The Guide to Internal Controls Under Section 404 of the Sarbanes-Oxley Act (Second Edition), by James Hamilton, J.D., LL.M. and N. Peter Rasmussen, J.D., provides comprehensive and up-to-date guidance on SOX compliance. The expert-written Guide examines the mandate of Section 404 and subsequent rulemaking and guidance. It also analyzes the rules of the Public Company Accounting Oversight Board on auditor attestation, as well as internal controls best practices. Recent coverage includes SEC guidance and PCAOB Auditing Standard No. 5, adopted in May 2007.

Topics include:

• Management Report on Internal Controls
• Internal Control over financial reporting
• Suitable frameworks
• Auditor attestation
• Performing an internal control audit
• …and much more

AICPA (American Institute of Certified Public Accountants)

Professional Standards related to internal controls

AAGs related to internal controls

Financial Reporting Alert: Internal Control Reporting: Implementing Sarbanes-Oxley Act Section 404

Audit Risk Alerts related to internal controls

PCAOB Auditing Standard No. 2: A Guide for Financial Managers (Practice Aid)

COSO (The Committee of Sponsoring Organizations of the Treadway Commission)

COSO Internal Control Integrated Framework

Internal Control over Financial Reporting - Guidance for Smaller Public Companies

IIA (Institute of Internal Auditors)

Designing and Writing Message-Based Audit Reports

Sarbanes-Oxley 404: A Guide for Management by IC Practitioners

PCAOB (Public Company Accounting Oversight Board)

Auditing Standards related to internal controls

Staff FAQs related to internal controls

Releases related to internal controls

Access to Interim Standards related to internal controls

Speech given by PCAOB Chairman

SEC (Securities and Exchange Commission)

Rules and Releases related to internal controls

Management's Report on Internal Control over Financial Reporting and Disclosure in Exchange Act Periodic Reports - Frequently Asked Questions and Answers

SEC Transcripts and Speeches related to internal controls

Major Interpretive Publications —Your link to our industry-leading guidance on:

Information Technology Audits

Audit Committees: Guide for Directors, Management & Consultants

Auditor's Risk Management Guide

SOX 404 for Small, Publicly Held Companies

Top of page



Information Technology Audits
This up-to-the-minute guide helps users become more proactive and meet the growing demand for integrated audit services in the 21st century. It offers expert analysis, practical tools, and real-world techniques that assist in preparing for and performing integrated IT audits. Written by an auditor with more than 22 years of IT audit experience, Information Technology Audits provides the first practical, hands-on look at how organizations use and control information to meet business objectives, and offers strategies to assess whether the company's controls adequately protect its information systems.



Audit Committees: Guide for Directors, Management & Consultants, Fourth Edition
This title presents the history, responsibilities, and operation of audit committees. It focuses primarily on publicly held companies, but also includes a short chapter on audit committees for not-for-profit and public sector entities.

Non-technical and easy to read, the book is useful for directors serving on audit committees, other members of the board of directors, CEOs, CFOs, legal in-house counsels, internal and external auditors, outside legal counsels, and other consultants to audit committees.

The book includes:

Observations based on real-world experiences

Expert knowledge of the standards of external and internal auditors

The latest requirements from the New York Stock Exchange, National Association of Securities Dealers/Nasdaq, American Stock Exchange, and the SEC, including the Sarbanes-Oxley Act of 2002.

Top of page

Auditor's Risk Management Guide
This is a comprehensive "how-to" book that provides the reader with guidance on performing a risk management-based audit. The guide covers the Enterprise Risk Management Integrated Framework issued by the Committee of Sponsoring Organizations (COSO). This is not a research study or a conceptual thesis; rather, it is a practical guide designed for the audit practitioner.

The first part of the guide provides a broad understanding of corporate governance, ERM principles, and different auditing approaches, as well as step-by-step instructions on how to execute the risk management-based audit. The second part includes ten detailed case studies that illustrate the risk management-based audit methodology and tools in different scenarios.



SOX 404 for Small, Publicly Held Companies
This title is a guide to assist the management of small, publicly held companies in complying with the requirements of the Sarbanes-Oxley Act of 2002, especially Section 404 of the Act. This reference helps management assess the effectiveness of their company's internal control structure and procedures for financial reporting. It will help management bring about internal controls improvements in a cost-effective manner. The guide addresses everything necessary in order to perform an assessment of internal controls over financial reporting as well as an assessment of disclosure controls. Practice pointers and practical considerations are provided so that management can address the task of making its assessments thoroughly and efficiently.



Existing ARM Subscribers - if you would like to add a free add-on trial of ARM Internal Controls, contact us.

Top of page