Cf O Magazine blog comment


Published on

Comment during initial PCAOB standards issuance.

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cf O Magazine blog comment

  1. 1. CFO Blog - That Was Fast. Will It Work? - Page 1 of 2 Video | Newsletters | Alerts | Member Center | Subscribe Now Search go Login/Register Magazines Europe Topics A-Z Blog Careers Webcasts White Papers Special Reports Conferences CFO Blog: Commentary and Opinion You are here: Home : CFO Blog : That Was Fast. Will It Work? ACCOUNTING advertisement MOST RECENT POSTS That Was Fast. Will It Work? Car Wars Posted by Tim Reason | | US The Steve Taub Auto Bailout May 16, 2005 4:22 PM ET Plan As PCAOB Chairman William McDonough promised during Yikes! the SEC's April 13 roundtable on 404, the PCAOB responded If Only All Loan Apps Were swiftly to company complaints of auditor overkill on 404 This Easy audits today with new guidance and a staff Q&A. Lesson of the Crisis: Good Economics and Bad Politics The PCAOB's release today notes that the Q&A seeks "to Don't Mix correct the misimpression that certain provisions of Auditing Standard No. 2 need to be applied in a rigid manner that ABOUT THE CFO BLOG discourages auditors from exercising the judgment FAQ necessary to conduct an internal control audit in a manner that is both effective and cost-efficient." ARCHIVES « OCTOBER 2008 » Whaddya say folks? Will this do the trick? Will audits be Sun Mon Tue Wed Thu Fri Sat more risk-based as a result? Cheaper? Did the PCAOB give away the store, do too little, or get it just right? 1 2 3 4 Comments (4) 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Comments | Post a Comment 26 27 28 29 30 31 Critics (some of whom were cited in my recent article) who View all October entries felt 404 costs were high because companies had underinvested in internal controls will likely see the following OPTIONS part of the PCAOB's statement as a victory for the extensive Email to a Colleague corporate bellyaching that took place during the month of March: "[A]lthough we have not performed Printer Friendly Version a detailed analysis, it is sufficiently clear to us that the costs to date associated with the implementation of Section 404 Get Blog Alerts have been too high. For the Section 404 process to be sustainable, these costs must be reduced in future years." RSS Feeds WE DELIVER The PCAOB, in fact, cites FEI's cost study shortly before Newsletters making this statement. This Week in Finance Today in Finance Webcasts But will this new statement reduce costs? Notify me of future events Posted by Tim Reason | May 16, 2005 03:26pm Email Alerts Accounting Still reading through this and am surprised to find that Auditing "according to a recent survey commissioned by the largest U.S. accounting firms, auditors believe that the total costs of Enter your email address to begin compliance with Section 404 will decline by 46 percent next receiving updates on these topics. year." Wow. Forty-six percent? I was reporting this stuff pretty closely last month, but somehow I missed that one. While we're on the subject, who exactly did they survey? That sure wasn't the estimate I heard from the business groups I spoke to. Posted by Tim Reason | May 16, 2005 03:38pm Reading through some more, I see the PCAOB has addressed very specifically some of the major complaints coming from corporations. Automated controls, for example, do not need to be tested annually if there is no evidence of a change. And the PCAOB, in question 53, states flat out that documentation is not necessary for an auditor to conclude that a control was effective?a huge source of complaints from registrants. Posted by Tim Reason | May 16, 2005 04:38pm 12/13/2008
  2. 2. CFO Blog - That Was Fast. Will It Work? - Page 2 of 2 I don't know if the blog will allow it, but my comment is bascically my post to the SEC comment site, which, upon my last checking, never actually made it to the site, even though I got the "official" .pdf confirmation (the atachments were posted, but not the actual comment): Home | EDGAR Search Home | Latest Filings | Previous Page Thank you for taking the time to comment on this release. Your comments for file number 4-497 were received on March 29,2005. Please save this page for your records. Comments received from: Dwayne E Jorgensen, CIA, CFE Global Practice Leader, Sarbanes-Oxley Services & IT Governance, CTG Duluth, Georgia Email: Comments: Most organizations have tackled 302 compliance by developing ad-hoc cascading certifications which require several layers of management to sign off on the information prior to the CEO and CFO. In addition, most companies have attempted to satisfy by in many cases first-time documentation of the processes which create their financials, in order to satisfy 404 compliance criteria for their external auditors. Finally, most of the efforts to-date has been extremely labor-intensive, without establishing systems designed to improve process efficiencies, nor retain control documentation in a reusable fashion, which will require significant efforts to replicate the control analysis on both a quarterly and annual ongoing basis. This is due in part to no clear front-runner in the marketplace in the development of a continuous monitoring solution. Now that the first year of 404 compliance has occurred, most CFOs are realizing that a significant amount of the efforts previously spent on the attainment of their first 404 attestation will need to be spent again in 2005 on 302 and 404 efforts according to Gartner, 6 Billion will be spent in 2005. This realization has significant impact on the current trend towards less is more coming from certain camps, especially pertaining to small-to-mid-cap companies. What is truly istressing are recent comments as quoted in CFO magazine that the issue is embedded in COSO itself, versus current efforts to satisfy Sarbanes-Oxley. COSO, in its purest form, should be equally applicable regardless of size of organization. The key, of course, is in the application of the monitoring layer, using both management and an independent third party, and the frequency of the monitoring. The monitoring layer, along with the timing and depth, is actually what the current furor is about, not the other layers. Ironically, it was the abuse of this layer in recent years that lead to the collapse of huge companies, and the need for the Act in the first place. The clear answer, for all size companies, is to increase the frequency, ideally to the opitmal state of continuous monitoring. The most logical, and cost-effective, way to accomplish this is through automation, to the extent possible, of the entire COSO model in the organization. In my opinion, current efforts towards rethinking what has already been done, redirected towards this optimal solution of continuous monitoring,would have signficant benefit for companies of all size, and therefore, their shareholders as well. Attachment 1: Dwayne Jorgensen short bio March 2005.doc Attachment 2: Tip of the Compliance Iceberg.pdf Attachment 3: SOX Automated Monitoring Position Paper- DEJ.pdf Posted by Dwayne Jorgensen | May 18, 2005 09:54am previous post next post About Us Advertise Contact Us Sitemap Privacy Subscribe RSS Feeds © CFO Publishing Corporation 2008. All rights reserved. 12/13/2008