By J. Stephen McNally, CPA For many companies, the deadline to comply with Sarbanes-Oxley Section 404 is literally weeks away. There is, however, another hurdle on the road to compliance, one often overlooked or consciously not addressed until the final phase of a company’s overall Section 404 compliance efforts. This hurdle is the assessment of an entity’s company-level controls. The Public Company Accounting Oversight Board (PCAOB) makes it clear that public companies must assess the design and operating effectiveness of company-level controls in addition to assessing the detailed process and transactional-level control activities. Although a formal assessment of company-level controls is only required for public companies subject to Section 404, nonpublic companies and other organizations may consider it a best practice to perform a similar assessment considering the pervasive nature and impact of such controls. So, what are company-level controls, and how do you go about assessing the effectiveness of such controls? The following provides insight into the nature of company-level controls and thoughts on how to assess their design and effectiveness. DOWNLOAD PDF >

Forum Aims To Help Improve Integrity of Financial Reporting Process

NEW YORK, March 31 — KPMG LLP, the audit, tax and advisory firm, today announced establishment of the 404 Institute, an open forum designed to inspire the exchange of ideas and the development of research, leading practices, and a range of activities related to meeting the requirements of Section 404 of the Sarbanes-Oxley Act of 2002. Section 404 of the Act calls for companies to meet key requirements for their internal financial reporting controls by November 2004. MORE >