The article “ Sarbanes-Oxley: Impetus for Enterprise Risk Management by Edward Giniat, and Joseph Saporito, suggest that making SOX compliance a part of a larger enterprise risk management program can help not-for-profits to streamline and coordinate their approach to all risk-be it financial, operational, or strategic.
Briefly comment on how this action, if adopted, may impact the auditors internal control letter (management letter) given to the healthcare organizations top management.
Leave A Comment