800.903.6264

SecureState
Search
Home > Services > Audit and Compliance > SOX 404(b).aspx

AUDIT & COMPLIANCE

SOX 404(b) Gap Assessment – Pre-Audit

Essentials

Sarbanes-Oxley Act of 2002 requires the auditors of publicly-held companies to attest to, and report on, management’s assessment of its internal controls. The SOX 404(b) controls are to be externally verifiable by independent auditors, available for shareholder and publically communicated for investor inspection. The reports must also include material control weaknesses (if any), including those manifesting themselves in a security breach. Its focus is solid documented IT governance tailored based on the size and complexity of the company (Auditing Standard No. 5).

Benefits

  • Scalable Framework for Compliance with SOX 404(b)
  • Identification of non-compliant areas and understanding of what actions are needed
  • Enhanced risk management methodology and governance
  • Improved risk posture
  • Proper 3rd party objective demonstration of their compliance
  • Avoidance of fines that could result in failing a SOX 404(b) Audit
  • Optimized operations with an integrated approach to security, availability and processing integrity
  • Reduction of the cost, confusion, and complexity of compliance
  • More precise financial reporting

Expertise

SecureState’s Audit & Compliance consultants are experts in understanding both the technical aspects as well as the business aspects of your organization. Our experience and knowledge, developed while working with some of the top Fortune 500 financial institutions in the country and a governing body, provides your organization with a true picture of your compliance with SOX 404(b).

Did You Know?

  • SOX reduces the possibility of corporate fraud
  • SOX laws have been subsequently enacted in Japan, Germany, France, Italy, Australia, India, South Africa, and Turkey
  • Most U.S. companies have used the Committee of Sponsoring Organizations of the Treadway Commission (COSO) framework, although some have used the Control Objectives for Information and related Technology (COBIT) framework as a supplement to COSO for IT controls.

RELATED:

Our Approach and Methodology

SecureState’s GLBA Gap Assessment/Pre-Audit approach maps critical information processes to determine if regulatory controls have business impact. The goals are to:

  • Evaluate the effectiveness of your SOX compliance program
  • Validate SOX controls
  • Remediation cost-justification

The stages of our SOX Gap Assessment - Pre-Audit, with limited descriptions, is as follows:

Pre-Onsite Visit:

  • Introduce engagement participants and define roles
  • Review engagement activities
  • Review any applicable documentation

Process Mapping:

  • Document the high level in-scope SOX systems and technical infrastructure

Requirements Analysis:

  • Document the existing controls used to protect in-scope SOX Assets
  • Identify gaps against the SOX requirements

Reporting:

  • On-site interview and information gathering to assess SOX compliance status
  • Outline strategic recommendations to mitigate identified control gaps
  • Upload remediation activities to “MyState Portal”

What Makes Us Different

SecureState

  • Provides comprehensive on-demand Privacy and Security expertise during the engagement and throughout the year
  • Supports its clients’ SOX compliance program with our proprietary “MyState Portal” and a team of qualified security specialists
  • Maintains close relationships with our clients because we care about the outcome of the assessment
  • Has independently worked with CPA firms on SOX compliance for organizations

Downloads

We Can Help You

Copyright © 2012 SecureState LLC. All rights reserved.
23340 Miles Road Cleveland, Ohio 44128-5493 | 800.903.6264

SecureState Data Security