SOX法案基本上于06年尘埃落定,如果不是在美国上市公司工作,可能缺乏practice的经验,我在课本上画了个表,总结如下: 1。关于SECTION 404: CEO and CFO need to certify the control related to financial reporting are effective and in place. Senior management should take personal responsibility on the financial integrity.
这句话就是讲了SOX是要干什么的。
2。Auditor的责任: Assess the control and integrity of financial statement.
3.Auditor具体要做什么,(围绕以下四点吹水即可)
事实上偶们公司的SOX 项目也是这样做的:
Detailed documentation for financial related process.
Full verification on compliance is required annually.
Documentation should be reviewed and updated if the system or process are changed.
Identify the control point, test, oberservation and control activity.
4. SOX对于一个企业的成本: skilled people + plenty of time (internal control function and management team)+ cost
以上四点对于2。6 和3。6 里面的于内控有关的题目亦有帮助。 |