Dear George,
Welcome to the
April, 2008, edition of the SOXCPA Newsletter.
Our
mission is to offer a summary of news, events
and opportunities from the field of the
US Sarbanes-Oxley and its
International flavors -
the European
Sarbanes-Oxley (8th Company Law Directive,
E-SOX), the Japanese Sarbanes-Oxley (Financial
Instruments and Exchange Law, J-SOX) and
other laws and
regulations.
We have some
important news to share today.
A.
The Public
Company Accounting Oversight Board
adopted the Auditing Standard No. 6
You must read
the document: www.pcaobus.org
The
Board adopted the standard and amendments in
light of the Financial
Accounting Standards Board's (FASB)
issuance of Statement of Financial Accounting
Standards No. 154, Accounting Changes and Error
Corrections, and impending issuance of Statement
of Financial Accounting Standards, The Hierarchy
of Generally Accepted Accounting
Principles.
According to the Auditing
Standard No. 6, the auditor's report
should indicate whether an adjustment to
previously issued financial statements results from a
change in accounting principle or the correction
of a misstatement.
WAIT!
This Auditing Standard No. 6 and the
amendments, must be approved
first by the Securities and Exchange Commission
(SEC) and they will become effective 60
days after the
SEC's approval.
http://www.sec.gov/rules/pcaob.shtml
B.
An
open letter to IT and Information Security
professionals
It is
good to remember that
nobody has promised
that our financial statements are
accurate
we have promised adequate
controls
that provide reasonable
assurance
that we do not have material
misstatements
and can
prevent (not will prevent) or detect
material
misstatements on a timely basis
www.compliance-llc.com/
IT_and_Information_Security_after_Sarbanes_Oxley.pdf
Dear
IT and Information Security
professional,
Have you ever visited EDGAR?
No,
not Mr. J. Edgar Hoover, the former director of
the FBI. EDGAR stands for Electronic Data
Gathering, Analysis, and Retrieval. It is
the database of the Securities and Exchange
Commission (SEC), the system through which the
SEC accepts electronic transmission of
submissions from filers
(www.sec.gov/edgar/searchedgar/webusers.htm).
This
is the
first step, a great opportunity to learn
what is happening in your company. No kidding!
All companies disclose to the public much more
information than they disclose to their
employees.
You will be able to research
your company's financial information and
operations and to review registration
statements, prospectuses and periodic reports
filed on Forms 10-K and 10-Q. Sometimes you can
find important information about recent
corporate events reported on Form
8-K.
And which is the second
step? To understand your company's
disclosures. You will read what exactly you have
promised to the public, because this is what you
are supposed to do.
No, you will not
read words like information security, security
breach, hacker, cyber attack, virus, worm,
computer attack, computer security, network
intrusion, data theft, cyber fraud. You may find
the words interruption, disruption, failure. For
example, you may read that "system interruption
and the lack of redundancy in our systems may
affect our sales".
You will also
understand why information security is not any
more so important for your organization. Of
course, companies avoid explaining something
like that, it is simply out of the scope of the
projects, there are no auditors that ask
questions, there are no deadlines, so we just do
very few things.
You don't believe me?
Please continue to read
www.compliance-llc.com/
IT_and_Information_Security_after_Sarbanes_Oxley.pdf
Dear
Members,
At every stage of your
education, training and career, our association
provides information and services you can
use.
Best
Regards,
George
Lekatis
President of the Sarbanes Oxley
Compliance Professionals Association
(SOXCPA)
General Manager and Chief Compliance
Consultant, Compliance LLC
1220 N. Market
Street Suite 804
Wilmington, DE 19801, USA
Tel: (302) 342-8828
Email:
lekatis@sarbanes-oxley-association.com
| |
New
Training courses and
presentations
A.
For IT and Information Security
Professionals
B.
For Presales, Sales and
Marketing
C.
For Process Owners
D.
For the Board of Directors and Executive
Management
E.
For Clients and Prospects
F.
Basel ii Awareness
G.
Professionally Speaking.
Basel ii Keynotes /
Breakouts
More
Information:
Please
visit
www.sarbanes-oxley-training.com
|
| |
 |
News
Sarbanes-Oxley
after the US elections
Both McCain,
the Republican senator from Arizona, and Clinton,
the Democratic senator from New York, voted for
the Act in 2002 and continue to support
it.
Obama, the
Democratic senator from Illinois backs also the
goals of the
law.
Opportunities
European
Union, 8th Company Law Directive: The European
Aarbanes-Oxley!
Are
you working in a Sarbanes-Oxley project? Your knowledge
and experience will be important for the
implementation of the 8th Company Law
Directive, the European Sarbanes
Oxley.
After the
passage of the US Sarbanes-Oxley Act in 2002,
US and non-US companies listed in a US
stock exchange have the difficult task to comply
with the Sarbanes-Oxley
Act.
After the
passage of the European Union's 8th Company Law
Directive on Statutory Audit (Directive
2006/43/EC), European and
non-European companies listed in
countries of the European
Economic Area have to comply with the 8th
company law directive.
EU Member States must comply with this
Directive before 29 June 2008. EU companies start to
comply after this
date.
US
Firms listed in the European Economic Area
must
comply after
the end of
2010.
The
8th directive is considered the European
post
Sarbanes-Oxley regulatory retaliation.
And, like in the
US SOX, there are extremely important
extraterritorial
consequences.
Several
countries (example: Offshore Financial Centers -
OFCs) enact
legislation to prove that they have an
"equivalent level of regulation", to protect
their auditors that audit offshore companies
with EU listings from being subject to a tough
European oversight regime.
Otherwise,
auditors and audit firms from 'third countries'
like the USA have
to be registered in the EU and to be subject to
oversight, quality assurance and
sanctions.
The
European SOX (E-SOX) and the Japanese SOX
(J-SOX) create a new flat world in the financial
markets.
| | |
