Done effectively, monitoring controls can qualify as “key” controls for SOX , replace lower level controls and thereby reduce the amount of time spent for SOX compliance. This does not mean that the lower level controls can be discontinued, only that a monitoring control can effectively ensure multiple controls are executed and reviewed and these monitoring controls (many fewer) are the ones in scope for the SOX compliance audit. Technology can help by creating a “monitoring shell” around the execution of controls; formalizing and scheduling control activities to get “credit” for them as documented, repeatable and effective
“The organization internally communicates information, including objectives and responsibilities for internal control, necessary to the functioning of internal control.” (COSO Principle 14 – Communicates Internally COSO Framework ) is the second of the three principles relating to the Information & Communication component of internal control. For those who view the COSO framework and compliance as “check the box” activities divorced from organizational success, this principle exposes their folly
2 Comments - no search term matches found in comments.
Enterprise performance management (EPM) tools like hostanalytics , financial controls automation like Blackline , and general ledger/ERP solutions like Net Suite are gaining acceptance
1 Comment - no search term matches found in comments.
We are all familiar with the accommodations required of our workplaces, retail stores, and other physical spaces but how does the “public accommodation” rules in Title III of the Americans with Disabilities Act (ADA) apply to our cyber assets? This remains an open question. ...
“Sandbox Project: The sandbox project proposes to look at a range of audit analytics including: Process mining, Text mining, Continuous control monitoring, and Risk-based prioritization of controls to be tested
“In the financial reporting ecosystem, confidence is bolstered in part by the implementation and application of effective, integrated internal controls – controls established using the Framework developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).” Originally created in 1992 and refreshed in 2013, the COSO Internal Controls Integrated Framework aims to enable organizations to effectively and efficiently develop and maintain systems of internal control
In September 2017 -- The IMA in partnership with COSO issued the following white paper on “Leveraging the COSO Internal Control—Integrated Framework to Improve Confidence in Sustainability Performance Data.” The Framework discussed in the paper focuses on internal controls organizations can establish as the first step toward digital assurance that can be applied to disclosed data. Internal controls have value beyond compliance and external financial reporting. Effective internal controls can help organizations grow on a sustained basis, with confidence and integrity in all types of data disclosed to external audiences
Interesting article … Largest democratic country in the world (India) is pushing the largest capital markets country in the world (USA) to have public companies disclose not only financial information but non-financial information to better serve both investors and the public. Including...
A strong data governance strategy helps ensure this through effective internal controls, continuous monitoring and risk management
Interesting debate yesterday before the US Senate Banking Committee on the topic of expanding disclosures of US companies to include environmental, social and governance data besides just financial disclosures. The US House Committee on Financial Services held a hearing on the same topic last...