SOX 404B Advisory
After a number of delays over the past three years, non-accelerated filers are now facing the prospect of having to fully comply with Section 404 of the Sarbanes-Oxley Act of 2002 (SOX) that will now require that external auditors review management’s assessment of their internal controls, complete their own assessment and report on the results.
SMCI is ready to help with implementation and testing services. Our step-by-step approach will help you achieve a successful implementation, including
- Implementing of a top-down, risk based approach
Our risk-based framework follows COSO’s Guidance on Monitoring Internal Control Systems. By using the right balance of information and monitoring, a company can watch a process or specific risk more effectively, and reduce the need for add-on testing.
- Getting the most out of your controls
We will help you identify the most effective and efficient controls to address risk. Automated controls are often more effective since they are not prone to human error and more efficient as they result in smaller samples to be tested. We focus on direct and precise entity-level controls that can directly prevent or detect misstatements.
-. Focusing on financial reporting risk
We will focus solely on the primary task of SOX which is reducing the risk of a material misstatement in the financial statements and disclosures. You can consider operations and other areas in future years.
- Getting all relevant parties involved in order to save time and money
You must have the commitment and support of the CEO, CFO, and Audit Committee. Without this support, compliance with SOX will be more difficult and more costly. While they cannot advise you regarding your internal controls, your external auditor can provide some counsel on how to design your evaluations of your controls so that they can maximize reliance on your work and reduce overall costs..
-. Integrating fraud considerations into your assessment of internal controls
This is a requirement of SOX that is often overlooked.
- Planning to address deficiencies
If you are like most companies, it is likely that you will identify significant deficiencies and possibly even a material weakness the first pass through. It will be critical that you have a plan to prioritize and remediate deficiencies quickly and we stand ready to assist you in this important task.
Now is the time to begin planning for SOX compliance. By getting started now, most companies can save time and money while realizing more reliable results. The process won’t be painless but by putting to good use our framework and experiences, the process can be managed effectively.
SMCI is ready to help with implementation and testing services. Our step-by-step approach will help you achieve a successful implementation, including
- Implementing of a top-down, risk based approach
Our risk-based framework follows COSO’s Guidance on Monitoring Internal Control Systems. By using the right balance of information and monitoring, a company can watch a process or specific risk more effectively, and reduce the need for add-on testing.
- Getting the most out of your controls
We will help you identify the most effective and efficient controls to address risk. Automated controls are often more effective since they are not prone to human error and more efficient as they result in smaller samples to be tested. We focus on direct and precise entity-level controls that can directly prevent or detect misstatements.
-. Focusing on financial reporting risk
We will focus solely on the primary task of SOX which is reducing the risk of a material misstatement in the financial statements and disclosures. You can consider operations and other areas in future years.
- Getting all relevant parties involved in order to save time and money
You must have the commitment and support of the CEO, CFO, and Audit Committee. Without this support, compliance with SOX will be more difficult and more costly. While they cannot advise you regarding your internal controls, your external auditor can provide some counsel on how to design your evaluations of your controls so that they can maximize reliance on your work and reduce overall costs..
-. Integrating fraud considerations into your assessment of internal controls
This is a requirement of SOX that is often overlooked.
- Planning to address deficiencies
If you are like most companies, it is likely that you will identify significant deficiencies and possibly even a material weakness the first pass through. It will be critical that you have a plan to prioritize and remediate deficiencies quickly and we stand ready to assist you in this important task.
Now is the time to begin planning for SOX compliance. By getting started now, most companies can save time and money while realizing more reliable results. The process won’t be painless but by putting to good use our framework and experiences, the process can be managed effectively.