (COSO) internal control framework.
Keywords: SOX 404 audit, internal control
Suggested Citation: Suggested Citation