Management testing for Regulatory Compliance Audits
The growing regulatory compliance requirements have set higher expectations for management evaluation of internal controls. For example, under the Sarbanes-Oxley act of 2002, Public Company Accounting Oversight Board (PCAOB)'s Auditing Standard (AS) 2 was established, which gives guidance of special interest contained in the document named as "An Audit of Internal Control over Financial Reporting Performed in Conjunction with an Audit of Financial Statements." The AS 2 audit requires that financial statement auditors audit and attest to the fairness of management's assessment of their internal control system over financial reporting.
Many organizations have implemented the Committee of Sponsoring Organizations (COSO) controls framework to comply with this audit standard. Management plays a key role in the effective implementation of all aspects of this framework's controls including environment, risk assessment, control activities, information...
