The Sarbanes-Oxley, nicknamed Sarbox or just SOX is a law that exists since 2002 in the United States. It contains a number of provisions that impose obligations on public corporations designed to ensure transparency of operations and accountability. These provisions are designed to address specific business processes and ensure that auditable records are retained.
The core of SOX is its requirement that all financial processes are managed according to a stringent set of rules and regulations, supported by accurate reporting capabilities. This management and recording of controls can become a very time consuming and expensive project without a solution to streamline and automate these processes.
-
Policies and procedures
-
Control activities
-
Risk monitoring
-
Audit activities
Main Benefits
A more engaged control environment – with active participation by the board, the audit committee and management.
More thoughtful analysis of monitoring controls, along with recognition that monitoring is an integral part of the control process.
More structure year-end closing process and recording of journal entries Thus recognizing the extent to which theses areas have increased in complexity.
Implementation of anti-fraud activities with defined processes in place, including responsibility for follow-up by defined parties and resolution approaches.
Better understanding of the risks associated with general controls, and the need to improve both control and audit procedures to gain assurances that the risks are mitigated.
Improved documentation of controls and control processes that can serve as the basis for training practical day-to-day guidance and management evaluation.
Improved definition of controls and the relationship of controls and risk across the organization.
Control parameters becoming embedded into the organization with a broader understanding by operating personnel and management of their responsibility for controls.
Reduced compliance costs by streamlining and automating control testing and remediation.
Enabling auditors to focus on testing and oversight.
Comprehensive and real-time visibility into the status of SOX compliance.
Know some success stories
Featured Resources
Ebook
6 Key Tools for GRC Excellence
Read this eBook to find out which are the key tools for achieving GRC excellence.
Webinar
Incident vs. Problem: How to differentiate and manage it
The difference between incidents and problems as well as the steps of proactively identifying and managing them.
White Paper
Best practices in risk-based internal auditing
The current best practices in Risk-Based Internal Auditing, or simply Internal Auditing.