Turning Challenges Into Opportunities

Public companies are required by law to comply with the Sarbanes-Oxley Act Of 2002, a regulatory requirement that creates additional responsibility for public company management, external auditors and boards of directors. Sarbanes-Oxley provides specific guidance on the creation and maintenance of internal controls over financial reporting.

Establishing a SOX compliance program requires planning and scoping. If your company is planning an IPO or has recently gone public, our experts will create and guide you through a risk-based approach, laying the foundation for successful and sustainable SOX compliance. Areas of expert assistance include:

  • Planning and scoping
    • Draft SOX charter, governance structure, and reporting timeline
    • Perform and document risk assessment and scoping
    • Conduct resource planning
    • Coordinate all SOX program activities including alignment with external auditors
    • Prepare executive and program status reporting
  • Business process documentation & internal control gap assessment
    • Facilitate meetings with key owners to understand current processes and internal controls
    • When possible, leverage existing process and internal controls documentation
    • Gather example control documentation to support key controls identified
    • Remediate control gaps
  • Operating effectiveness testing
    • Develop test plans for all key controls
    • Facilitate requests for population and selection of samples for testing
    • Preform testing for operating effectiveness of key controls
    • Identify control operating effectiveness gaps and provide remediation recommendations
  • Management reporting
    • Conduct quality review of SOX testing working papers
    • Facilitate management’s evaluation and assessment of un-remediated control deficiencies at year-end on the financial statements (individual and in the aggregate)
    • Prepare SOX compliance conclusion memo including mitigating controls and explanations as to severity
  • Remediation
    • Develop a detailed, prioritized remediation plan for each control and system and confirm remediation plan with control owners
    • Assist management to enhance or implement controls to remediate deficiencies identified in the gap assessment report

Let’s Work Together

We are experienced, engaged professionals that are highly energetic and motivated to work in challenging, high stakes environments.

Why MorganFranklin

We help companies build and maintain a strong risk management foundation tailored to their needs. Our risk-based approach to Sarbanes-Oxley Readiness and Compliance Services results in smart controls and an efficient internal control environment, enabling companies to focus on the activities that are most impactful to achieving their strategic goals.