Complying with Sarbanes-Oxley Section 404: A Guide for Small Publicly Held Companies / Edition 4

Hardcover (Print)
Used and New from Other Sellers
Used and New from Other Sellers
from $68.10
Usually ships in 1-2 business days
(Save 24%)
Other sellers (Hardcover)
  • All (9) from $68.10   
  • New (5) from $71.24   
  • Used (4) from $68.10   


Filled with specific guidance for small-business compliance to SEC and PCAOB requirements relating to Sarbanes-Oxley 404, Complying with Sarbanes-Oxley Section 404: A Guide for Small Publicly Held Companies provides you with specific guidance on working with auditors to achieve benefits and cost reductions.

This practical guide helps you knowledgeably interpret and conform to Sarbanes-Oxley 404 compliance and features:

Clear, jargon-free coverage of the Sarbanes-Oxley Act and how it affects you

Links to current guidance online

Specific guidance to companies on how to work with auditors to achieve benefits and cost reductions

Coverage of IT and IT general controls

Examples and action plans providing blueprints for implementing requirements of the act

Easy-to-understand coverage of the requirements of the SEC and PCAOB

Discussion of the requirements for assessing internal control effectiveness

A look at how the new guidance will reduce your costs

In-depth explanations to help professionals understand how best to approach the internal control engagement

Practice aids, including forms, checklists, illustrations, diagrams, and tables

Continuing to evolve and bring about business and cultural change, this area of auditing and corporate governance is demystified in Complying with Sarbanes-Oxley Section 404: A Guide for Small Publicly Held Companies, your must-have, must-own guide to SOX 404 implementation and an effective tool and reference guide for every corporate manager.

Read More Show Less

Product Details

  • ISBN-13: 9780470572559
  • Publisher: Wiley
  • Publication date: 4/5/2010
  • Series: Wiley Corporate F&A Series, #2
  • Edition number: 4
  • Pages: 368
  • Product dimensions: 6.20 (w) x 9.10 (h) x 1.30 (d)

Meet the Author

LYNFORD GRAHAM, CPA, PhD, CFE, is coeditor of Accountants Handbook, Eleventh Edition; Internal Controls: Guidance for Private, Government, and Nonprofit Entities; and contributing author to Montgomery's Auditing, Twelfth Edition, all published by Wiley. He is also the author of Information Technology Audits. Dr. Graham consults on professional accounting and auditing matters, focusing on multidimensional problem solving requiring "leading-edge" thinking and "hands-on" management. With diversified experience as author, executive, consultant, auditor, and educator, he has a solid record of accomplishments, having served on the AICPA Auditing Standards Board.

Read More Show Less

Table of Contents

Preface ix

Acknowledgments xi

About the Author xiii

Chapter 1 Introduction and Company Requirements 1

Chapter Summary 1

Lessons Learned 1

Management's Evaluation of Internal Control 4

SEC Company Requirements 8

Working with the Independent Auditors 23

Chapter 2 The COSO Internal Control Framework 25

Chapter Summary 25

Need for Control Criteria 25

The Triangle of Efficiency 26

COSO Internal Control Integrated Framework 27

Information and Communication 50

Internal Control for Small Businesses 54

Information Technology Controls 58

Control Objectives and Assertions: The Building Blocks of Controls Documentation 64

Example Control Objectives by COSO Component 65

Appendix 2A Understanding and Awareness of Control Responsibilities 71

Appendix 2B Management Antifraud Programs and Controls: An Element of the Control Environment 73

Appendix 2C Blue Ribbon Committee on Improving the Effectiveness of Corporate Audit Committees 95

Chapter 3 Project Scoping 97

Chapter Summary 97

Introduction 97

Does "In Scope" Imply Extensive Testing? 100

Review Obvious Information Sources 103

A Process for Risk Assessment 116

Appendix 3A Summary of Scoping Inquiries 133

Appendix 3B Understanding Fraud Risk Assessment 137

Chapter 4 Project Planning 143

Chapter Summary 143

Objective of Planning 143

Information Gathering for Decision Making 144

Structuring the Project Team 147

Consider Project Tools and Software 153

Consider a Pilot Project 163

Coordinating with the Independent Auditors 167

Documenting Your Planning Decisions 169

Chapter 5 Documentation of Internal Controls 173

Chapter Summary 173

Importance of Documentation 173

Assessing the Adequacy of Existing Documentation 175

Documentation Supporting the Control Environment 177

Documenting Activity-Level Controls 182

Finding Control Activity Control Objectives 208

Appendix 5A Sample Control Objectives for Major Control Activities 210

Appendix 5B Linkage of Significant Control Objectives to Example Control Policies and Procedures 223

Chapter 6 Testing and Evaluating Entity-Level Controls 231

Chapter Summary 231

Overall Objective of Testing Entity-Level Controls 231

Testing Techniques and Evidence 234

Evaluating the Effectiveness of Entity-Level Controls 252

Documenting Test Results 257

Appendix 6A Conducting Interviews: Gathering Internal Control Information 259

Appendix 6B Example Practice Aids Gathering Internal Control Information 267

Appendix 6C Example Inquiries of Management Regarding Entity-Level Controls Gathering Internal Control Information 274

Chapter 7 Testing and Evaluating Activity-Level Controls 281

Chapter Summary 281

Introduction 281

Confirm Your Understanding of the Design of Controls First 281

Assessing the Effectiveness of Design 286

Assessing Operating Effectiveness 288

Evaluating Test Results 304

Documentation of Test Procedures and Results 305

Interactions with the Independent Auditors 305

Appendix 7A Sample Size Tutorial 307

Appendix 7B Example Inquiries 310

Chapters 8 Evaluating Control Deficiencies and Reporting on Internal Control Effectiveness 313

Chapter Summary 313

Control Deficiencies 313

Evaluating Control Deficiencies 314

Annual and Quarterly Reporting Requirements 326

Reporting on Management's Responsibilities for Internal Control 332

Required Company and Auditor Communications 333

Reporting the Remediation of Weaknesses 337

Coordinating with the Independent Auditors and Legal Counsel 337

Appendix 8A Action Plan: Reporting 339

Appendix 8B Assessing the Potential Magnitude of a Control Deficiency 341

Key Resources 345

Final Rule: Management's Report on Internal Control over Financial Reporting and Certification of Disclosure in Exchange Act Periodic Reports 345

Index 349

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Terms of Use.
  • - Barnes & reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)