Sarbanes-Oxley (SarbOx) requirements are drawing internal audit teams away from fraud prevention, costing enterprises millions of dollars annually. Redirect internal audit back to its original goal of recovering losses.
Internal Audit Straying from Target
Since the introduction of the Sarbanes-Oxley Act of 2002, internal audit teams have focused much of their attention on documenting the controls around financial reporting. Documentation is an important task, but it is drawing resources away from another critical function of internal audit: actual testing of those controls to prevent corporate fraud.