| Written by Eli Litner, Deputy Director, Orange County Internal Audit Department,
|
Local Governments must apply the concepts of Sarbanes-Oxley in their work. First and foremost, we should remember the events and circumstances that brought forth the rapid Federal Government response. The Government was properly addressing what was a melt down of consumer faith in the financial underpinnings of our economy by unbelievable and extraordinary implosions of a successive number of high profile, public companies and the demise of one of the premier accounting firms in the world. To refresh your memory, the names of some of these failed companies are Enron, World Com, Lucent, Cendant, and Waste Management. The accounting firm was Arthur Anderson.
By Eli Litner
The Sarbanes-Oxley Act by its very title disclosed the purpose behind the act-The United States’ Public Company Accounting Reform and Investor Protection Act of 2002 (SOX). I do not see SOX as punitive or in fact unnecessary regardless of the moans and groans of the public companies required to follow its provisions. While they can argue starting this process from the beginning is onerous and burdensome. Had these companies been up to date on applying best business practices, SOX implementation would not be difficult. In fact, I have recently read several articles about companies having undergone the initial rigors of SOX implementation that are now detailing the efficiencies they found and implemented as a consequence of their effort. I also do not see anything in SOX as revolutionary. From my view within a County’s internal audit department, I see SOX building on the COSO Framework which also had its genesis in a financial/accounting controversy. SOX provides specific provisions spelling out exactly what needs to be done; as well as, penalties for non compliance for those areas casually linked to the corporate failures. COSO introduced a five element framework. The elements are: Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring. More importantly from an audit perspective, COSO spelled out that management in an organization had the responsibility to establish and maintain internal controls. Many of the SOX provisions are exclusively for public companies; however, the concepts behind several others are definitely applicable for local governments. For example I recommend starting with these provisions which incorporated business best practices: 1. Establish a hotline and whistleblower procedures. 2. Establish a Code of Ethics. 3. Establish an internal audit department. 4. Ensure internal auditor independence. 5. Have internal auditors report to the internal Audit Oversight Committee and not to management. 6. Have management assess and attest to their internal controls annually. 7. Have plain English disclosures. I predict that the SOX provisions will find their way into Federal Government somehow as the Comptroller General of the United States has said that the federal government has a long way to go before it can issue a GAAP conformity financial statement and for reference, this effort has been in progress for at least seven years. I also see some form of SOX finding its way into local government as such issues as transparency, compliance, fiscal responsibility become more entrenched in the public mind. Therefore, nothing is lost in making a reasonable effort to implement the concepts in SOX that work in your individual environments.
Eli Littner, CPA, CIA, CISA, CFE, CFS is currently the Deputy Director of the Orange County Internal Audit Department and has worked an auditor with the Internal Revenue Service (IRS), the Defense Contract Audit Agency (DCAA), and Caltech University’s research and development corporation (FFRDC) and Jet Propulsion Lab.
|
|
| Users' Comments |
|
Average user rating
|
|
|
Quarterly Articles