Achieving Sarbanes-oxley Compliance with Xbrl-based Erp and Continuous Auditing
نویسندگان
چکیده
The Sarbanes-Oxley Act (SOX) of 2002 places significant and costly new burdens on public companies. Meeting the recurring requirements for financial reporting under SOX effectively will demand innovative application of information technology. The Continuous Auditing Web Services model (CAWS) provides a framework for considering how to efficiently manage and automate financial reporting. We propose extending the basic ideas behind CAWS, to leverage the flexibility and power of Extensible Business Resource Language (XBRL) in Enterprise Resource Planning (ERP) systems. The resulting comprehensive IT support for financial reporting, auditing, internal control, and monitoring functions will enable corporations to achieve SOX compliance in a timely, sustainable and cost-effective manner. Our analysis demonstrates the appropriateness of the XBRL-based solution by showing how the capabilities of such a system can address the specific requirements imposed by SOX.
منابع مشابه
The Development of a Computer Auditing System Sufficient for Sarbanes-Oxley Section 404 - A Study on the Purchasing and Expenditure Cycle of the ERP System
After Section 404 of the Sarbanes-Oxley Act was released, developing an effective computer auditing system became critical for management and auditors. In this study, the researchers used Gowin's Vee, raised as a research strategy by Novak and Gowin (1984). On the theoretical side, the researchers arranged documents and employed an expert questionnaire to identify 8 operational procedure elemen...
متن کاملSarbanes-Oxley: Achieving Compliance by Starting with ISO 17799
Compliance with the Sarbanes–Oxley Act of 2002 (SOX) has been hampered by the lack of implementation details. This article argues that IT departments that have implemented ten categories of IT controls provided by the International Standards Organization (ISO 17799) will be well on their way toward SOX compliance. A side-by-side comparison of the 124 control components of the ISO Standard and t...
متن کاملSarbanes-Oxley Links IT to Corporate Compliance
In the wake of financial frauds and related audit issues, the US Congress passed the Sarbanes-Oxley (SARBOX) Act of 2002. Key to becoming SARBOX compliant are information systems (IS) that satisfy the mandates regarding internal controls, corporate governance, and fraud detection. These legal developments focusing senior management's attention on (1) internal controls are present and functionin...
متن کاملHolistic Compliance with Sarbanes-Oxley
The theory underlying US securities laws is that investors are helpless without reliable information [Zelizer, 2002]. When Enron's collapse and other corporate frauds made it clear that "practically every element of our system of safeguards failed until it was too late to repair the damage," Congress reinforced those laws by passing the Sarbanes-Oxley (SARBOX) Act [O'Malley, 2002]. This new law...
متن کاملCompliance-Appropriate Spreadsheet Testing
Sarbanes–Oxley compliance requirements have forced firms to look at their use of spreadsheets in financial reporting. They are finding that they have many spreadsheets and that testing and other formal development disciplines are rare. The literature on spreadsheet errors has shown that without strong controls, most spreadsheets will have material errors; this means that firms that use uncontro...
متن کامل