What is included in the internal control report required by Section 404 of the Sarbanes-Oxley Act?

The internal control report required by Section 404 of the Sarbanes-Oxley Act must include a statement identifying the framework for testing Internal Control Over Financial Reporting (ICOFR). This is important because the framework provides the guidelines against which the company’s internal controls are assessed. It establishes a benchmark for evaluating the effectiveness of these controls, ensuring that they are designed and operating effectively to prevent financial misstatements and fraud.

Section 404 emphasizes accountability and transparency in financial reporting, which is why it is essential for organizations to disclose the methodologies used in their assessments. This includes references to recognized frameworks, such as those provided by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) or other accepted standards, which guide how controls should be implemented and evaluated.

In contrast, the other options do not pertain to internal control over financial reporting or compliance with the Sarbanes-Oxley Act. Marketing strategies, price comparisons, and employee performance reviews do not relate to the assessment or operation of internal controls designed to safeguard financial processes and reports. Hence, the correct inclusion in the internal control report is the identification of the framework used for testing ICOFR.