Although the Sarbanes Oxley Act of 2002 (SOX) is a legislation in the United States, it has implications for companies outside the U.S. as well. Compliance with the act can present significant challenges.
SOX covers various aspects of company management and governance and is applicable to:
- All publicly held American companies.
- Any international companies that have registered equity or debt securities with the U.S. Securities and Exchange Commission (SEC).
- Any accounting firm or other third party that provides financial services to either of the above.
Organisations needs to understand which sections of the Act have clear implications for data management, reporting, and security to adhere to SOX compliance in respect of assessing the effectiveness of the organisation’s internal controls and procedures for financial reporting.
How we can help
RSM can assist your organisation to meet the compliance requirements and help you create a comprehensive project plan to address the complexities of the Act. We use an innovative and proactive approach, leveraging models that enable you to properly focus on gaining the necessary efficiencies and effectiveness in the SOX program.
Our service offering includes:
- Assessment of control environment
- Assistance in the evaluation and remediation of controls
- Compliance testing and reporting
- Perform control reviews of service organisations: ISAE 3402 reviews
- Prepare a cost-effective, tailored s404 compliance program
- Create clear links between risks and management decisions within an ‘internal controls over financial reporting risks’ framework
- Reduce the documentation and testing burden
- Identify and execute year-on-year compliance with s404 compliance