The Sarbanes-Oxley Act of 2002 (SOX) changed the business world by
formalizing management's responsibility for internal controls. This
increased accountability requires documentation and testing of the processes
and controls that support external financial reporting.
At its core, SOX is nothing more than a call to a strong control
environment; hence, those organizations that embrace Sarbanes-Oxley can reap
significant business value beyond mandatory compliance with SOX
regulations:
Improved and
more timely business data to support better business decisions
Better
management of resources
Greater
effectiveness and efficiencies of operations
Enhanced
reputation for leadership and investor confidence
Our Sarbanes-Oxley Services are sufficiently structured to ensure that we
address the most critical compliance issues, yet flexible enough to be
tailored to specific organizational needs:
Define an
appropriate scope - Minimally, the scope for an engagement can
include Section 302 & 404 compliance; optimally, it can include
encompassing other regulatory compliance and business impacting issues.
In addition, Capability Maturity Modeling can be used to provide a means
of quantifying the current control environment and documenting future
improvements
Validate
Buy-in - The full commitment of key management (Board, CEO / CFO / CIO)
is essential. The "tone at the top" is one of the ingle most critical
elements of a control environment
Identify
Control Deficiencies - Control procedures are reviewed and tested
and deficiencies are identified according to specific financial
reporting and disclosure risks or to a broader Risk Assessment
approach
Remediate
& Document Controls - Control deficiencies are addressed and the
resultant control environment is appropriately documented
Monitor - Establish procedures for
ongoing monitoring of internal controls
