New auditing and quality control standards adopted by the PCAOB and AICPA require auditors to have adequate technical training and understand the role information technologies play in maintaining effective internal control of financial information. ACC-675 gives auditors the knowledge to comply with Sarbanes-Oxley Section 404 by testing the process, not just the product, of the financial information system.
Testing the process, not just the product
ACC-675's central idea is that a reliable financial information system depends on the process producing the numbers being sound, not just the final reported figures looking correct — which is exactly what SOX Section 404 requires auditors to attest to regarding internal control.
Applying ISACA and PCAOB standards
The course covers transcribing financial processes into narrative and flowcharts to identify gaps that could produce material weaknesses, summarizing the advantages and disadvantages of different EDP (electronic data processing) systems, performing substantive testing, and interpreting standards from ISACA and the Public Company Accounting Oversight Board.
Key topics in ACC675
- PCAOB and AICPA auditing standards for IT
- Sarbanes-Oxley Section 404 compliance
- Transcribing processes into narrative and flowcharts
- Identifying gaps producing material weaknesses
- Substantive testing of accounting information systems
- ISACA standards interpretation
Working on your ACC-675 assignments?
Our accounting experts help with ACC-675 IT auditing and SOX compliance assignments and process flowchart projects.
Worked example: process flowcharting revealing a material weakness
- Formalized process on paper: States that two people must approve every large disbursement
- Flowcharting the actual system: Reveals the accounting software doesn't technically enforce this — a single user could bypass it
- Material weakness identified: The stated control and the actual system don't match
- Lesson: ACC-675 teaches that testing the process itself, via flowcharting and substantive testing, catches gaps that simply reviewing final reported numbers never would
Get Help With ACC675
SNHU ACC-675 IT auditing and SOX Section 404 compliance assignments.
Place Your OrderView All ServicesRelated courses
Frequently asked questions
SOX Section 404 requires management and auditors to attest to the effectiveness of internal control over financial reporting, and a set of financial statements can appear correct in a given period purely by chance or through undetected manual intervention even if the underlying process generating them is genuinely unreliable. ACC-675 teaches process-focused testing — transcribing processes into flowcharts, performing substantive testing of the system itself — specifically because SOX 404 compliance depends on auditors verifying the process is sound and repeatable, not just confirming that this particular period's output happened to look right.
Modern financial information overwhelmingly flows through electronic data processing systems, and internal controls over that information — access restrictions, automated approval workflows, system-enforced segregation of duties — are implemented in the technology itself, meaning an auditor who doesn't understand how the underlying IT system actually works can't meaningfully evaluate whether its controls are genuinely effective. ACC-675 covers this because the PCAOB and AICPA standards it's built around specifically require this technical IT competency as part of adequate auditor training in a technology-driven financial reporting environment.