Management's Guide to Sarbanes-Oxley Section 404: Maximize Value Within Your Organization

Every organization is required to use a recognized internal controls framework for its Sarbanes-Oxley program. The only framework recognized by the SEC is COSO s Internal Control Integrated Framework, which was updated in 2013. It is designed to address the system of internal control for all objectives, not just internal control over financial reporting and compliance with the U.S. Sarbanes-Oxley Act of 2002.

Experience and the regulators have made it clear that a top down and risk-based approach to management s assessment of internal control is essential. The guidance presented in this updated book is consistent with COSO 2013 and promotes an efficient and effective top down, risk-based assessment program.