Assessment of SOX implementation – from an Internal Audit perspective

Purpose: The purpose of this thesis has been to assess the workload, benefits, challenges, requirements and obligations that implementation of the Sarbanes Oxley Act of 2002 (“SOX”) has posed on Internal Auditors and their companies, from Internal Audits’ point of view. The analysis also compares one accelerated filer and one non-accelerated filer to understand difference and similarities between different sized companies in the initial SOX compliance and implementation phase (documentation, risk analysis, gap identification & remediation and testing).
Methods: Quantitative primary and secondary data was used for the research study using a qualitative collection approach. A questionnaire was used as the primary data and was sent to Internal Auditors’ for one accelerated filer and one non-accelerated filer. The secondary data used consisted of audit consultant reports were used to add substance to the empirical chapter.
Results: Internal Auditors are faced by challenges posed by the SOX law, but there are also many benefits once the internal controls are in place. Main benefits as perceived by the Internal Auditors in the study include an understanding of responsibilities within the organization as well as fraud, corruption, breaches of codes of conduct minimization and a more effective Board of Directors. Difficulties facing the Internal Auditors in charge of SOX were mainly concerning managements understanding of responsibilities that SOX adds to the organization and to the Internal Audit department, support to Internal Auditors and the audit committee’s lack of SOX knowledge. The most challenging areas of the implementation phase were documentation, testing process, gap remediation and senior management support. The big difference between the accelerated and non-accelerated filer were management’s knowledge about SOX; the accelerated filer has senior management who understand their responsibilities under the SOX Act, while this is not the case for the non-accelerated filer.


Chapter 1 Purpose
1.1 Introduction
1.2 Background
1.3 Research Problem
1.4 Purpose of the Study
1.5 Research Areas
1.6 Limitations
Chapter 2 Method
2.1 Methodology
2.2 Theoretical Framework
2.3 Data Sources and Collection
2.4 Population
Chapter 3 Theory
3.1 Theory definitions
3.1.1 Title I – PCAOB
3.1.2 Title II – Auditor Independence
3.1.3 Title III – Corporate Responsibilities
3.1.4 Title IV – Enhanced Financial Disclosures
3.1.5 Title V – Analysis Conflict of Interest
3.1.6 Title VI – Commission Resources and Authority
3.1.7 Title VII – Studies and Reports
3.1.8 Title VIII – Corporate and Criminal Fraud Accountability
3.1.9 Title IX – White-Collar Crime Penalty Enhancements
3.1.10 Title X – Corporate Tax Returns
3.1.11 Title XI – Corporate Fraud and Accountability
3.2 New Standards
3.2.1 Accelerated Filers
3.2.2 Non-Accelerated Filers
3.3 Governance
3.4 Internal Control Implementation Process
3.5 Benefits of Implementation
3.5.1 Public Companies
3.5.2 Government
3.5.3 Investors
3.5.4 Other Stakeholders
3.6 Issues of non-compliance
3.7 Internal Audit Responsibilities
3.8 Other SOX recommendations
3.8.1 About Consultants
3.8.2 Deloitte
3.8.3 Protiviti
Chapter 4 Empirical
4.1 Empirical Approach
4.2 About the Questionnaire
4.3 About the Companies
4.3.1 Accelerated Filer
4.3.2 Non-Accelerated Filer
4.4 About Questionnaire Subjects
4.4.1 Internal Auditor 1: Accelerated
4.4.2 Internal Auditor 2: Non-Accelerated
4.5 Questionnaire Results
4.5.1 SOX Project initialization
4.5.2 Difficulties facing Internal Audit
4.5.3 Benefits of Compliance
4.5.4 Management’s understanding about SOX
4.5.5 Internal Audit’s support
4.6 Secondary Data
4.6.1 About the data
4.6.2 American Electric Power Company Inc
4.6.3 About KPMG
4.6.4 KPMG Findings
4.7 Best practice compliance of new requirements
4.8 Theoretical guides
4.9 Trends for Risk, Governance and Compliance
Chapter 5 Analysis
5.1 Introduction
5.2 Assessment of SOX implementation
5.2.1 Disadvantages of SOX
5.2.2 Benefits of SOX
5.2.3 SOX challenges
5.3 Accelerated vs. Non-accelerated filer
Chapter 6 Conclusion
6.1 Introduction
6.2 Research Purpose revisited
6.3 Conclusion from assessment of SOX implementation approach
6.4 Conclusion of comparison of filers
6.5 Recommendation for Internal Auditors
6.6 Recommendation for Management Support
6.7 Recommendations for further studies

Author: Linda Palmer

Source: Blekinge Institute of Technology

Download URL 2: Visit Now

Leave a Comment