Customer Reviews

Manager's Guide to the Sarbanes-Oxley Act: Improving Internal Controls to Prevent Fraud

5 star:		(12)
4 star:		(1)
3 star:		(0)
2 star:		(0)
1 star:		(2)

 

 

I've read a number of books and literally thousands of web pages of information about Sarbanes-Oxley, and have to rank this book as the best starting point for stakeholders who are peripherally involved in compliance. The reasons are:

(1) It's readable! This is not a dry, boring tome, but a highly readable summary of Sarbanes-Oxley, what it is (and isn't), and realistic examples and anecdotes to reinforce the material.
(2) It covers a surprisingly lot of ground for a book aimed at a non-practitioner audience. The Control Smart Framework, detailed advice on identifying threats and vulnerabilities, and how to protect yourself are invaluable to anyone directly or indirectly involved in Sarbanes-Oxley compliance.

In addition to the rich information and clear explanations of key elements of Sarbanes-Oxley I like the appendices, which also provide useful information - especially appendices B (Key Performance Indicator Reporting), C (Examples of Key Performance Indicators) and D (Control Activities).

This book will quickly get you up-to-speed about Sarbanes-Oxley and its ramifications, and will do so relatively painlessly compared to other books on the basics of the Act.

If you're looking for a more in-depth book, especially one that addresses the scope and complexity of Section 404 compliance, I highly recommend "How to Comply with Sarbanes-Oxley Section 404: Assessing the Effectiveness of Internal Control (ISBN 0471653667). If you are an IT professional I strongly recommend visiting Information Systems Audit and Control Association (ASIN B00006BW74), which makes available a free 84-page document titled "IT Control Objectives for Sarbanes-Oxley". For more general information, there is a commercial site that provides news and updates on Sarbanes-Oxley issues (ASIN B0000AM23N), as well as the Public Company Accounting Oversight Board (ASIN B00013Y80Y), which provides rule making information and a means to comment on proposed rules. You can reach these sites by pasting the ASIN numbers in the search box at the top of this page, selecting all products and clicking GO.

Boards of all shapes and sizes are wondering about the affect that Sarbanes-Oxley act will have upon their operations, accountability, and liability. But what about the managers running the day-to-day operations? Mr. Green kept his promise to "introduce groundbreaking and practical 'Control Smart' approach that not only meets the requirements of Sarbanes-Oxley, but also alerts you if operational controls stop working or are otherwise compromised."

While larger companies can afford to spend millions of dollars to implement control system monitoring tools, managers of small to mid-sized companies can be unsure of how to move forward if their budgets can't accommodate expensive advisors and systems. Mr. Green tells us in a forthright and clear manner that we must not depend on others to audit accountability into our reporting systems any more than we are able to test reliability or quality into our products. He places responsibility for our transparent transactions squarely on the shoulders of every manager and every employee throughout the organization.

The "Control Smart" approach to understanding where we need to make transformational changes and where we can live with transitional changes is easy to understand even as it is complex and difficult to execute. But we must all attempt to do so. Green insists that we can "walk our talk by taking the culture of our companies seriously. We are able to create positive values as company objectives and appropriately compensate those who uphold the company image." In this well written book, you will find the answer to just what it is that managers today need to do to implement the spirit and the law of Sarbanes-Oxley.

This book is a must read in the era of Sarbanes-Oxley. As numerous companies are currently immersing themselves into Sarbanes-Oxley testing, they may question the necessity and cost to their organization and shareholders. All they have to do is read this book which delivers real world examples set forth by the author which makes for extremely interesting and fast reading. I intend to make this required reading for all my staff.

Sarbanes-Oxley Act (SOA) is probably the single most important law affecting corporate governance and financial disclosure since the US securities laws of the early 1930s.
This book describes in a practical and concise manner the complexity of Sarbanes-Oxley Act for non-financial managers and directors, and gives a pathway model to develop an efficient control environment of businesses. I found very useful and straightforward to implement the Control Smart approach to help obliterate vulnerabilities and develop a strong defense against corporate fraud.
I think that this book is a valuable, must read guide for both, financial and non-financial managers. I would also recommend it as reference manual for management training programs as well as business schools.

A knowledgeable executive with valuable hands-on experience and an ability to communicate in a no-fluff manner has spelled out everything today's manager needs to know in order to establish and nurture a strong framework of internal controls.
In this book, Scott Green has presented captivating real-world examples that emphasize both the importance of a strong internal control structure and the ramifications of a fraudulent corporate culture. He has boiled down the complexity of Sarbanes-Oxley into a clear and concise tool for managers of small and mid-sized companies.
And, he's done all of this in such a way that makes for a very interesting read.

The Sarbanes-Oxley Act is one of the most complex, costly pieces of legislation to emerge from Congress in the past two decades. Author Scott Green considers the legislation itself to be a risk - not merely to managers who might find themselves disgraced or imprisoned for mere mistakes and oversights, but also to the productive forces of American capitalism. His book outlines a process for identifying and managing the kind of risk that might result in violations of Sarbanes-Oxley. His approach is blessedly free from jargon and almost intuitively obvious. Other things about this book make it appealing to a reader who has waded through other analyses of Sarbanes-Oxley and who is concerned about full compliance. First, without oversimplifying, Green presents his prescription in simple, straightforward terms. Second, he does not make an overt sales pitch for his firm's consulting services. Third, he has apparently not service-marked his favorite terminology, such as "Smart Links." This restraint confirms that he actually has something to say to you, and is not merely trying to drum up business. What he has to say is not stunning or new, nor is it presented in sparkling prose, but we find it reasonably useful and well worth a manager's time to read.

I found the book to be smooth reading and very informative. The book provides detailed examples of internal control issues from actual companies. I have a newfound understanding of these issues now, because of the level of detail and the varied perspectives provided in by the author. I would recommend this book to anyone in a managerial position concerned with internal controls in their organization.

The title to this book, while timely, doesn't really do the content justice, for the book is more than just a guide to the Sarbanes-Oxley Act - it addresses a range of corporate risk management issues to relevent to middle level managers up through board members. Scott Green manages to strike a good balance between discussions of strategic issues and of practical implementation considerations in the areas of control and fraud prevention mechanisms. It also contains some of the more insightful assessments I've seen of "what went wrong" at some of the more notable corporate failures of recent times. The book is written in a highly readable fashion and I'd recommend it to any manager, company advisor, or board member looking to get a better handle on considerations related to Sarbanes-Oxley and the topic of internal controls in general.

The title to this book, while timely, doesn't really do the content justice, for the book is more than just a guide to the Sarbanes-Oxley Act - it addresses a range of corporate risk management issues to relevent to middle level managers up through board members. Scott Green manages to strike a good balance between discussions of strategic issues and of practical implementation considerations in the areas of control and fraud prevention mechanisms. It also contains some of the more insightful assessments I've seen of "what went wrong" at some of the more notable corporate failures of recent times. The book is written in a highly readable fashion and I'd recommend it to any manager, company advisor, or board member looking to get a better handle on considerations related to Sarbanes-Oxley and the topic of internal controls in general.

Green's book was one of the first to tackle the theory and application of Sarbanes-Oxley to businesses. The content remains relevant, recording the value that can be provided by effective review, documentation and improvement of internal controls.

This book is written for managers, not for auditors or consultants who need more technical/legal content.

The author provides a wide variety of relevant stories about fraud detection, prevention and mitigation, including those that triggered the legislation.

Green explains the concept of internal controls, placing them within a risk management context, while illustrating the business case and value for this investment.

He provides a simple (but not simplistic) tool to approach all business processes and identify risks, weaknesses and compensating controls. He provides examples and checklists of specific controls and control risks.

In spite of the dry topic, this book is a quick, interesting and effective treatment of the subject. Experienced managers may be able to speed read a majority of the pages and digest the important background quickly. Of course, the real learning takes place when a manager sits down to review the processes for which he or she is responsible!