This memo outlines the analysis performed by a company to determine the scope of internal control documentation and testing as part of compliance with Section 404 of the Sarbanes-Oxley Act. In this example, multilocation testing considerations are outlined.
The following scope and objectives were analyzed: Is the business unit individually significant? Are there specific significant risks? Are there business units that are not important, even when aggregated with others? Are there documented entitywide controls over business units that are important only when aggregated with others?
Sarbanes-Oxley Year-End Audit Committee Report
Policies & Procedures