2 CPE Entity level controls (ELCs) are often difficult to identify and even more difficult to assess. Soft controls are similar to entity level controls. They do not lend themselves to normal validation processes. Assessors must often utilize interviews, questionnaires and observations or other unique methods.
Other courses have looked at top-down risk assessment (RA) and discussed ELCs and some methods for assessment. This course delves further into understanding approaches to assessing the design and operating effectiveness of ELCs and soft controls. We cover methods and alternatives to measuring and assessing ELCs and soft controls.
Information within this course comes from readily available public domain documents and is utilized by the trainer as a supplement for relaying the course content.
Note: The concepts outlined in this course are up to date and relevant in regards to the Sarbanes-Oxley legislation. Although there have not been any changes in the legislative concepts of the law since it’s release in 2002, some aspects of executing the work have evolved. This speaker is preparing a series of courses titled “Sarbanes-Oxley 20 years later”. Those courses can be found individually on the platform and would be beneficial for anyone involved with compliance.
NOTE: The Instructor has created 5 new segments on Sarbanes-Oxley Update - 20 Years Later:
Sarbanes-Oxley Update - 20 Years Later: Accounting Risk Assessment Considerations
Sarbanes-Oxley Update - 20 Years Later: Sourcing Emerging Risks Part 1
Sarbanes-Oxley Update - 20 Years Later: Evaluating Testing Processes
Sarbanes-Oxley Update - 20 Years Later: Sourcing Emerging Risks Part 2
Sarbanes-Oxley Update - 20 Years Later: Examining Fraud Risks
Learning Objectives
- Explore Hard vs. Soft entity level controls (ELCs)
- Recognize challenges of evaluating soft controls
- Explore Methods for assessing soft controls and determining effectiveness
- Committee of Sponsoring Organizations (COSO)
- Maturity Model
- Cause and effect analysis
- Questionnaires and surveys
- Discover how to link soft controls to COSO principles and financial statement assertions
Last updated/reviewed: March 12, 2024
Included In Certifications
This course is included in the following Certification Programs:
16 CoursesSarbanes-Oxley (SOX) Certification
- Sarbanes Oxley Overview
- SOX: Authoritative Bodies
- Sarbanes-Oxley (SOX) Standards - Evolution
- Information Technology General Controls Primer
- COSO 2013 Overview
- Sarbanes-Oxley (SOX) Section 404
- Sarbanes-Oxley Section 302: ICFR
- Sarbanes-Oxley (SOX) And Fraud Sections
- Sarbanes-Oxley (SOX) - Top Down Risk Assessment Part 1
- Sarbanes-Oxley (SOX) - Top Down Risk Assessment Part 2
- Sarbanes-Oxley (SOX) - Entity Level Controls
- Sarbanes-Oxley (SOX) Identifying and Documenting Controls
- Sarbanes-Oxley (SOX) Testing
- Sarbanes-Oxley (SOX) - Assessing Data Impact
- XBRL - Connection to SOX 302/404 and Critical Roles
- Tools For Sarbanes-Oxley Compliance
81 Reviews (299 ratings)
Reviews
Brenda Dugan
(Financial Controls Compliance Manager at United Community Bank)
This module is an excellent investment for beginners and seasoned individuals!
Lynn provides a well organized and detailed training module for entity level controls (ELCs). She compares the latter with soft controls and utlizes several models, including COSO, to assist individuals with identifying, assessing and documenting ELCs.
Anonymous
(SVP Accounting and Internal Control)
Useful techniques were provided to evaluate the soft controls. Understanding the Control Environment for SOX 404 is a value-add that can be applied in operational audits. It's an important body of information that should be kept fresh throughout the year.
Christine Matthes
(- at None)
This course provides excellent insight with respect to soft controls - what they are, how to identify them, and various testing alternatives. The information was relevant to the current environment and was well presented.
Alexandre MAYER
(Internal Control Officer at N/A)
Happy to have a course on ELC and to be exposed to the maturity model. The lecturer is very knowledgeable and can convey the main concepts in a clear fashion. I recommend this course for auditors and internal controllers.
Anonymous
(Internal Control Expert)
It was very well structured, well-paced and easy to follow training course. Structuring the course in segments as well as offering a continuous play option is perfect for any learning style. The examples given were good.
Anonymous
(Lead IT Auditor)
This gave a very good definition of Entity Level and Soft Controls. It discussed the difficulty in evaluating soft controls and suggested several possible methodologies to do so, and the pros and cons of each.
Jennifer Carmichael
(EVP Chief Internal Audit Officer at Berkshire Bank)
Excellent description of soft vs. hard controls and the importance of having various skills to assess soft controls. The examples provided in the course were good for the subject audience as well.
Anonymous
(Contractor)
I appreciate the effort and resources spent to explain ELC. They are often relegated as easy to determine but due to their subjectivity, they prove to be more difficult than control activities.
Daiane Cavalcante
(Jr Manager Accountant at Hookipa Pharma Inc)
Course very good, presented used great examples and make it easier to understand the difference etween soft and hard controls as well as the possible ways of evaluating soft controls
Anonymous
(NFR Specialist III)
This course is a very good material for beginners, but also experienced professionals. It is clearly and accessibly structured with key points brought to attention of the students.
Anonymous
(Controls Specialist)
Entity level controls are always a challenge in any organisations and Lynn has done a fantastic job in ensuring audience of any level of experience and position can understand it.
Anonymous
(Internal Audit Manager)
Very good source in this area. This is an area I have not critically visited in some time but after this course I feel much better prepared to critically think through this.
Cory Goodman
(Internal Auditor - Finance at Republic Finance)
Course content was presented clearly. Slides productively contributed to understanding of the material. Instructor is knowledgeable and provides personal experience examples.
Anonymous
(Manager SOX & Accounting)
Not one of my favorite courses in the series but necessary to understand the entire concepts. Course is easy to understand with examples provided to enhance the learning.
Anonymous
(Internal Auditor)
This was a very interesting course on some topics that were new to me. I enjoyed how the course flowed and the approach of going through the models comparison slides.
Anonymous
(Director)
The course provides a very good discussion of soft controls. The speaker is very knowledgeable. The topics are well organized and the examples are helpful.
Maurine Dyer
(Sole Proprietor at MDyer Information Management)
A well designed course giving an understanding of various considerations for Entity Level and Soft Controls. I felt that I got value out of this course.
Anonymous
(Analyst)
I was surprised how subjective ELCs can be. I realized there would be some judgment but it's highly subjective and requires a lot of skill to do it well.
Anonymous
(Internal Auditor)
This course provides great overview with respect to soft controls, different models that can be applied for the effective evaluation of soft controls.
Multimer Cayabyab
(Sr. Analyst at LCL)
It provides a good information about Hard and Soft controls and how they applies. Important board oversight, structures and accountabilities.
Anonymous
(Consultant)
This course discusses how to evaluate ELC's using different models. I really liked the maturity model approach as far as documentation.
Anonymous
(SFA)
Another great course from Lynn. I would like to see more examples. The material is a little dry but right to the point. Thank you.
Anonymous
(Senior Internal Auditor)
Excellent topic. Integrity is really important in the organizations and its measurement is vital to evaluate the company status.
Anonymous
(Senior Auditor)
This was a good overview of SOX Entity Level Controls assessment. Course content were clear, well explained, and to the point.
Jocelyn Akbarzadeh
(Auditor at Yahoo Inc.)
Training was very informative and clear. It was easy to understand and the test and exam was directly related to the training.
Anonymous
(IT Advisory Snr. Associate)
This is a refreshing and interesting course. Nothing surprised me. Everyone will learn one or two things from this training.
Abu Shaikh Siddique
(Senior Internal Auditor at Nokia)
SOX Entry level Controls were detailed in nature. Maturity model can assist a lot which is meaningful and informative.
ERIC ABAIDOO
( at Tullow Oil)
I liked the MLA because it is a new area I did not know before.The stages are relatable to organizations growth cycle
Jon McGinnis
(Internal Audit Director at One Call)
I liked that the class provided suggestions for approaches such as the maturity model, cause and effect, and surveys.
Anonymous
(N/A)
This was a good course, but one the concepts came a littler more difficulty than others. Will revisit down the road.
Anonymous
(Consultant - Process Specialist)
This is a great course for those new to SOX concepts, or for those who have forgotten what they learned in college.
Christopher Hole
(Director of Internal Audit at Roseburg Forest Products)
Nice overview of the nature of entity level controls and three frameworks that can be used to evaluate them.
Anonymous
(Senior IT Auditor)
This course was exciting going through. I gained a lot of insight which will prove quite valuable on the job
Anonymous
(SOX process manager)
This is an excellent session demonstrating some practical tools and techniques of assessing soft controls.
Anonymous auditor
(Internal Auditor at SGSC)
Great course to facilitate online learning. I learned a lot of information that is otherwise unavailable.
Anonymous
(Audit Manager)
It was a pretty broad overview but the examples of assessing the environment were concise and in depth.
Anonymous
(Internal controls manager)
This was a good course about the assessment of desing of soft controls and entity level controls.
Michael Rogers
(Internal Auditor at Assurant)
Very good outline of controls that are not as clear cut as other controls that are more prescriptive
Mariem Issler
(Director Internal Control, Processes and.. at Thales)
Interesting course that provides example and methodology to evaluate entity level and soft controls
Anonymous
(Audit Director)
Another good course. Appreciated the insight into how soft controls can be difficult to evaluate.
Anonymous
()
This one was very interesting. This come up with matter that may be helpful when facing ELC testing
Anonymous
(CPA)
This course was excellent and provided important information that I will utilize in the future.
Anonymous
(Accountant)
This is a broad subject and yes, subjective. The webinar provided some new tools for testing.
Anonymous
(SOX Senior Auditor)
Great information on the importance of soft controls and the challenges of evaluating them.
Anonymous
()
this course helped me better understand entity level controls and how to assess them.
Anonymous
()
This is a very interesting course on entity level controls presented in a clear manner.
Joy Franklin
(Auditor at Assurant)
This is a good assessment of soft controls by making the comparison of hard controls.
Anonymous
(Director)
Another good course. Some of the exam questions are oddly worded. Read them carefully.
Jennifer Pawliw
(Staff Auditor 1 at Berkshire Bank)
Excellenct course on Soft Controls. Very detailed, useful and helpful information.
Aline Cristina Correa
( at Disney)
Good module, well explained and perfect examples that we can apply in our companies.
Carlos Rafael Paes Felix
(Manager at EY)
Very detailed material about ELC's. Important to clarify and fix the main concepts
Anonymous
(SOX Reporting Manager)
Interesting topic - something people fail to think about in great detail sometimes
Shreeya Srivastava
(IS/IT Internal Auditor at Nokia)
Very well-designed course and provide learner a brief learning about these topics.
Anonymous
(Treasury Manager)
Excellent explanation of Soft Controls and how to evaluate, review and implement.
Anonymous
(Accounts Associate)
It was good training and Informative.
Thank you for the session and guidance.
Waqar Ali Shah
( at LRH)
A great course on evaluating ELCs and different approaches adopted in doing so
Anonymous
()
Great discussion on soft controls and how it can affect an organization's ELC
Anonymous
(Manager)
Great course for understanding and auditing entity level and soft controls.
Tunde Vágó
(Internal Control Manager at Nokia)
Soft controls - the best summary of the topic I have ever seen. Thank you.
Anonymous
(Reinsurance Accounting Manager)
Great course that presents different techniques to evaluate soft controls.
Anonymous
(Internal Audit Associate)
Please reveal the answers to the questions wrong after passing the exam!!
Anonymous
(Manager)
organized and detailed information.
organized and detailed information.
Anonymous
(Senior Internal Auditor)
Excellent and well-structured course. Clear and concise, great knowledge
Paulo Sitoe
(Internal Auditor at Nokia)
Great techniques in how to eveualate soft controls which arent tangible
Sarah Nikas
(Finance Controls and Compliance Lead at Cargill)
Good information around the maturity models and hard vs soft controls.
Tanay Srivastava
(Sr IT/IS Auditior at Nokia)
Very good course, Its good to have a one presentation rather than many
Anonymous
()
Great course review for SOX Entitly Level Controls. Well presented.
Anonymous
(Business Compliance Manager)
Learnt Objectives, Effective, Sufficient info, Achieved the purpose
Eduardo Sola
(Finance Director at Clear Blue Insurance Group)
Very good course to get an understanding of entity levels controls
Anonymous
(Staff Operations Auditor)
This was an excellent course on Entity Level and Soft Controls.
Anonymous
(Project Manager)
This was a good course. I have a soft spot for soft controls
Anonymous
()
Great Course of Sarbanes - Oxley (SOX) Entity Level Controls.
Anonymous
(Specialist SOX Compliance)
Good to point out these specialities regarding soft controls!
Anonymous
(Head of Internal Audit)
crucial topic, though usually left without proper attention.
Mirwais Nazar Mohammad
(Senior Manager Finance at Ivanhoe Electric Corp.)
The examples provided are helpful to understand the concept.
Anonymous
(Manager)
I have completed the course and have no further comments.
Anonymous
(Internal Auditor)
The content is very relatable and easy to understand.
Brandon Devlin
( at ATS Automation)
Informative - much much available to comment on this
Anonymous
(Internal Auditor)
Good course on a tough topic - with good examples.
Kevin Barnes
(- at Next Level Solar)
Great presentation of course material
James Gately
(CPA at Self-employed)
Great Presentation
Prerequisites
Course Complexity: Intermediate
No Advanced Preparation or Prerequisites are needed for this course.
Education Provider Information
Company:
Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA
95113
Contact:
For more information regarding this course, including complaint and
cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to
.
Lynn FountainCPA, CGMA, CRMA, MBA, cPIA, Consultant, Author, Trainer
About Illumeo
Platform
Resources
Contact Us
- Email: info@illumeo.com
- Phone: 408-400-3993
- Adress: 1608 W Campbell
- Av #221, Campbell, CA 95008
© 2024 Illumeo, Inc.