SOX Center

The Securities and Exchange Commission announced it will hold an open meeting on April 4 to discuss the Public Company Accounting Oversight Board’s proposed auditing standard for Section 404 of the Sarbanes-Oxley Act and the coordination of that proposed standard with the SEC’s related pending proposal to provide guidance for management of public companies implementing Section 404.

Both proposals were published for public comment in December 2006, and the comment periods for both proposals ended on Feb. 26, 2007.

The open meeting represents a continuation of the process announced in May 2006 by the Commission and the PCAOB to improve the reliability of financial statements public companies file with the SEC while making compliance with Section 404 more efficient and cost effective.

As part of this process, the SEC has proposed management guidance for Section 404 compliance designed to focus attention on those internal controls that present the greatest risk for a material financial misstatement. At the same time, as a companion to the proposed SEC guidance, the PCAOB has proposed a thoroughgoing revision of its existing standard for Section 404 audits.

SmartPros: SEC Schedules Open Meeting to Discuss 404 Changes

Think your private company is safe from new, stricter auditing standards because you’re not subject to Sarbanes Oxley? Feeling smug because you’re not experiencing the hassle and expense of SOX compliance? Thought you’d escaped the pain by taking your public company private?

Not so fast! Your time may have come: Statements of Auditing Standards 104-111 have arrived. These new standards affect every nonpublic company that needs an audit — whether it’s for bankers, insurers or shareholders. And they’re effective for financial statements for periods beginning on or after Dec. 15, 2006.

South Florida companies in all industries will be affected.

The good news is that, like SOX, these new standards are designed to help improve corporate governance, which could protect your company from risk. The new standards, dubbed ‘’risk assessment standards,'’ not only require your auditors to develop a better understanding of your internal controls and assess whether those controls would work if they were functioning as designed — they also require full documentation of these controls. The goal is for auditors to follow more specific protocols to support their opinions on whether financial statements are free from material misstatements.

MiamiHerald: New standards affect companies missed by Sarbanes Oxley

Will companies and their auditors ever agree on how to test information technology systems for Sarbanes-Oxley compliance? The Institute of Internal Auditors hopes its new guidelines on IT controls will help.

Since companies began complying with the Sarbanes-Oxley Act, one common complaint about auditor scrutiny has been loud and clear: external auditors have spent too much time on technology systems that seem unrelated to financial statements.

It’s an issue that has been confusing for both sides. The problem: Information technology has an often indirect relationship with the final results in financial statements, and there’s little standard guidance to tell companies how to determine the strength and security of IT-specific internal controls.

CFO.com: A Truce in the Sarbox Tech War?