Sarbanes-Oxley (SOX) IT Audits & Consulting

Sarbanes-Oxley (SOX) regulations affect several aspects of a business, including its IT system. Do you know if your IT system is helping or hindering your compliance efforts? While most corporate business and accounting departments are all too familiar with financial reporting requirements and audit trails, many IT departments are finding themselves in the audit spotlight for the first time. Many are struggling to define what their departments must do to comply and to implement the necessary procedures. The problems are compounded by a lack of qualified IT auditors to address IT departments' unique needs.

How we can help

As part of our extended SOX-related services, we offer IT consulting services designed specifically to help you comply with SOX regulations. Based on our information systems controls review experience and knowledge of the Sarbanes-Oxley Act, we’ve developed an efficient and effective approach to help you build towards compliance.

Our multi-phased approach is designed to assess and document your company’s internal controls. This approach includes four phases:

1. Planning
2. Assess design effectiveness
3. Assess operating effectiveness
4. Ongoing monitoring/developing ongoing strategy for compliance
   

Our risk management methodology utilizes the Committee of Sponsoring Organizations (COSO) of the Treadway Commission guidelines — the standard for internal control. COSO is not only an integral component of our methodology, but is also built into our software tools.

While the importance of IT controls is embedded in the COSO framework, IT management requires more examples to identify, document and evaluate IT controls. We use the widely accepted IT Governance Institute's Control Objectives for Information and related Technology (CobiT). This is an IT governance model that provides both company-level and activity-level objectives along with associated controls. Using the CobiT framework, a company can design a system of IT controls to comply with Section 404 of the Sarbanes-Oxley Act.

Why Freed Maxick?
At Freed Maxick, we understand the unique challenges you face in meeting SOX requirements. With this in mind, we offer a customized, flexible approach that’s based on your needs.

With a low managing director/director-to-staff ratio, we give you senior-level attention and personalized service. And we have extensive experience and knowledge of financial accounting packages, network security, and Windows and Unix environments. 

Freed Maxick & Battaglia, CPAs is Western and Upstate New York's (NY) largest public accounting firm and a Top 100 firm in the U.S. Freed Maxick provides, audit, tax and consulting services to private and public (SEC) companies in Buffalo, Rochester, Syracuse and Albany New York. Freed Maxick has vast national and international resources to help your business expand nationally and internationally.

Related Services

• Enterprise Risk Management
• Sarbanes-Oxley (SOX) Consulting
  • SOX 404 Compliance
  • SOX IT Audits
• Internal Controls -Non-Profits | Private Companies
• Internal Audit Consulting
• Disaster Recovery - Business Continuity Planning
• Technology Risk Management Services
  • Strategic Information Technology Planning
  • Information Systems Selection - Implementation
  • Technology Assessments - System Reviews
  • Information Systems Security - Controls Consulting
  • SAS 70 Reviews
  • SAS 70 Audits
  • PCI Data Security Standard Compliance

SOX IT Audit Services Contact: