Sarbanes-Oxley and the New Internal Auditing Rules

This book is essential reading for anyone involved in internal audits per Sarbanes-Oxley, including auditing professionals and senior management whose business or technical domains are affected (i.e., all senior managers). The focus is on auditing from the practitioner's point of view, and Chapter 2 shines because it summarizes SOA and how it affects internal audit as a function and as a practice. This material encompasses relationships with external auditors and with the audit committee, which are important parts of SOA. A further tie to the audit committee is given in detail in Chapter 3.Chapter 5, 'COSO, Section 404, and Control Self-Assessments' is the heart of this book in many respects. However, as an IT consultant I found Chapters 6, 7 and 9 more aligned to what I do - and the reason why I cited the audience of this book as wider than auditing practitioners. For example, the inclusion of CobiT (Control Objectives for IT) in Chapter 6, Disaster Recovery and Continuity Planning (Chapter 7) and Enterprise Risk Management, Privacy, and Other Legislative Initiatives (Chapter 9) are directly or indirectly related to IT, and the information I gleaned from those chapters helped to place SOA within the context of my profession's support requirements and IT auditing. I was also surprised and gratified to find ITIL best practices, which is an international standard for IT infrastructure management, including service delivery and service support. Again, this information shows how far reaching SOA is, and the need for all managers to fully understand their roles and how SOA will affect the way they operate and manage their functional areas.Of course, for professional auditors, the chapters on Internal Audit Fraud Detection and Prevention (8), Rules and Procedures for Internal Auditors Worldwide (10), and Continuous Assurance Auditing Future Directions (11) round out this comprehensive book. As a non-practitioner I found it to be clearly written and, in many respects, enlightening. The breadth of topics and the depth into which they are delved is impressive.