Sarbanes-Oxley Compliance Audits

The Sarbanes-Oxley Act of 2002 (SOX) is legislation passed by the U.S. Congress to protect shareholders from accounting errors and fraudulent practices. SOX include the following key Sections:

  • Section 302 - Corporate Responsibility for Financial Reports
  • Section303 - Improper influence on conduct of audits
  • Section 401 - Disclosures in Periodic Reports
  • Section 404 - Management Assessment of Internal Controls
  • Section 409- Real Time Issuer Disclosures
  • Section 802- Criminal penalties for Altering Documents
  • Section 906 - Criminal penalties for CEO/CFO financial statement certification
  • Section 1107 - Criminal penalties for retaliation against whistleblowers

Sarbanes-Oxley impacts public companies, privately held companies raising capital in the public sector, and companies in the process of going public. Section 404 of the Sarbanes-Oxley Act is particularly challenging to companies due to its many requirements with respect to internal controls over financial reporting.

Schneider Downs specializes in the implementation and ongoing support of SOX programs that align with the Security Exchange Commission (SEC) and Public Company Accounting Oversight Board (PCAOB) standards and guidance. We apply a risk-based, top-down approach that drives both efficiency and effectiveness into the program.

Detailed Approach to SOX Compliance

Schneider Downs’ dedicated IT, financial, and operational audit professionals have experience working with a wide variety of industries of all sizes. We partner with you to assist your company in implementing and maintaining a comprehensive SOX program.

Our SOX approach includes evaluating the design and testing the operating effectiveness of controls.

During our review of the design of the controls, we will take a top-down, risk-based approach to ensure that your organization has identified the significant risks to material misstatement and has put in place the proper key controls to adequately mitigate these risks. We will work collaboratively with management to ensure that the key SOX controls identified are adequate for this objective. Once we are certain that we have identified the adequate key controls, we will then work with management and perform walkthroughs of these key controls. We will document tests of one and work to understand the processes that management has put in place to mitigate the noted risks.

After we have gained sufficient understanding of the design of the key SOX controls, we will work with management to plan and execute our tests of operating effectiveness for the key SOX controls. Our testing will be designed to be comprehensive in nature, and we will select sample sizes as appropriate based on the frequency of the controls in place. We will work collaboratively with management to obtain the evidence necessary to form our opinions and conclusions surrounding the operating effectiveness of the key controls.

Our testing will conclude with a report that we will generate for management that outlines the results of our testing the design and operating effectiveness, along with recommendations to improve the control structure.

case studies

 
big problem:
A not-for-profit client out of 401(k) compliance.
big thinking:
Allowing more contributions by highly paid employees.
 
big problem:
Hackers attempting a six-figure wire transfer.
big thinking:
Rapid action spearheaded active containment and response.

our thoughts on

National Flood Insurance Program Extension

As I watched the pounding rain from my window for the third straight day, I could only imagine the damage this unpredictable spring weather was inflicting

read more >

When to Buy New Electronics? Now!

Every day we use products bearing the label “Made in China”, a mark that has become synonymous with the affordable mass production of countless

read more >

Continued Compliance with CAISO SQMD Requirements in Non-Reporting Years

Is your utility company ensuring continued compliance with the CAISO SQMD requirements during non-reporting years? With the California Independent System

read more >

Bill S. 1564 Calls for Delay of CECL Implementation Until a Quantitative Economic Impact Study is Completed

The Financial Accounting Standards Board (FASB) issued a new expected credit loss accounting standard in June 2016. This new standard introduces the current

read more >

Artificial Intelligence in Higher Education

Before you finish typing a key word in the search bar, it may appear as if your thoughts have been predicted. Artificial intelligence (AI) and machine

read more >

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office
Pittsburgh

One PPG Place, Suite 1700
Pittsburgh, PA 15222

contactsd@schneiderdowns.com
p:412.261.3644     f:412.261.4876

Map of Columbus Office
Columbus

65 East State Street, Suite 2000
Columbus, OH 43215

contactsd@schneiderdowns.com
p:614.621.4060     f:614.621.4062