Auditing Standard 2 of the PCAOB requires an "Audit of Internal Control over Financial Reporting be performed in conjunction with an Audit of Financial Statements". This puts the onus on the external auditor of an enterprise to evaluate the internal controls of the enterprise when he is expressing an opinion on the financial financial statements. This clearly means that unless an external auditor has evaluated the internal controls over financial reporting, he would not be able to express an opinion on the Financial Statements.

This also increases management's responsibilities in the audit of internal controls. To help the auditor satisfactorily complete an audit of internal controls over financial reporting, auditing standard 2 of the PCAOB reuires the management to do the following:

1. The first thing management needs to do is accept responsibility for the effectiveness of compnay's internal control over financial reporting.

2. Having accepted the responsibility for internal controls, management needs to evaluate the internal controls over financial reporting using suitable criteria prescribed by the Sarbanes Oxley act and PCAOB Auditing Standard 2.

3. Management also needs to gather sufficient evidence and maintain adequate documentation in support of its evlaution of internal controls over financial reporting.

4. Finally, at the end of the financial year, managment of the enterprise needs to make a written assessment of the effectiveness of company's internal control over financial reporting.

More on Sarbanes Oxley >>

>> SOX - Key Issues for CEO's and CFO's
>> SOX - Antifraud Action Plan
>> Evaluating Operational Effectiveness of Internal Controls
>> SAS 70 Type I Report