Streamlined Sox Compliance
Changes in the corporate structure via mergers, acquisitions, divestitures, and IPOs will often impact Sarbanes-Oxley compliance requirements, forcing executives to evaluate their compliance program.
Leading these organizations through the evolving Sarbanes-Oxley Compliance (SOX) process is part of our core consulting practice. Our consulting teams have worked with the SOX compliance requirements since the Act’s inception in 2002 and have guided our clients through the ever-changing compliance landscape.
The unique combination of our experience and our methodology allows corporations to achieve compliance goals cost-effectively while adapting to structural changes.
“Our SOX auditors have years of audit and management experience, and backgrounds in audit, accounting, and financial reporting. When you work with us, we bring you deep understanding of engagement management, project management, business process improvement, and risk management—so your business can move forward with certainty.”
Sargon Youmara
Partner – Sikich Governance, Risk and Compliance
Proprietary SOX Methodology
Our proprietary SOX compliance methodology was designed specifically for organizations facing change. Our methodology is a top-down, risk-based approach that meets SOX Section 404 requirements. It streamlines compliance efforts, utilizes the COSO Framework, and is consistent with standards established by the PCAOB.
- Risk Assessment
- Entity Level Review
- Control Document
- Control Testing
- Company Assessment
Internal Control Testing
Organizations subject to the reporting requirements of the SEC are required to include a report on the company’s internal control over financial reporting in their 10-K. In order to obtain reasonable assurance regarding the operating effectiveness of controls, key controls must be tested to validate their design and operating effectiveness.
Our Sox Consultants will test operating effectiveness of your controls. This includes:
Develop Testing Plans
Testing Procedures
Documenting Test Procedures
Identification and Evaluation of Control Deficiencies
Year-end Follow-up
Roll-forward Testing
SOX ITGC
Testing
In today’s world, every business is a technology business. We’ll help you define key controls and compliance metrics as they apply to IT. Typical SOX ITGC testing includes:
- Logical access controls over infrastructure, applications and data
- System development life cycle (SDLC) controls
- Program change management controls
- Data center physical security controls
- System and data backup and recovery controls
- Computer operation controls
- Segregation of duties
Internal Control Consulting
When internal controls in either financial reporting or information technology have failed testing and are deemed as deficient, knowing what to do next can be overwhelming. When you’ve made the the decision to remediate the deficiency, we can work as your trusted advisor to create and implement effective internal controls that will protect the integrity of your financial statements.
International
SOX
Foreign SOX requirements like J-SOX and K-SOX might apply to your business. We can provide audit staff in select local countries who understand local SOX requirements, language, and business culture. If you’re a foreign-listed company with operations in the US, we can help you complete US SOX Compliance.
Ready to Get Started?
We help organizations design and implement innovative strategies that are streamlined, efficient, and cost-effective. Let’s discuss how we can help you and your organization.