The Sarbanes-Oxley (SOX) Act of 2002 was signed into law to restore investor confidence, minimize accounting fraud and increase the integrity of data reported to the public. The law requires higher levels of disclosure from corporations, certification of financials by officers of the company, and reviews of controls that drive the accuracy and quality of financial data reported to the markets. Consequences of noncompliance with this legislation include corporate and individual penalties, forfeiture of compensation by officers and civil penalties.
Sify Assure's SOX
Compliance Service provides clients with expert solutions and resources to address these increased responsibilities and new challenges. Our service, currently focuses on two sections of the SOX Act, namely:
Section 404 - Management Assessment of Internal Controls, which requires each
-
Annual report to contain an internal control report assessing and attesting to the effectiveness of the internal control structure and procedures of the company.
-
The dependence on information technology for managing corporate financials means that organizations must evaluate internal controls and security of information systems.
Section 302 - Corporate Responsibility of Financial report, which requires the principal executive officers (such as the CEO and CFO) to certify in each annual or quarterly report
-
That there are no untrue statements,
-
Financial condition is fairly presented,
-
Effective internal controls are designed and maintained to ensure that officers are aware of all material information.
Combining strategy, process and technology, our service comprises a comprehensive portfolio of services customized to support the immediate SOX initiatives and also efficiently sustain SOX processes and gap remediation interventions past the initial cycle of compliance. By merging the compliance efforts with an Enterprise wide Risk Management Program, we help turn the compliance efforts into a competitive weapon.
The services are tailored to suit the specific needs - on an outsource basis; on a co-source basis where we work alongside the internal audit department; or as special projects arise.
The services fall under three broad categories:
| Comply |
Optimize |
Enhance |
Enables the enterprise to address enterprise wide issues to ensure compliance with SOX
Planning and preparing an action plan for Sections 404 and 302 along with activities, resource requirements, timelines and effort estimates. Gap Analysis of the existing Internal control Framework
Business Processes "as is" documentation
Internal Controls "as is" documentation
Control Testing
Implementation of remedial measures
Training
Program Management of Section 404 projects.
|
Enables the enterprise to leverage the process improvements and technology to maximize the efficiency of the remediation initiatives.
Enterprise Resource Planning (ERP) enhancements Identification and monitoring of performance metrics General Computer controls remediation such as IT system security and Controls, Business Continuity planning, etc Selection/implementation of Technology solutions (such as Compliance Management Software, Content Management, Business Performance Management) Enterprise Resource Planning (ERP) enhancements
|
Enables the enterprise to embed compliance activities into the core business processes and leverage the compliance initiatives into a competitive weapon.
|
