Print This Page Print This Page

SOX IT Audits

Sarbanes-Oxley (SOX) regulations affect several aspects of a business, including its IT system. Do you know if your IT system is helping or hindering your compliance efforts? While most corporate business and accounting departments are all too familiar with financial reporting requirements and audit trails, many IT departments are finding themselves in the audit spotlight for the first time. Many are struggling to define what their departments must do to comply and to implement the necessary procedures. The problems are compounded by a lack of qualified IT auditors to address IT departments’ unique needs.

How we can help

As part of our extended SOX-related services, we offer IT consulting services designed specifically to help you comply with SOX regulations. Based on our information systems controls review experience and knowledge of the Sarbanes-Oxley Act, we’ve developed an efficient and effective approach to help you build towards compliance.

Our multi-phased approach is designed to assess and document your company’s internal controls. This approach includes four phases:

  1. Planning
  2. Assess design effectiveness
  3. Assess operating effectiveness
  4. Ongoing monitoring/developing ongoing strategy for compliance

Our risk management methodology utilizes the Committee of Sponsoring Organizations (COSO) of the Treadway Commission guidelines — the standard for internal control. COSO is not only an integral component of our methodology, but is also built into our software tools.

While the importance of IT controls is embedded in the COSO framework, IT management requires more examples to identify, document and evaluate IT controls. We use the widely accepted IT Governance Institute’s Control Objectives for Information and related Technology (CobiT). This is an IT governance model that provides both company-level and activity-level objectives along with associated controls. Using the CobiT framework, a company can design a system of IT controls to comply with Section 404 of the Sarbanes-Oxley Act.

CONTACT US to learn more about our Consulting Services.

ABOUT US: Freed Maxick CPAs is Western and Upstate New York’s (NY) largest public accounting firm and a Top 100 firm in the U.S. Freed Maxick provides audit, tax and consulting services to closely-held businesses, public (SEC) companies, not-for-profits and governmental entities in Buffalo, Rochester, Syracuse, Albany and NYC, New York.