SOX 404 Reported Internal Control Weaknesses: A Test of COSO Framework Components and Information Technology

SOX 404 Reported Internal Control Weaknesses: A Test of COSO Framework Components and Information Technology

This paper examines internal controls, from both an information technology (IT) and non-IT perspective, in relation to the five components of the Committee of Sponsoring Organization's Internal Control-Integrated Framework (COSO 1992), as well as the achievement of one of COSO's three obje...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:The Journal of information systems 2009-09, Vol.23 (2), p.1-23
Hauptverfasser: Klamm, Bonnie K., Watson, Marcia Weidenmier
Format: Artikel
Sprache:eng
Schlagworte:
Communication
Correlation analysis
Financial reporting
Hypotheses
Information technology
Internal controls
Multivariate analysis
Public Company Accounting Reform & Investor Protection Act 2002-US
Risk assessment
Studies
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 23
container_issue 2
container_start_page 1
container_title The Journal of information systems
container_volume 23
creator Klamm, Bonnie K.
Watson, Marcia Weidenmier
description This paper examines internal controls, from both an information technology (IT) and non-IT perspective, in relation to the five components of the Committee of Sponsoring Organization's Internal Control-Integrated Framework (COSO 1992), as well as the achievement of one of COSO's three objectives-reporting reliability. Our sample consists of 490 firms with material weaknesses reported under Sarbanes-Oxley Section 404 during the first year of compliance. We classify the weaknesses by COSO component and as IT-related or non-IT-related. Our results support the interrelationships of the COSO Framework. The results also show that the number of misstated accounts is positively related to the number of weak COSO components (i.e., scope) and certain weak COSO components (i.e., existence). Firms with IT-related weak components report more material weaknesses and misstatements than firms without IT-related weak components, providing evidence on the pervasive negative impact of weak IT controls, especially in control environment, risk assessment, and monitoring.
doi_str_mv 10.2308/jis.2009.23.2.1
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_235942597</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>1875075121</sourcerecordid><originalsourceid>FETCH-LOGICAL-c299t-c805c4e05e9ed6277fc6d8245da4d383fef88a9bd206670730196cdb6bd863a83</originalsourceid><addsrcrecordid>eNotkN1LwzAUxYMoOKfPvgbfu6VJ0yS-jeLHYFBwE30LWXOr29qkJh2y_96W-XTvgd893HMQuk_JjDIi5_tdnFFC1KBmdJZeoEnKuUyE4uoSTYiU4y75NbqJcU8IEZSJCWrW5SfOSIbfoPOhB4uXrofgTIML7_rgG_wB5uAgRoiPeIE3EHvsa1yU6xI_B9PCrw-HAW4778D1ERs3mtQ-tKbfeTdcVN_ON_7rdIuuatNEuPufU_T-_LQpXpNV-bIsFqukokr1SSUJrzIgHBTYnApRV7mVNOPWZJZJVkMtpVFbS0meCyIYSVVe2W2-tTJnRrIpejj7dsH_HIeH9d4fx0xRU8ZVRrkSAzQ_Q1XwMQaodRd2rQknnRI9NqqHRvXY6KA01Sn7A2VCaaQ</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>235942597</pqid></control><display><type>article</type><title>SOX 404 Reported Internal Control Weaknesses: A Test of COSO Framework Components and Information Technology</title><source>EBSCOhost Business Source Complete</source><creator>Klamm, Bonnie K. ; Watson, Marcia Weidenmier</creator><creatorcontrib>Klamm, Bonnie K. ; Watson, Marcia Weidenmier</creatorcontrib><description>This paper examines internal controls, from both an information technology (IT) and non-IT perspective, in relation to the five components of the Committee of Sponsoring Organization's Internal Control-Integrated Framework (COSO 1992), as well as the achievement of one of COSO's three objectives-reporting reliability. Our sample consists of 490 firms with material weaknesses reported under Sarbanes-Oxley Section 404 during the first year of compliance. We classify the weaknesses by COSO component and as IT-related or non-IT-related. Our results support the interrelationships of the COSO Framework. The results also show that the number of misstated accounts is positively related to the number of weak COSO components (i.e., scope) and certain weak COSO components (i.e., existence). Firms with IT-related weak components report more material weaknesses and misstatements than firms without IT-related weak components, providing evidence on the pervasive negative impact of weak IT controls, especially in control environment, risk assessment, and monitoring.</description><identifier>ISSN: 0888-7985</identifier><identifier>EISSN: 1558-7959</identifier><identifier>DOI: 10.2308/jis.2009.23.2.1</identifier><language>eng</language><publisher>Sarasota: American Accounting Association</publisher><subject>Communication ; Correlation analysis ; Financial reporting ; Hypotheses ; Information technology ; Internal controls ; Multivariate analysis ; Public Company Accounting Reform &amp; Investor Protection Act 2002-US ; Risk assessment ; Studies</subject><ispartof>The Journal of information systems, 2009-09, Vol.23 (2), p.1-23</ispartof><rights>Copyright American Accounting Association Fall 2009</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c299t-c805c4e05e9ed6277fc6d8245da4d383fef88a9bd206670730196cdb6bd863a83</citedby></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>314,780,784,27923,27924</link.rule.ids></links><search><creatorcontrib>Klamm, Bonnie K.</creatorcontrib><creatorcontrib>Watson, Marcia Weidenmier</creatorcontrib><title>SOX 404 Reported Internal Control Weaknesses: A Test of COSO Framework Components and Information Technology</title><title>The Journal of information systems</title><description>This paper examines internal controls, from both an information technology (IT) and non-IT perspective, in relation to the five components of the Committee of Sponsoring Organization's Internal Control-Integrated Framework (COSO 1992), as well as the achievement of one of COSO's three objectives-reporting reliability. Our sample consists of 490 firms with material weaknesses reported under Sarbanes-Oxley Section 404 during the first year of compliance. We classify the weaknesses by COSO component and as IT-related or non-IT-related. Our results support the interrelationships of the COSO Framework. The results also show that the number of misstated accounts is positively related to the number of weak COSO components (i.e., scope) and certain weak COSO components (i.e., existence). Firms with IT-related weak components report more material weaknesses and misstatements than firms without IT-related weak components, providing evidence on the pervasive negative impact of weak IT controls, especially in control environment, risk assessment, and monitoring.</description><subject>Communication</subject><subject>Correlation analysis</subject><subject>Financial reporting</subject><subject>Hypotheses</subject><subject>Information technology</subject><subject>Internal controls</subject><subject>Multivariate analysis</subject><subject>Public Company Accounting Reform &amp; Investor Protection Act 2002-US</subject><subject>Risk assessment</subject><subject>Studies</subject><issn>0888-7985</issn><issn>1558-7959</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2009</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><recordid>eNotkN1LwzAUxYMoOKfPvgbfu6VJ0yS-jeLHYFBwE30LWXOr29qkJh2y_96W-XTvgd893HMQuk_JjDIi5_tdnFFC1KBmdJZeoEnKuUyE4uoSTYiU4y75NbqJcU8IEZSJCWrW5SfOSIbfoPOhB4uXrofgTIML7_rgG_wB5uAgRoiPeIE3EHvsa1yU6xI_B9PCrw-HAW4778D1ERs3mtQ-tKbfeTdcVN_ON_7rdIuuatNEuPufU_T-_LQpXpNV-bIsFqukokr1SSUJrzIgHBTYnApRV7mVNOPWZJZJVkMtpVFbS0meCyIYSVVe2W2-tTJnRrIpejj7dsH_HIeH9d4fx0xRU8ZVRrkSAzQ_Q1XwMQaodRd2rQknnRI9NqqHRvXY6KA01Sn7A2VCaaQ</recordid><startdate>20090901</startdate><enddate>20090901</enddate><creator>Klamm, Bonnie K.</creator><creator>Watson, Marcia Weidenmier</creator><general>American Accounting Association</general><scope>AAYXX</scope><scope>CITATION</scope><scope>0U~</scope><scope>1-H</scope><scope>3V.</scope><scope>7WY</scope><scope>7WZ</scope><scope>7X1</scope><scope>7XB</scope><scope>87Z</scope><scope>88F</scope><scope>8A9</scope><scope>8AO</scope><scope>8FK</scope><scope>8FL</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>ANIOZ</scope><scope>BENPR</scope><scope>BEZIV</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>FRAZJ</scope><scope>FRNLG</scope><scope>F~G</scope><scope>K60</scope><scope>K6~</scope><scope>L.-</scope><scope>L.0</scope><scope>M0C</scope><scope>M1Q</scope><scope>PQBIZ</scope><scope>PQBZA</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>Q9U</scope><scope>S0X</scope></search><sort><creationdate>20090901</creationdate><title>SOX 404 Reported Internal Control Weaknesses: A Test of COSO Framework Components and Information Technology</title><author>Klamm, Bonnie K. ; Watson, Marcia Weidenmier</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c299t-c805c4e05e9ed6277fc6d8245da4d383fef88a9bd206670730196cdb6bd863a83</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2009</creationdate><topic>Communication</topic><topic>Correlation analysis</topic><topic>Financial reporting</topic><topic>Hypotheses</topic><topic>Information technology</topic><topic>Internal controls</topic><topic>Multivariate analysis</topic><topic>Public Company Accounting Reform &amp; Investor Protection Act 2002-US</topic><topic>Risk assessment</topic><topic>Studies</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Klamm, Bonnie K.</creatorcontrib><creatorcontrib>Watson, Marcia Weidenmier</creatorcontrib><collection>CrossRef</collection><collection>Global News &amp; ABI/Inform Professional</collection><collection>Trade PRO</collection><collection>ProQuest Central (Corporate)</collection><collection>ABI/INFORM Collection</collection><collection>ABI/INFORM Global (PDF only)</collection><collection>Accounting &amp; Tax Database</collection><collection>ProQuest Central (purchase pre-March 2016)</collection><collection>ABI/INFORM Global (Alumni Edition)</collection><collection>Military Database (Alumni Edition)</collection><collection>Accounting &amp; Tax Database (Alumni Edition)</collection><collection>ProQuest Pharma Collection</collection><collection>ProQuest Central (Alumni) (purchase pre-March 2016)</collection><collection>ABI/INFORM Collection (Alumni Edition)</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>Accounting, Tax &amp; Banking Collection</collection><collection>ProQuest Central</collection><collection>Business Premium Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>Accounting, Tax &amp; Banking Collection (Alumni)</collection><collection>Business Premium Collection (Alumni)</collection><collection>ABI/INFORM Global (Corporate)</collection><collection>ProQuest Business Collection (Alumni Edition)</collection><collection>ProQuest Business Collection</collection><collection>ABI/INFORM Professional Advanced</collection><collection>ABI/INFORM Professional Standard</collection><collection>ABI/INFORM Global</collection><collection>Military Database</collection><collection>ProQuest One Business</collection><collection>ProQuest One Business (Alumni)</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>ProQuest Central Basic</collection><collection>SIRS Editorial</collection><jtitle>The Journal of information systems</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Klamm, Bonnie K.</au><au>Watson, Marcia Weidenmier</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>SOX 404 Reported Internal Control Weaknesses: A Test of COSO Framework Components and Information Technology</atitle><jtitle>The Journal of information systems</jtitle><date>2009-09-01</date><risdate>2009</risdate><volume>23</volume><issue>2</issue><spage>1</spage><epage>23</epage><pages>1-23</pages><issn>0888-7985</issn><eissn>1558-7959</eissn><abstract>This paper examines internal controls, from both an information technology (IT) and non-IT perspective, in relation to the five components of the Committee of Sponsoring Organization's Internal Control-Integrated Framework (COSO 1992), as well as the achievement of one of COSO's three objectives-reporting reliability. Our sample consists of 490 firms with material weaknesses reported under Sarbanes-Oxley Section 404 during the first year of compliance. We classify the weaknesses by COSO component and as IT-related or non-IT-related. Our results support the interrelationships of the COSO Framework. The results also show that the number of misstated accounts is positively related to the number of weak COSO components (i.e., scope) and certain weak COSO components (i.e., existence). Firms with IT-related weak components report more material weaknesses and misstatements than firms without IT-related weak components, providing evidence on the pervasive negative impact of weak IT controls, especially in control environment, risk assessment, and monitoring.</abstract><cop>Sarasota</cop><pub>American Accounting Association</pub><doi>10.2308/jis.2009.23.2.1</doi><tpages>23</tpages></addata></record>
fulltext fulltext
identifier ISSN: 0888-7985
ispartof The Journal of information systems, 2009-09, Vol.23 (2), p.1-23
issn 0888-7985
1558-7959
language eng
recordid cdi_proquest_journals_235942597
source EBSCOhost Business Source Complete
subjects Communication
Correlation analysis
Financial reporting
Hypotheses
Information technology
Internal controls
Multivariate analysis
Public Company Accounting Reform & Investor Protection Act 2002-US
Risk assessment
Studies
title SOX 404 Reported Internal Control Weaknesses: A Test of COSO Framework Components and Information Technology
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-13T07%3A34%3A24IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=SOX%20404%20Reported%20Internal%20Control%20Weaknesses:%20A%20Test%20of%20COSO%20Framework%20Components%20and%20Information%20Technology&rft.jtitle=The%20Journal%20of%20information%20systems&rft.au=Klamm,%20Bonnie%20K.&rft.date=2009-09-01&rft.volume=23&rft.issue=2&rft.spage=1&rft.epage=23&rft.pages=1-23&rft.issn=0888-7985&rft.eissn=1558-7959&rft_id=info:doi/10.2308/jis.2009.23.2.1&rft_dat=%3Cproquest_cross%3E1875075121%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=235942597&rft_id=info:pmid/&rfr_iscdi=true