1 / 11

The Nature of SOX Projects

The Nature of SOX Projects. August 16, 2006 PMI Chapter Luncheon Meeting Amin Leiman, CISA. Agenda:. Characteristics of SOX Projects “Instant Managers” Challenges Conducting an “instant” analysis of a SOX project. Material Weakness Reported by Type. Key Phases of Project Compliance.

breena
Download Presentation

The Nature of SOX Projects

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Nature of SOX Projects August 16, 2006 PMI Chapter Luncheon Meeting Amin Leiman, CISA

  2. Agenda: • Characteristics of SOX Projects • “Instant Managers” Challenges • Conducting an “instant” analysis of a SOX project

  3. Material Weakness Reported by Type

  4. Key Phases of Project Compliance • Develop the Compliance Plan • Select the priority accounts and disclosures from financial statement risk assessment (FSRA) • Consider significance to financial reporting and risk of misstatement Project Planning • Identify the key processes impacting financial reporting • Document the transaction flows that materially impact the priority financial reporting elements • Designate a standard framework for documenting and testing Document Key Processes Source Risks • Use financial reporting assertions to source “what can go wrong” within the process • What are the risks? • Document entity controls (“tone at the top”) • Document the controls at the source of the risk (preventive) or downstream in the process (detective and corrective) Document Controls • What are the key controls? • Who owns the controls? • Identify control objectives Assess Design • Assess effectiveness of controls design at Entity and Activity / Process Levels • How is the controls design rated? Current Status • Test effectiveness of controls operation at Entity and Activity / Process Levels • Identify exceptions, classify and remediate deficiencies Validate Operation • How are controls performing? • Conclude • Disclose • Report Report Collaboration and Communication Coordinate with External Auditor

  5. Project Status at a Glance

  6. Characteristics of SOX Projects: • As a result of corporate “911” events • Panic Mode • Uncertainties • Last minute action plans • Unintended consequences • Primarily driven by external auditors

  7. Challenges of “Instant” Managers: • Organizations and projects are, by nature, political • The ultimate inspiration is the deadline • Relying on ballpark estimates • Victim of Parkinson’s Law – Work will expand to take the time allowed • Balancing the Right and Left Brain • “You can’t solve a problem with the same thinking that created it in the first place” Albert Einstein

  8. Your Roles in Helping Them Out:

  9. Conducting an “instant” analysis of a SOX project:

  10. Web Sites • http://www.sec.gov/divisions/corpfin/faqs/soxact2002.htm • http://cpcaf.aicpa.org/Resources/Sarbanes+Oxley/ • http://weblog.gartner.com/weblog/index.php?blogid=11 • http://www.pwcglobal.com • http://www.protiviti.com/

  11. Q&A “Misunderstandings sometimes occur because of differences in thinking preferences” Thank you for coming to our presentation today !

More Related