Cost Advisors Logo
HomeServicesNewsAboutContact


Services
>
 SOX
 
Recovery Audit
 
Fraud
 
Internal Audit

 


SOX

Click here to view related downloads (or scroll to bottom of page)

SOX Framework

Introduced in 2002, the Sarbanes-Oxley Act (SOX) increased workloads, raised expenses and shifted priorities for public companies. The SEC and the Public Company Accounting Oversight Board have provided SOX guidance to public companies since early 2003.  Since then, many public companies have found more efficient ways to manage SOX-compliance work. Yet, most have not had the resources to leverage the strategic benefits that SOX can deliver.

At Cost Advisors, we have been providing co-sourcing and full outsourcing SOX services to a broad range of businesses since 2003. We help our clients with everything from documentation and project management to testing and training. Our goal is to transform SOX compliance into a real business advantage.

Achieving balance
Your company may find it easier to meet SOX requirements today than in 2003. However, it may be harder to meet stakeholder demands. These days, shareholders and executive management expect SOX activities to do more than prevent costly financial misstatements and restatements. They want SOX to add value to the business.

If managed properly, SOX processes can help:

  • Improve business practices
  • Reduce costs
  • Prevent or detect fraud
  • Minimize risks of financial misstatement
  • Improve business strategy and decision-making

Despite the potential benefits, many companies don’t have the right tools, talent or company culture to move forward. According to a 2007 study by the Economist Intelligence Unit, there are several barriers that prevent businesses from streamlining their SOX-compliance processes, including:

  • Limited appreciation of risk management
  • Shortage of people who can make process changes
  • Poor understanding of broader business issues
  • Lack of senior management support for controls or process improvement
  • Ineffective accounting systems and/or monitoring tools
  • Lack of employee skills or training

By balancing SOX compliance with controls that are targeted at improving business practices, stakeholders can manage and mitigate the risks they take with more confidence.

How we can help
Before we can help you transform your SOX-compliance process, we will need to assess your company’s readiness. To start, we ask you to consider the following questions:

  • Is your SOX-compliance work delivering value beyond mere compliance?
  • Could you reduce costs by making your SOX work more efficient?
  • Have you identified and implemented the necessary key controls?
  • Have you streamlined your controls according to the most recent SEC guidelines?
  • Is your risk assessment current? (e.g., considering geographic expansion, mergers/acquisitions, divestitures, new lines of business, financial market volatility)

Whether your company is preparing to go public, is a non-accelerated filer or has mastered SOX compliance, we can tailor our services to your situation. Two of our most successful methods are controls transformation and continuous auditing/monitoring:

CONTROLS TRANSFORMATION: Our controls transformation process centers around building the most effective and efficient controls to address your financial reporting risks. We will help you balance compliance with process improvement and cost reduction. To do this, we will make sure you have the right level of controls in place to avoid duplication and unnecessary effort. By automating your controls, we can help you lower costs, improve risk management and gain better business intelligence.

CONTINUOUS AUDITING/MONITORING: Business intelligence is vital to all levels of corporate performance and decision-making. Stakeholders require specific and instant data on customers, employees, products, suppliers and partners. Through continuous auditing and monitoring, management can view transactions and results right after they have been processed.

We can assist with mining tools that will analyze large volumes of data and generate exception reports on a scheduled or ad hoc basis. These reports identify errors promptly, which eliminates the need to wait for sporadic SOX testing.

Both of these methods require the right mix of skills and resources. That’s where our co-sourcing services can help. Our staff of SOX experts can help your auditing team implement and transform your data analysis.

Additional services
In addition to controls transformation, continuous auditing and monitoring services, we offer a full range of SOX-compliance services. Here is a list of what we can do:

GOVERNANCE:

  • Optimize the design of entity-level controls
  • Enhance tone at the top
  • Train the Audit Committee
  • Improve SOX Steering Committee project management

ASSESSMENT:

  • Implement a top-down, risk-based approach
  • Develop or enhance process flowcharts or narratives
  • Identify and evaluate relevant risks
  • Standardize and centralize strategic controls
  • Analyze segregation of duties

PREVENTION:

  • Train employees
  • Write desk procedures
  • Implement anti-fraud programs and controls
  • Eliminate unnecessary controls or strengthen controls
  • Automate controls

DETECTION:

  • Implement risk-based testing plans
  • Test business process controls
  • Test IT General Controls (ITGC)
  • Evaluate third-party control reports (SAS 70)
  • Manage process-owner control certification
  • Coordinate external audits

CORRECTION:

  • Implement a system to track and evaluate deficiencies
  • Correct deficiencies
  • Provide reporting to management, the Board of Directors and the Audit Committee

Why choose us?

PDF Icon SOX Brochure
SarbOxPro IconSarbOxPro
PDF Icon SOX Illustrated
Flash Icon NAIC Rules for Insurance Companies Presentation
PDF Icon NAIC Rules for Insurance Companies Presentation
© 2009 Cost Advisors, Inc. All rights reserved.