1. Federal Managers’ Financial Integrity Act of 1982 and Sarbanes-Oxley Act of 2002: An Overview.

Appendix 1A. Action Plan: Structuring the Project.

Appendix 1B. Requirements for Management’s Assessment Process: Cross-Reference to Guidance.

2. Internal Control Criteria.

3. Internal Control Assessment: Project Planning.

Appendix 3A. Action Plan: Project Planning .

Appendix 3B. Summary of Planning Questions.

4. Identifying Significant Control Objectives.

Appendix 4A. Action Plan: Identifying Significant Control Objectives.

Appendix 4B. Example Significant Control Objectives.

Appendix 4C. Map to the COSO Framework.

Appendix 4D. Map to the Auditing Literature.

Appendix 4E. Working with the Independent Auditors: Lessons Learned from the Initial Implementation of Sarbanes-Oxley.

5. Documentation of Significant Controls.

Appendix 5A. Action Plan: Documentation.

Appendix 5B. Evaluating the Design and Implementation  of Automated Compliance Tools.

Appendix 5C. Linkage of Significant Control Objectives to Example Control Policies and Procedures.

6. Testing and Evaluating Entity-Level Controls.

Appendix 6A. Action Plan: Testing and Evaluating Entity-Level Controls.

Appendix 6B. Survey Tools.

Appendix 6C. Example Inquiries of Management Regarding Entity-Level Controls.

Appendix 6D. Guidance for Designing a Computer General Controls Review.

7. Testing and Evaluating Activity-Level Controls.

Appendix 7A. Action Plan: Documentation.

Appendix 7B. Example Inquiries.

8. Reporting.

Appendix 8A. Examples of Current Private Industry Practices.

Index.