Disaster Recovery Planning: What Section 404 Audits Reveal

Authors

Dana R. Hermanson, Kennesaw State UniversityFollow
Daniel M. Ivancevich, University of North Carolina - Wilmington
Susan H. Ivancevich, University of North Carolina - Wilmington

Document Type

Article

Publication Date

12-2007

Abstract

This article summarizes U.S. Sarbanes-Oxley Act section 404 internal control reports that reveal material weaknesses due to inadequate disaster recovery planning. According to the authors, Section 404 applies to public companies with over $75 million in public float. They advise that auditors evaluating internal control over financial reporting must consider key information technology-related risks and controls that affect financial reporting, including issues related to disaster recovery planning.