Sarbanes-Oxley (SOX) Act in 2002 refer Section 404 that requires management of issuers for establishing and maintaining an adequate internal control structure and procedures for financial reporting and to perform an annual assessment of the effectiveness of ICFR as of the entity’s year-end date and to present its assertion as to the effectiveness of the entity’s internal control over financial reporting in the annual Form 10-K filing (referred to as “management’s assessment”).
Management’s annual assessment of the effectiveness of ICFR must be made in accordance with a suitable control framework. The majority of U.S. publicly traded companies have adopted the Internal Control— Integrated Framework (2013) created by the Committee of Sponsoring Organizations of the Treadway Commission (‘‘COSO’’) as an example of a suitable framework. The article below summarizes the COSO 2013 Framework’s principles and key aspects/check points that companies should consider as they work to implement the framework for SOX 404 purposes as well as leading internal control practices
However, there is a need to review-reset-restart internal controls and SOX due to pandemic of COVID-19 which has impacted worldwide commerce, no industry is immune to the repercussions and forced all entities to identify new risks, prepare a response plan, implement new controls or augment existing controls, and monitor the effectiveness of internal control over financial reporting – all while critical human resources are working remotely.
Organizations now have to provide an assurance at the date of balance sheet about true and fair status on or before let’s say January 20 and after January 20 at the subsequent events after the set off date and have specific control in their overall control environment to cover the subsequent event and mechanisms and ways of monitoring and reporting on the subsequent events. Thus entities may have to:
Restrictions in physical movement will result in change, the way the audit evidence which are available for operations of the control, evidence which may be available for the operation of control, the control may be operating however in a different manner, form, type and mechanism across geographies and processes. IT and enabled services, play a critical and pivotal role to mitigate for the inherent risks generated due to COVID-19 and controls can only be established through technology. How it can be facilitated, is illustrated below with respect to the inherent risks:
We at SW India believe that business is managed by a triad of People, Processes, and Technology.
For any related further information or way forward; our stakeholders may directly contact our technology partner Ms. Yukti Arora on the following contact details:
Email: yukti.arora@sw-india.com Mob: +91 9818248133