The implementation of SOX (as well as the Japanese J-SOX) requirements can be divided into several areas:

• gap analysis of the compliance of current processes with SOX requirements and identification of gaps in controls;

• enhancement of the internal control system to more restrictive requirements and a new philosophy;

• annual tests of key reports and application controls (mandatory);

• annual verification of the operation of the internal control system by the internal audit function (mandatory);

• external SOX audit (mandatory).

Auditance can help in each of these areas.

We also offer the outsourcing of internal audit functions for mandatory SOX control testing.

In recent years, a hot topic for units subject to SOX has been ensuring adequate control over information produced by entity (IPE) and IT application controls (ITAC). Due to the fact that it is an area on the border between business and IT, responsibilities and requirements are unclear for both parties.

We offer assistance in identifying and testing reports and application controls in a standard that allows their use by external auditors, and thus eliminating audit issues and lowering the costs of external audit.

We put excellent communication and friendly cooperation in the first place. We invite you to a free consultation at which we will be able to get to know your needs and introduce ourselves, explain all SOX related issues regarding your company and how you can benefit from our experience. 

Our team has experience in implementing SOX standards in EMEA for American companies, leaders in their industries, as well as many years of experience in SOX control tests as the part of the internal audit function. Therefore, if your company is faced with the task of implementing these requirements, we suggest using our services in any scope:  

• cooperation with the corporate SOX compliance unit;

• identifying key areas of financial reporting;

• risk assessment of processes related to financial reporting;

• analysis of the compliance of the current processes with SOX requirements and identification of gaps in controls (gap analysis);

• recommendation of optimal solutions;

• designing processes that meet SOX requirements and your company needs at the same time;

• preparation of documentation in accordance with SOX standards, including descriptions of controls and process flowcharts;

• identification and tests of key reports (IPE), tools and application controls;

• verification of proper segregation of duties;

• effective communication with the internal and external auditor;

• training for employees.