Implementing Financial Controls & SOX (Sarbanes-Oxley) Requirements


The Sarbanes-Oxley Act of 2002 establishes requirements for the integrity of the source data used in financial transactions and reporting. To prove the integrity of financial data, companies must extend audit processes to the financial information stored within corporate databases. To verify compliance, auditors review and analyze the key manual and system controls at multiple aspects of a database environment. Auditors and information technology (IT) professionals generally work together to prove that data used in applications meet Sarbanes-Oxley (SOX) control requirements.

Our Financial Controls and SOX Compliance professionals help companies establish effective internal controls over financial reporting. Whether your organization is just implementing SOX compliance or has been complying for years, we help you apply a top-down, risk-based approach, in accordance with the Securities and Exchange Commission’s (SEC) guidance, to implement a cost-effective compliance process.

We help rationalize the critical risks, identify the key controls, develop processes to provide evidence supporting the effectiveness of controls, drive accountability for compliance throughout the organization, and coordinate the implementation of the attestation process under Auditing Standard No. 5. 

We, and our associates, have gained valuable experience working with many organizations and can provide you with a customized road map that addresses your business priorities and planned strategic improvements.

Our specific services include:

  • Helping you to ensure compliance with SOX requirements and that the design and operating effectiveness of internal controls over financial reporting is adequate

  • Working with your managers and business owners to ensure all significant processes are properly documented as per SOX requirements

  • Validating key risks and associated controls

  • Performing and documenting walkthroughs of key controls and assessing the design effectiveness

  • Developing and updating test plans for key controls

  • Testing operating effectiveness of key controls and working with management to remediate control and process deficiencies

  • Documenting and performing assessments of IT controls and practices for compliance

  • Improving the key upstream business processes affecting financial reporting


We can also assist you in designing, implementing or enhancing your internal control for your CEO/CFO certification program. Using a top-down, risk-based approach, our internal control and risk specialists can help you achieve cost-effective compliance while realizing broader business benefits.