After years of pressure, chest-beating and hand-wringing from business, not to mention heat coming from Congress and the Bush administration, the board that polices auditors has finally relaxed its contentious standard for auditing public companies.

The new eased-back standard for Section 404, which the public company Accounting Oversight Board (PCAOB) details here, is more principles-based and less sweeping in how risks are defined. Less focus on black letter law will probably means lower compliance costs.

When Section 404 was introduced, the aim was to force companies into paying more attention to internal controls and getting their external auditors to review them. The new standard however allows companies to focus on what they deem to be the riskiest areas of internal controls and go through various processes to address what they regard as lower-risk areas.

One of the most important changes is that it makes room for tailoring control audits to suit the size of a company. The big focus here is on principles, not checklists.

The PCAOB said: "The auditing standard adopted by the Board today is principles-based. It is designed to increase the likelihood that material weaknesses in internal control will be found before they result in material misstatement of a company's financial statements, and, at the same time, eliminate procedures that are unnecessary. The final standard also focuses the auditor on the procedures necessary to perform a high quality audit that is tailored to the company's facts and circumstances."

This is long-overdue and it's an indictment of a process that allowed politicians to rush through legislation without any proper cost-benefit analysis.

But with all the abuse and campaigning we've seen since Sarbanes-Oxley was introduced, the question is whether the parties are now too entrenched in their positions. And if that's the case, this change might well be deemed as insufficient.