The enactment of the Sarbanes-Oxley Act in 2002 by the U.S. Congress
marked a major change for both internal and external auditors,
corporate senior management, boards of directors, and many others.
Internal auditors now have new, greater responsibilities to their
audit committees, to external auditors, and for overall corporate
governance.
Sarbanes-Oxley and the New Internal Auditing Rules thoroughly
and clearly explains the Sarbanes-Oxley Act, how it impacts auditors,
and how internal auditing can help with its requirements, such
as launching an ethics and whistle-blower program or performing
effective internal controls reviews under the COSO framework.
With ample coverage of emerging rules that have yet to be issued
and other matters subject to change, this book outlines fundamental
blueprints of the new rules, technological developments, and evolving
trends that impact internal audit professionals.
To be helpful in the current global climate, this guide’s
broad coverage looks at a wide range of processes, including disaster
recovery and business continuity practices, and fraud detection
and prevention following SAS 99. Even if internal auditors don’t
initiate these practices, understanding such best practices can
be helpful in reviewing current approaches or recommending improvements.
This timely and relevant resource addresses new trends and legislation
that are impacting internal auditors, including HIPAA
and its privacy rules (which affect a wide range of organizations
and systems outside of health care), fraud detection and prevention,
risk management, the Institute of Internal Auditors’ new
internal audit standards, and a new COSO Enterprise Risk Management
(ERM) framework, which will soon become an important new rule
for internal auditors.
Preface.
Chapter 1. Introduction.
Accounting and Auditing Scandals and Internal Audit.
What Are the New Rules?
Who Will Find this Book Useful?
Chapter 2. Internal Audit and the Sarbanes-Oxley Act.
“Where Were the Auditors?” Standards Failure.
Sarbanes-Oxley Overview: Key Internal Audit Concerns.
Impact of the Sarbanes-Oxley Act on the Modern Internal Auditor.
Chapter 3. Heightened Responsibilities for Audit Committees.
Audit Committee Charters and Other Requirements.
Board’s “Financial Expert” and Internal Audit.
Helping to Establish Documentation Procedures.
Controlling Other Audit Services.
Establishing Open Communications.
Chapter 4. Launching an Ethics and Whistleblower Program.
Launching an Organization Ethics Program.
Establishing a Mission or Values Statement.
Codes of Conduct.
Whistleblower and Hotline Functions.
Auditing the Organization’s Ethics Functions.
Chapter 5. COSO, S ection 404, and Control Self-Assessments.
SOA Section 404.
COSO Internal Control Framework.
Violation Penalties: Organizational Sentencing Guidelines.
Control Self-Assessments.
Chapter 6. IIA, CobiT, and Other Professional Internal Audit
Standards.
Institute of Internal Auditors Standards for Professional Practice.
CobiT and Information Technology Governance.
ASQ Audit Standards: A Different Approach.
Chapter 7. Disaster Recovery and Continuity Planning after
9/11.
Business Continuity Planning and the New Language of Recovery
Planning.
Continuity Planning and Service-Level Agreements.
New Technologies: Critical Data Mirroring Techniques.
Establishing Effective Contingency Policies: What Are We Protecting?
Building the Disaster Planning Business Continuity Plan.
Testing, Maintaining, and Auditing the Continuity Plan.
Continuity Planning Going Forward.
Chapter 8. Internal Audit Fraud Detection and Prevention.
Red Flags: Fraud Detection for Auditors.
Public Accounting’s New Role in Fraud Detection.
IIA Standards for Detecting and Investigating Fraud.
Fraud Investigations for Internal Auditors.
Information Systems Fraud Prevention Processes.
Chapter 9. Enterprise Risk Management, Privacy, and Other Legislative
Initiatives.
Enterprise Risk Management.
Concurrent with SOA: Other Legislation Impacting Internal Auditors.
Chapter 10. Rules and Procedures for Internal Auditors Worldwide.
SOA International Requirements.
International Accounting and Auditing Standards.
COSO Worldwide: International Internal Control Frameworks.
ISO and the Standards Registration Process.
ITIL Service Support and Service Delivery Best Practices.
Chapter 11. Continuous Assurance Auditing Future Directions.
Implementing Continuous Assurance Auditing.
Internet-Based Extensible Mark-Up Languages: XBRL.
Data Warehouses, Data Mining, and OLAP.
Newer Technologies, the Continuous Close, and SOA.
Chapter 12. Summary: Internal Auditing Going Forward.
Future Prospects for Internal Auditors.
Glossary.
Index.