Entity-Level Risk Assessment Audit Report

Subscriber Content
Screenshot of the first page of Entity-Level Risk Assessment Audit Report

SOX requires that executive officers of public companies confirm that a clearly understood internal control environment exists at the senior levels of the overall enterprise as well as the operating units and that the internal control environment is enforced and effective. The objectives of this entity-level assessment are to confirm the existence of internal controls (e.g., policies, business practices, people, methodologies, etc.) and query senior finance executives for their individual impression of specific attributes that define key internal controls.

The expectation is that senior management and the SOX project manager agree on the current assessment of entity-level controls and agree (or reassess) the extent of field work necessary for SOX Phase I. This sample audit report presents findings from an entity-level risk assessment review.


Topics
Audit Reporting
Internal Controls
COSO
Entity-Level Control
Risk Assessment
Sarbanes-Oxley Act
Section 404-Internal Control Reporting

Related Resources

Audit Programs

Entity-Level Controls Audit Work Program

Audit Reports

Entity-Level Fraud Risk Assessment Process Report

Checklists & Questionnaires

Entity-Level Controls Fraud Questionnaire

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It