Audit Practice has helped many companies with their SOX assessment, documentation, and testing needs—including numerous coordinated efforts with each of the Big Four. Our experience in SOX compliance projects has led us to develop a multi-phase roadmap:

1. Performing entity level risk assessments and project scoping and planning
2. Identifying and documenting key internal control objectives and control activities
3. Resolving gaps and identifying key compensating controls
4. Developing and executing internal control monitoring and testing programs

Specific SOX compliance services include:

• Managing SOX projects on a turnkey basis
• Performing Entity Level Risk Assessments
• Developing detailed SOX project plans
• Defining project scope based on level of materiality
• Working with the external auditors to minimize overlap and cost duplication
• Preparing process/application narratives and matrices specific to the business structure
• Providing templates that clients can use to document key business processes and internal controls
• Establishing processes for clients to test and monitor the internal controls
• Assisting clients in organizing control documentation for External Auditors' attestation fieldwork
• Providing recommendations that address identified control weaknesses
• Providing a framework for ongoing compliance
• Ongoing SOX services relating to periodic SOX attestations – we come in and refresh the deliverables and testing – based on your needs, resources and timeframe

Our approach is tailored to meet your and your external auditor’s SOX timeframes and objectives. Our philosophy includes working at a very detailed level with your External Auditor in order to minimize scope of work, maximize ROI and to ensure a tightly focused, combined audit framework.