Updating from a higher level oe to a lower level virtial dating
5 (Release 2007-005 "An audit of internal control over financial reporting that is integrated with an audit of financial statements") This guidance is applicable for 2007 assessments for companies with 12/31 fiscal year-ends.
The PCAOB release superseded the existing PCAOB Auditing Standard No.
The COSO Internal Control-Integrated Framework, a standard of internal control widely used for SOX compliance, states: "A precondition to risk assessment is the establishment of objectives..." and "Risk assessment is the identification and analysis of relevant risks to achievement of the objectives." The SOX guidance states several hierarchical levels at which risk assessment may occur, such as entity, account, assertion, process, and transaction class.
As such, TDRA has significant compliance cost implications for SOX404.
The guidance is principles-based, providing significant flexibility in the TDRA approach.
5, which the SEC has since approved, external auditors are no longer required to provide an opinion on management's assessment of its own internal controls.
Detailed guidance about performing the TDRA is included with PCAOB Auditing Standard No.