Good article review about sarbanes-oxley act and auditing

Sarbanes-Oxley Act is an act by the United States congress in 2002 aim at protecting investors through corporate disclosures accuracy and reliability. It mandated strict reforms aimed at improving financial disclosures and possibly prevent accounting fraud. The scandals of early 2000s such as Tycoon, WorldCom and Enron predicated the enacted of SOX. These scandals shook investor confidence, and an overhaul of regulatory standards was required. The SOX Act outlined rules as well as enforcement policies, which amended or supplemented existing legislation. There are two key provisions of the 2002 Sarbanes-Oxley Act which are section 302 and section 404. Section 302 mandated senior management of a corporation to certify the accuracy of any reported financial management. Section 404 requires auditors and management to establish internal controls together with reporting controls which are adequate to those controls.
Act on the security exchange was signed by commissioners on security who published the rules and the requirements on setting the compliance deadlines. The Sarbanes-Oxley Act defines the records to be stored for a given time. Disclosure of certain material changes by management concerning internal controls. Section 404 requirement about internal control presents a big challenge to many organizations as stringent measures should be put by the organization in compliance with the Act. The Sarbanes Oxley Act section 404 mandate companies to provide internal control report (Anand & Wilkinson, 2008). These companies are required to file the annual reports under the1934 Securities Exchange Act. The companies include small-business issuers, saving associations, banks and non United States companies filing annual reports with Securities Exchange Commission.
The Sarbanes-Oxley Act of 2002 has far reaching effects to publicly listed companies internal control structures. It has substantially increased expenses as internal reporting requirements are costly to implement. Besides that, documentation costs and attestation fees are substantial (Anand & Wilkinson, 2008). Internal control attestation reports need to be prepared according to the Act. The management is required to assess internal controls of the company. The Microsoft Corporation is a publicly listed company hence affected by the Sarbanes-Oxley Act. In this case, I will assess how the Act has affected its internal control. Although Microsoft Corporation is a large stable company, the Act has undeniably affected its internal control functions. Attestation reports requirement, management requirement to assess Microsoft internal controls which increases external auditing costs are some of the effects of the Act.
External auditing costs of Microsoft Corporation have increased since Sarbanes-Oxley Act came into force. This increase is brought about by the requirement of Section 404, requiring external auditors to attest and report on issues of internal control assessment prepared by Microsoft Corporation management. Internal controls have become an objective of Microsoft Audit since enacted of the Act in compliance with the law. Microsoft management has to assess its internal controls, and those hired to do auditor’s work have to attest to them hence helping to protect investors of the company. Sarbanes-Oxley Act, Section 301 requires Microsoft Corporation audit committee to be directly in charge of oversight, appointment and compensation of its external auditor. This will ensure a quality audit job is done. Financial reporting and internal control structures have been systematized since this act became a requirement for the company. Since Microsoft Corporation is a technological company, this has been done with ease coupled with its financial strength.
In conclusion, Microsoft Corporation has for long felt the effect while those charged with governance and the management of the company have involved themselves in internal affairs. Section 302 requirement of certification of its reports including financial statements has enabled Microsoft Corporation to present a fairly representative financial condition. Sarbanes-Oxley Act has heavily impacted Microsoft internal controls and its reporting structures as per the act provisions.


Auditing around the computer and through the computer are the two techniques used in auditing. The businesses are becoming reliant on computers, and its applications for its business processes necessitating auditing to be undertaken in an organization computerized environment. The auditors are required to carry the audit on the organizations systems while assessing the risk (Thomas, 1974). In this essay, I will explain what audit around the computer and through the computer means, its relevance to Microsoft Corporation and how it affects the organization depending on which one is preferred.
Auditors have a choice of two audit procedures a substantive or rely on tests of control. Auditing around the computers is known as substantive audit procedure while auditing through computers is known as reliance procedure (Thomas, 1974). Auditing around the computer involves examination of computer installation internal control system and application systems output and input in the arrival of an audit opinion while auditing through the computer involves the use of computer by the auditor to test controls and logic existing in the system as well as records produced by this system (Andrew, 1977). The audit procedure chosen by the Microsoft Corporation depends on the situation, suitability and applicability of the procedure.
Auditing around the computer requires the auditor to employ professional scientism and professional judgment on the issue. Auditor will infer processing quality done depending on the quality of its output and input of the relevant application system. Auditor around the computer becomes relevant when the application system is batch oriented and simple or when the system uses generalized software that is well-tested and widely used by many (Andrew, 1977). The batch system of auditing around the computers is suitable for use in this case because of its attributes as follows: no special routine that results from the use of the computer to process data and the system logic is straightforward; processing involves sorting input data and updating of the master file sequentially. The batch systems are also suitable for auditing around the computers because of its clear audit trail, few stresses placed on the system and a constant task environment.
Auditing through the computer can need extensive technical competence or fairly simple on the side of the auditor depending on the audited system complexity. The relevance of auditing through computers is necessitated by the following circumstances: significant parts of an organization control system are embodied in the computer system; logic of the system is complex; application system ability to process large volumes of input and consequently producing large volumes of output and because of its cost-benefit consideration (Put tick, Van, & Kana, 2007). Auditing through the computers and auditing around the computer will affect Microsoft Corporation operations depending on the choice of its auditors. Auditing through the computer is more ideal for Microsoft Corporation because of its size and the greater confidence that comes with the technique. The high costs associated with auditing through computers have negatively affected Microsoft Corporation.
It is evident that auditing through the computers and auditing around the computer have assisted auditors in undertaking their audit functions. Auditing around the computer is commonly used because many organizations have embrace technology in their systems. The large organizations like Microsoft auditors have to make a choice between using one technique or using both.


Thomas, v.(1974). Integrating the Computer in the classroom: An Approach in Auditing. The Accounting review vol. 49, No. 1
Andrew, D.(1977). A Survey of Techniques for Auditing EDP-Based Accounting Information Systems. The Accounting Review vol. 52, No. 4
Anand, S., & Wilkinson, J. (2008). The Sarbanes-Oxley act: An introduction. Van Harem Publishing.
Fletcher, W. H., & Platte, T. N. (2008). The Sarbanes-Oxley Act: Implementation, significance, and impact. New York: Nova Science Publishers.
Galina’s, U. J., Dull, R. B., & Wheeler, P. R. (2012). Accounting information systems. Mason, OH: South-Western.
Put tick, G., Van, E. S. D., & Kana, S. P. (2007). The principles and practice of auditing. Lansdowne South Africa: Jute.