Sarbanes-Oxley - A Tough Act to Follow
March 15, 2006 from CFO Magazine - "The costs are indeed substantial. AMR Research estimates that, by year-end, U.S. businesses will have spent $20 billion on Sarbox compliance since the law was enacted. On average, AMR estimates that companies are laying out about $1 million on Sarbox compliance for every $1 billion in revenues.
CFO's survey shows an even greater hit to income. Finance managers at companies with annual revenues of $500 million or more indicated that Sarbox compliance had taken an average yearly earnings bite of more than 2 percent. Smaller companies were worse off. Respondents at businesses with sales of under $500 million said Sarbox compliance was devouring 4.5 percent of their earnings each year...
The major flashpoint of the argument is the way auditors attack 404. Some finance chiefs feel that the Public Company Accounting Oversight Board (PCAOB) has taken a heavy-handed approach to Auditing Standard No. 2, which instructs engagement partners on how to check their clients' internal-controls reviews. As a result, CFOs say auditors test and retest internal controls to ensure their sign-offs are beyond question. Finance managers contend the prospect of auditor nit-picking forces clients into indiscriminate documentation of internal controls.
The PCAOB appears to be aware of the situation. In a November 2005 report on the initial implementation of AS2, the board criticized auditors who "did not alter the nature, timing, and extent of their testing to reflect the level of risk."
By taking a one-size-fits-all approach to their testing, accountants apparently ignored the risk profiles of individual companies. "As a result, some auditors appeared to have expended more effort than was necessary in lower-risk areas," the board stated, noting that "in some cases, a higher-risk area should have received more audit attention than it did."
180 View - Not only should accountants consider the risks, but they should also not waste time on non-critical controls. Certain controls over completeness or accuracy can be marginally helpful - what's the point of testing them?
March 15, 2006 from CFO Magazine - "The costs are indeed substantial. AMR Research estimates that, by year-end, U.S. businesses will have spent $20 billion on Sarbox compliance since the law was enacted. On average, AMR estimates that companies are laying out about $1 million on Sarbox compliance for every $1 billion in revenues.
CFO's survey shows an even greater hit to income. Finance managers at companies with annual revenues of $500 million or more indicated that Sarbox compliance had taken an average yearly earnings bite of more than 2 percent. Smaller companies were worse off. Respondents at businesses with sales of under $500 million said Sarbox compliance was devouring 4.5 percent of their earnings each year...
The major flashpoint of the argument is the way auditors attack 404. Some finance chiefs feel that the Public Company Accounting Oversight Board (PCAOB) has taken a heavy-handed approach to Auditing Standard No. 2, which instructs engagement partners on how to check their clients' internal-controls reviews. As a result, CFOs say auditors test and retest internal controls to ensure their sign-offs are beyond question. Finance managers contend the prospect of auditor nit-picking forces clients into indiscriminate documentation of internal controls.
The PCAOB appears to be aware of the situation. In a November 2005 report on the initial implementation of AS2, the board criticized auditors who "did not alter the nature, timing, and extent of their testing to reflect the level of risk."
By taking a one-size-fits-all approach to their testing, accountants apparently ignored the risk profiles of individual companies. "As a result, some auditors appeared to have expended more effort than was necessary in lower-risk areas," the board stated, noting that "in some cases, a higher-risk area should have received more audit attention than it did."
180 View - Not only should accountants consider the risks, but they should also not waste time on non-critical controls. Certain controls over completeness or accuracy can be marginally helpful - what's the point of testing them?
Labels: SOX
posted by 180 Systems at 1:58 PM 
1 Comments:
SEC chairman Christopher Cox has warned smaller companies that they won't get any exemptions. Read more about it at:
http://www.soxfirst.com/50226711/cox_says_no_to_sox_exemptions_audit_fees_up_or_down_go_figure.php
Post a Comment
<< Home