From: Daniel Shook [d.shook@worldnet.att.net]
Sent: Sunday, February 16, 2003 12:02 PM
To: rule-comments@sec.gov
Subject: S7-02-03, Standards Related to Listed Company Audit Committees

I urge the Commission to include a requirement within this rule that audit
committees be directly responsible for the appointment, compensation,
retention, and oversight of an issuer's internal auditor.

This reporting relationship is essential to ensure that the internal auditor
is sufficiently independent to be able to bring corporate "miss-governance,"
such as we have seen in the media and that rocked the stock markets, to the
attention of the appropriate parties.  Only at WorldCom was the internal
auditor strong enough to have the ability to identify such malfeasance and
the fortitude to bring to the attention of the audit committee.  It is
unreasonable to expect an internal auditor to have such courage without the
protection of a direct reporting relationship to the audit committee.

The internal auditor's primary emphasis should be on serving the audit
committee and the board of directors, as surrogates for the owners of the
business, the investing public.  Service to management should be a secondary
role for the internal auditor.  These two roles should be complementary,
such that there is never a need to distinguish primary and secondary roles.
However, as has been the case in too many instances over the past two years,
these roles can come into conflict with each other.  If this conflict does
occur, it is essential that the internal auditor have direct responsibility
and accountability to the audit committee.

The new rules go to great lengths to provide for independence of the public
accountant and define the audit committee's responsibility for insuring that
independence.  However, the audit committee, and the investors, need more
assurance of sound corporate governance than can be cost-effectively
provided by the independent public accountant (IPA) alone.  In fact, given
the list of prohibited non-audit services, with which I am very much in
agreement; the IPA could not possibly undertake the depth of review
necessary to give equivalent service to the audit committee as provided by
the internal auditor without jeopardizing the IPA's independence.

I am a CPA, a member of the AICPA, and a member of the Institute of Internal
Auditors.  I have over 30 years internal audit experience, including nearly
20 years as the chief audit executive for both public and non-public
companies.  I currently serve as the chief audit executive for a non-public
entity, in which I report directly to the audit committee.  My personal,
professional experiences fully support the need for the internal auditor to
report directly to the audit committee.

Give audit committees the equivalent responsibility for the internal auditor
as you have given them for the IPA.  This is the only way that audit
committees can be confident that they have the strong dual support they need
to carry out their oversight responsibilities.

Daniel S. Shook
Reston, VA  20191
d.shook@worldnet.att.net