The most contentious aspect of SOX is Section 404, which requires management and the external auditor to report on the adequacy of the company's internal control on financial reporting (ICFR). This is the most costly aspect of the legislation for companies to implement, as documenting and testing important financial manual and automated controls requires enormous effort. The Public Company Accounting Oversight Board (PCAOB) approved Auditing Standard No. 5 for public accounting firms on July 25, 2007. This standard superseded Auditing Standard No. 2, the initial guidance provided in 2004. The SEC also released its interpretive guidance on June 27, 2007. These two standards together require management to: • Assess both the design and operating effectiveness of selected internal controls related to significant accounts and relevant assertions, in the context of material misstatement risks; • Understand the flow of transactions, including IT aspects, in sufficient detail to identify points at which a misstatement could arise; • Evaluate company-level (entity-level) controls, which correspond to the components of the COSO framework; • Perform a fraud risk assessment; • Evaluate controls designed to prevent or detect fraud, including management override of controls; • Evaluate controls over the period-end financial reporting process; • Scale the assessment based on the size and complexity of the company; • Rely on management's work based on factors such as competency, objectivity, and risk; • Conclude on the adequacy of internal control over financial reporting. Sarbanes-Oxley was passed in 2002 and year one of attestation for publically traded companies was 2004. SOX section 404 is the most prominent of the many requirements covered under the legislation. Taking this course will prepare you to successfully address the challenges of Section 404 at your company - a high profile and critical process! Note: Information within this course comes from readily available public domain documents and is utilized by the trainer as a supplement for relaying the course content. Field of Study: Auditing