Sarbanes-Oxley (SOX) IT Audits & Consulting

Sarbanes-Oxley (SOX) regulations affect several aspects of a business, including its IT system. Do you know if your IT system is helping or hindering your compliance efforts? While most corporate business and accounting departments are all too familiar with financial reporting requirements and audit trails, many IT departments are finding themselves in the audit spotlight for the first time. Many are struggling to define what their departments must do to comply and to implement the necessary procedures. The problems are compounded by a lack of qualified IT auditors to address IT departments' unique needs.

How we can help

As part of our extended SOX-related services, we offer IT consulting services designed specifically to help you comply with SOX regulations. Based on our information systems controls review experience and knowledge of the Sarbanes-Oxley Act, we’ve developed an efficient and effective approach to help you build towards compliance.

Our multi-phased approach is designed to assess and document your company’s internal controls. This approach includes four phases:

1. Planning
2. Assess design effectiveness
3. Assess operating effectiveness
4. Ongoing monitoring/developing ongoing strategy for compliance
   

Our risk management methodology utilizes the Committee of Sponsoring Organizations (COSO) of the Treadway Commission guidelines — the standard for internal control. COSO is not only an integral component of our methodology, but is also built into our software tools.

While the importance of IT controls is embedded in the COSO framework, IT management requires more examples to identify, document and evaluate IT controls. We use the widely accepted IT Governance Institute's Control Objectives for Information and related Technology (CobiT). This is an IT governance model that provides both company-level and activity-level objectives along with associated controls. Using the CobiT framework, a company can design a system of IT controls to comply with Section 404 of the Sarbanes-Oxley Act.

Why Freed Maxick & Battaglia, CPAs?
At Freed Maxick & Battaglia, we understand the unique challenges you face in meeting SOX requirements. With this in mind, we offer a customized, flexible approach that’s based on your needs.

With a low managing director/director-to-staff ratio, we give you senior-level attention and personalized service. And we have extensive experience and knowledge of financial accounting packages, network security, and Windows and Unix environments. 

Freed Maxick & Battaglia, CPAs is Western and Upstate New York's (NY) largest public accounting firm and a Top 100 firm in the U.S. Freed Maxick provides, audit, tax and consulting services to private and public (SEC) companies in Buffalo, Rochester, Syracuse and Albany New York. Affiliated with RSM McGladrey, the 5th largest accounting firm in the U.S., Freed Maxick has vast national and international resources to help your business expand nationally and internationally.

Related Services

• Enterprise Risk Management
• Sarbanes-Oxley (SOX) Consulting
  • SOX 404 Compliance
  • SOX IT Audits
• Internal Controls -Non-Profits | Private Companies
• Internal Audit Consulting
• Disaster Recovery - Business Continuity Planning
• Technology Risk Management Services
  • Strategic Information Technology Planning
  • Information Systems Selection - Implementation
  • Technology Assessments - System Reviews
  • Information Systems Security - Controls Consulting
  • SAS 70 Reviews
  • SAS 70 Audits
  • PCI Data Security Standard Compliance

SOX IT Audits Related Resources

New! SEC Approves New Guidance for SOX 404 Compliance: The SEC voted to adopt final guidance for management on evaluating and assessing internal control over financial reporting as required by Section 404 of Sarbanes-Oxley. The SEC will not delay implementation for non-accelerated filers, which means those companies will comply with the management reporting provisions by their fiscal year ending December 15, 2007. Click the Icon on the left to read more about the new guidance. Find out about our SOX 404 Compliance Services here.

Sarbanes-Oxley (SOX) Compliance for Non-Accelerated Filers: Public (SEC) companies that are Non-accelerated filers need to begin their section 404 compliance initiative as soon as possible. According to the current SEC rules, these companies must be in compliance for the first fiscal year ending after July15, 2007.. Section 404(a) of the Sarbanes-Oxley Act focuses on management responsibilities to ensure adequate internal control over financial reporting. What should you do now to meet the deadline? Download our SOX 404 Compliance Overview. Find out about our SOX 404 Compliance Services here.

Five Risk Management Strategies to Implement Now: Are you safeguarding your company's success? Managing risk in key areas of your business can help safeguard the future of your company — and put you on track toward certain SOX requirements without undue expense or effort. Click the icon on the left to download Five Risk Management Strategies to Implement Now.

SOX IT Audit Services Contact: