Question

1. Explain the definition of Sarbanex-Oxley Act (SOX) and the relationship in internal controls

2. Explain the definition of Committee of Sponsoring Organizations (COSO) and the relationship in internal controls

Answer 1

(1): The Sarbanes-Oxley Act (SOX) can be defined as that federal law that established sweeping auditing regulations and financial regulations for all public companies. SOX, as a law, was passed with the intention of protecting the interests of shareholders, employees etc. from various fraudulent financial practices of management and also from accounting errors.

SOX has augmented and bolstered internal controls for public companies. Section 404 of SOX looks into management assessment of internal controls and under this section companies have to publish details with regards to their internal accounting controls and procedures for financial reporting. It requires the management of the company (CEO, CFO, etc.) to personally certify the accuracy of their company's financial statements. All these ensure operational efficiency and effectiveness and internal controls lead to optimal risk mitigation by detecting and preventing fraud.

(2): COSO can be defined as an organization that provides thought leadership as well as guidance on internal control, enterprise risk management and fraud deterrence. This thought leadership is focused on reducing the extent of fraud in companies and on improving organizational performance and governance.

COSO’s relationship in internal controls is to help companies to improve their internal control levels by developing guidance with regards to areas of risk and control. The objective of internal controls is risk mitigation and effective control and through its guidance and thought leadership COSO is enabling the development of comprehensive frameworks for internal control.