This book examines Sarbanes-Oxley and the new internal control?rules for auditors, including AS 2, COBIT, and ITIL. It looks at Sarbanes-Oxley with an emphasis on the newer rules governing SOX and the roles of the SEC and PCAOB in these processes. The prior edition looked at SOX in its infancy; this edition will examine SOX as a fact of life in corporate America.

Robert R. Moeller, CPA, CISA, CISSP, is an internal audit specialist and project manager with a strong understanding of information systems, corporate governance, and security. He has over twenty-five years of experience in internal auditing, ranging from launching new internal audit functions in several companies to serving as audit director for a Fortune 50 corporation. He was the national director of computer auditing at Grant Thorton and the audit director of Sears Roebuck. A frequently published author and professional speaker, he provides insights into many of the new rules impacting internal auditors today, as well as the challenges audit committees face when dealing with Sarbanes-Oxley, internal controls, and their internal auditors.

Preface	p. xi
Introduction: Sarbanes-Oxley and Establishing Effective Internal Controls	p. 1
Changes Since SOx Was First Introduced	p. 3
Converging Trends: ITIL, CobiT, and Others	p. 7
Sarbanes-Oxley Act Today: Changing Perspectives	p. 13
Sarbanes-Oxley Act: Key Elements	p. 14
Impact of the Sarbanes-Oxley Act	p. 51
AS5 Standards for Auditing Internal Controls	p. 53
AS5 Objectives	p. 54
Reviewing Section 404 Internal Controls Under AS5: Introduction	p. 57
Planning the SOx AS5 Audit	p. 59
AS5's Top-Down Approach	p. 66
Testing Internal Controls	p. 72
Evaluating Identified Audit Deficiencies	p. 75
Wrapping Up the AS5 Audit	p. 76
Reporting on AS5 Audit Internal Controls	p. 78
Improving Internal Controls Using AS5 Guidance	p. 79
Going Forward: Potential Risks and Rewards	p. 80
Establishing Internal Controls Through COSO	p. 83
Importance of Effective Internal Controls	p. 84
Internal Control Standards: Background	p. 86
Events Leading to the Treadway Commission	p. 90
COSO Internal Control Framework	p. 94
Other Dimensions of the COSO Internal Control Framework	p. 116
Using CobiT Framework to Improve SOx Controls and Governance	p. 119
CobiT Framework	p. 122
Using CobiT to Assess Internal Controls	p. 127
CobiT and Sarbanes-Oxley	p. 141
Performing Section 404 Reviews Under AS5: An Ongoing Process	p. 149
SOx Section 404 Assessments of Internal Controls Today	p. 150
SOx Section 404 Requirements	p. 152
Section 404 Filing Rules: Changing Deadlines for Eligibility	p. 168
Gaps and Compliance Committees Under Today's SOx Rules	p. 173
Documenting Internal Controls Going Forward	p. 178
Control Objectives and Risks Under Section 404	p. 180
Other SOx Requirements: Sections 302, 409, and Others	p. 183
Other Important SOx Compliance Rules	p. 184
Section 302: Management's Financial Report Responsibilities	p. 184
Section 401: Off-Balance Sheet Disclosures	p. 188
Section 409: Disclosures on Financial Conditions and Operations	p. 190
Section 802: Penalties for Altering Documents	p. 192
Section 806: Whistleblower Provisions	p. 193
Keeping SOx Rules in Focus	p. 201
Using ITIL to Align IT with Business Processes	p. 203
Importance of the Information Technology Infrastructure	p. 204
ITIL Framework	p. 206
ITIL Service Delivery Best Practices	p. 208
ITIL Service Support Best Practices	p. 221
Security Management	p. 237
Linking ITIL with CobiT and SOx Internal Controls	p. 239
Importance of Enterprise Risk Management	p. 241
Importance of Risk Management	p. 243
COSO ERM Framework	p. 247
Other Dimensions of the COSO ERM Framework	p. 270
Putting It All Together	p. 280
Auditing COSO ERM Processes	p. 281
COSO ERM in Perspective	p. 282
International Standards: ISO, Quality Auditing, and SOx	p. 285
Importance of ISO Standards in Today's Global World	p. 286
ISO Standards Overview	p. 289
Quality Audit Process	p. 301
IFAC International Accounting Standards	p. 310
Internal Audit in a Sarbanes-Oxley Environment	p. 315
Profession of Internal Auditing	p. 316
Internal Audit Professional Standards	p. 322
CBOK: Internal Audit's Common Body of Knowledge	p. 341
Importance of Effective Corporate Governance	p. 351
Reporting Whistleblower Incidents: Establishing a Hotline Facility	p. 352
Building an Enterprise-Wide Ethical Culture	p. 356
Chief Compliance Officer Roles and Responsibilities	p. 361
Board of Directors and the Audit Committee	p. 364
Assessing SOx Internal Controls	p. 366
Index	p. 369
Table of Contents provided by Ingram. All Rights Reserved.

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.