SOX provides explicit legislative directives for SEC regulation, altering this authority division, of what was once perceived as the states' exclusive jurisdiction.
Rule 404 of the SEC
The following Executive Summary reflects the Rule 404 of the SEC:
Auditors can't critique their own work and must avoid the appearance of conflict to comply with section 404 of the Sarbanes-Oxley Act. That gives CPAs a new consulting opportunity to document and test non-client companies' internal controls.
A firm interested in developing this niche has to know the skills it will need, the time and staff required, the depth of the market, the best way to approach clients, the limits on auditor involvement and what information technology tools are available.
The market exists because companies temporarily may be unable to meet the project management and staffing needs to design the section 404 internal audit functions that later will be checked by the company's external auditor. Others may be dealing with new concepts and technology.
What controls a company tests and exactly how its consulting CPA does so largely will depend on company circumstances and the internal control objectives.
One firm not only documents internal controls for nonaudit clients but also recommends improvements such as eliminating unnecessary manual controls in low-risk areas or adding some controls for high-risk transactions. It says small companies should pass any questions by their external auditors rather than guess at the PCAOB's intentions.
An auditor should keep some distance from management's internal control compliance project; it may explain to its client how a cash disbursement system works but should not advise the client how to assess its risks or which controls management needs to test, for example. Designing controls requires the CPA to have a high skill level and extensive knowledge of the client's business.
Opening Closed Doors of "Internal Control"
Internal control encompasses more than a company's accounting functions. A number of definitions of the term "internal control" primarily focus on "clarifying the portion of a company's internal control that an auditor should consider when planning and performing an audit of a company's financial statements." This, albeit, did not improve the level of understanding of "internal control," nor satisfactorily provide the guidance that auditors sought. In time, successive definitions followed and increased understanding. In time, it was determined that transactions be executed in accordance with management's general/specific authorization; that transactions be recorded as necessary; to permit preparation of financial statements in access to assets only in accordance with management's general and/or specific authorization, and during regular intervals, recorded accountability for assets be compared with existing assets.
Discussion of Amendments Implementing Section 404
Section 53 depicts duties and function of the state inspector general. he/she shall possess the following duties and responsibilities:
receive and investigate complaints from any source, or upon his or her own initiative, concerning allegations of corruption, fraud, criminal activity, conflicts of interest or abuse in any covered agency; inform the heads of covered agencies of such allegations and the progress of investigations related thereto, unless special circumstances require confidentiality; determine with respect to such allegations whether disciplinary action, civil or criminal prosecution, or further investigation by an appropriate federal, state or local agency is warranted, and to assist in such investigations; prepare and release to the public written reports of such investigations, as appropriate and to the extent permitted by law, subject to redaction to protect the confidentiality of witnesses. The release of all or portions of such reports may be deferred to protect the confidentiality of ongoing
Acts in the Interest of the People of NYS comprehensive legislative package aimed to reform public authorities will be jointly introduced with the New Jersey Legislature by Senator Loretta Weinberg (D-Bergen) and Assemblyman John Wisniewski (D-Parlin). The package, which consists of two broad bills requires passage in both states. One bill solely focuses on the Port Authority of New York and New Jersey ("PANY/NJ"). The second bill expands New York's Public Authority and Accountability Act of 2005. As noted by Brodsky at the introduction of this paper, some argue that:
" This researcher recommends, along with Brodsky, that reforms York's public authorities in 2005, but the reforms need to be further implemented; that the Port Authority be given oversight. This "new" legislative package will help ensure, as Brodsky notes, "Soviet-style bureaucracies finally work in the interest of the people of this State."
Ermann and Lundman 1982, cited by Segal, stress that employees' systemic wrongdoing, violating society's norms while maintaining their organizations' internal norms' support "assumes that corruption can be reduced through accountability devices such as oversight, surveillance, audits, performance evaluations, sanctions and structural reorganizations (Sherman 1978; Susan Rose-Ackerman 1993; Maynard-Moody, Stull, and Mitchell 1986, cited by Segal). Contemporary debates contribute to one conventional belief that posits, if/when adequate controls exist, managers enforce them and subordinates adhere to the controls (Gardiner and Lyman 1993; Ward and McCormack 1987, cited by Segal). Various types of audits are reportedly needed to achieve varying levels of fiscal accountability (Sheldon 1996, cited by Segal), as well as the deterrent value of criminal and civil sanctions (Walt and Laufer 1992; Coffee 1980, cited by Segal), and the role of inspectors general (Gates and Moore 1986, cited by Segal). When reforms to not trigger the dissipation of scandals, experts utraditinoally recommend tightening existing controls (Anechiarico and Jacobs 1996; Segal 1999,cited by Segal). Corruption, however, may not be rooted in more than an organization's internal accountability mechanisms.
Corrupt agencies' culture or shared values about appropriate behavior (Rainey and Steinbauer 1999, cited by Segal) may contribute to employees regarding wrongdoing to be their personal prerogative. On the other hand, it may contribute to an individual's fears and stifle change and/or their empowerment. "The more entrenched the culture and the more alienated employees are from society's values, the more fiercely they will fight corruption controls."
Along with the number of factors potentially contributing to a deviant culture's tenacity and virulence, management and/or government officials sometimes set a corrupt example. Accountability concerns may also increase when misconduct is not punished.
Senate Passes Legislation to Reform Public Authorities
Senate Passes Legislation to Reform Public Authorities," reflects a few contemporary accountability concerns this researcher purports needs to be eradicated:
The New York State Senate today passed legislation, sponsored by Senator John Flanagan (R-C, East Northport), to strengthen the Public Authorities Reform Act of 2005 and make important reforms to ensure greater openness, transparency and accountability in New York State's public authorities.
New York State has literally hundreds of public authorities operating with multi-million dollar budgets," said Senator Flanagan, Chairman of the Senate Committee on Corporations, Authorities and Commissions. "Until we enacted the Public Authorities Accountability Act of 2005, these agencies in many ways operated independently of any real external oversight. Today, the Senate Majority improves upon the actions we took two years ago by implementing effective budget review and control procedures, strengthening the fiduciary and governing responsibilities of authority board members, and ensuring strict taxpayer accountability."
The Senate has been a leader in making improvements and reforms to the governmental process so it is more open and effective for the people of this state," said Senate Majority Leader Joseph L. Bruno. "We have taken strong steps to reform New York's public authorities in the past, and this legislation will build on those reforms to create even more accountability and oversight within our public authorities."
The legislation (S.3491-a) would:
Create an Independent Budget Office: The Reform Act will create an independent Authority Budget Office (ABO) to review public authorities. The ABO will be headed by an independent director appointed by the committee of the Attorney General, Comptroller, Governor, Assembly Speaker and Senate Majority Leader. The director will serve a 5-year term, and the ABO will collect, distribute and assess information about the authorities' budgets and operations for the coming year, as well as make reports and provide information to the public and elected officials.
Require Public Authorities to Submit Certain Contracts to the Comptroller: This bill will allow the comptroller to provide prior review of contracts.
Control Public Authority Debt: This legislation will begin the process of controlling public authority debt. The boards of directors will submit limitations on public authority debt to the ABO, and the ABO will submit to the Legislature and Governor recommendations on reforming debt issuance by public authorities.
Create Subsidiary Public Corporations and Authorities: This legislation will ensure public authorities, including subsidiaries are subject to Legislative and Executive oversight and approval. The bill subjects all public authority subsidiaries and affiliates to the provisions of the Public Authorities Law and prohibits the creation of new public authority subsidiaries or affiliates without legislative authorization.
Whistleblower Protections: The legislation includes a "Whistleblower Access and Assistance Program" to protect those employees of public authorities who report wrongdoing.
Toughen Laws Governing the Sale of Property by Public Authorities: This…
Security A broad definition of information security is given in ISO/IEC 17799 (2000) standard as: "The preservation of confidentiality (ensuring that information is accessible only to those authorized to have access), integrity (safeguarding the accuracy and completeness of information and processing methods), and availability (ensuring that authorized users have access to information and associated assets when required" (ISO/IEC 17799, 2000, p. viii). Prior to the computer and internet security emerged as we