Discussion
Brigham and Ehrhardt (2022) argued that information technology (IT) brings certain unique and potentially significant risks in terms of security, segregation of duties, change management, and data integrity. Therefore, companies must assess IT risks and identify controls to mitigate them. Without appropriate knowledge, tools, and people, companies will risk doing too much or too little in this area.
Brigham and Ehrhardt (2022) postulated that recent corporate reporting failures and exposure to systemic fraud had created an appetite for certainty and precision in assessing the effectiveness of controls over financial reporting and operations business processes, and their vulnerability and exposure to risk. Driven by Section 404 of the Sarbanes-Oxley Act, management is now required to report on the effectiveness of internal control and procedures for financial reporting. Additionally, the company’s auditors must attest to and report on management’s assertion about the effectiveness of those internal financial controls.
Brigham and Ehrhardt (2022 ) argued that the legislation profoundly impacts the governance and behavior of any business with a US listing. Concerning SOX, how has the governance of the recent economic failure from 2007 to 2009 dealt with reporting losses and exposure to systemic fraud?
Answer Preview
APA Format, 699 words