SOX 404: Mastering the ICFR Evaluation Process

One day — 8 CPE credits

Learn how to plan and complete the evaluation of Internal Control Over Financial Reporting required by Section 404 of the Sarbanes-Oxley Act.


In this workshop you will interact with the instructor to:

  • Review the SEC’s Management Guidance and PCAOB’s Audit Standard 5

  • Understand how to use the COSO framework in the evaluation process, including recent guidance

  • Learn how entity level controls impact the process

  • Learn how to optimize your control effectiveness testing

  • Understand how to re-evaluate scoping and testing decisions

  • Review when to use walk-throughs and related procedures

  • Understand how to evaluate control problems and what is a material weakness

  • Learn to challenge and review to eliminate unnecessary work

  • Understand what you need to document

  • Understand what you need to report

 

Freshly updated for the new guidance and latest developments

Agenda

8:00-8:30 a.m. - Registration/Continental Breakfast

8:30-8:45 a.m. - Workshop Overview – The State of the 404 Process

  • Workshop schedule, administrative matters and introductions

  • Overview areas for improvement

8:45-9:15 a.m. - The SOX Process Today

  • Structure of the SOX process as it should be

  • SEC management guidance process

  • PCAOB Audit Standard 5 process

  • How does the guidance compare to your process?

9:15-11:00 a.m. - The SEC’s New Guidance for Management

  • Two basic principles

  • Structure of the process

  • The three levels of entity level controls

  • Where can entity level controls be used to reduce process level testing

  • Identifying financial reporting risks

  • What is a material weakness?

  • Issues in scoping

  • Identifying controls that address financial reporting risks

  • Design effectiveness evaluation

  • Operating effectiveness evaluation

11:00-Noon - The PCAOB’s New Audit Standard 5

  • Overview of the auditor’s SOX 404 process

  • “Top-down” now required by AS 5

  • Entity level control issues

  • Starting with the financial statements

  • The new definition of significant account

  • Is process documentation required?

  • Testing issues

  • Refining sample size decisions

  • Maximizing efficiency of testing by finding opportunities to combine walkthroughs, design effectiveness and operating effectiveness testing

  • Maximizing efficiency in testing controls with multiple objective tests

  • Making more efficient sample size decisions

  • Timing your testing to make remediation efforts on a timely basis

Noon-1:00 p.m.  - Lunch

1:00-2:00 p.m.  - Dealing Effectively with IT Issues

  • Determining which IT general controls to document and test

  • Issues in hard-to-obtain SAS 70 service organization reports

  • Effective documentation of IT application controls in process documentation

2:00-3:00 p.m.  - SOX as it Exists versus the New Guidance

  • Adjusting testing to identify only material weaknesses

  • Operational control issues

  • Entity level controls – when could they be enough?

  • Could you reduce some process level documentation?

3:00-4:00 p.m.  - Summary of Areas for Change

  • Focus on material weakness issues

  • Eliminating operational control issues

  • Identifying financial reporting risks

  • Using entity level controls

  • Reducing “significant accounts”

  • Testing effectively

  • Self assessment and other testing regimens

4:00-4:15 p.m. - Material Weakness and Other Reporting Issues

  • The large CPA firm's "Framework" document for analyzing control deficiencies – adapting for the new definitions

  • Reporting the remediation of material weaknesses and AS 4

  • When must changes in internal control be reported in Form 10-Q and 10-K?

  • The requirement for "robust" disclosure of material weaknesses

  • Tips for writing a clearer, more effective report

4:15-4:30 p.m. - Questions and Answers

  • Getting benefit and building lasting value from establishing and improving internal control

  • Should you use the COSO's Enterprise Risk Management Framework?

  • Benchmarking, what cost information is available? Averages per company?

  • What is the market impact of reporting material weaknesses?

  • Learning curves - getting better each time

  • Avoiding mistakes from earlier years

  • COSO's new "Implementing the COSO Control Framework in Smaller Businesses"

 

Learning Objective: To provide an understanding of the internal control reporting requirements of Sarbanes-Oxley Section 404.
Delivery Method: Group-Live
Prerequisites/Advance Preparation: SOX 404: The First Time Through, or experience in the 404 process
Program Level: Overview.



About Us | Upcoming Programs | Calendar | Online Registration | Continuing Education | On-Site Training
National Advisory Board | Resources/Links | E-Newsletter | Privacy Policy | Payment/Cancellation Policies | Contact Us | Home

 

DOWNLOAD BROCHURE
Workshops Brochure

DOWNLOAD FAX REGISTRATION FORM

CALENDAR
View Calendar

DOWNLOAD LIST OF UPCOMING EVENTS
Download Fax Registration Form

Adobe Acrobat Reader® is required to download. Click the icon to get it free.
Download Acrobat Reader

Follow The SEC Institute on Twitter

SAVE $25 OFF your next registration. SIGN UP to receive our monthly e-mail newsletter with the latest SEC and FASB developments and our calendar of events.

REVIEW CURRENT ISSUE

Privacy Statement:
We respect your privacy and NEVER sell, rent, or loan our participant lists