Our Sarbanes-Oxley Expertise
Is Sarbanes-Oxley (SOX) taking on a life of its own? Regardless, SOX is here to stay. Aviano has extensive experience in providing SOX related services to public company clients, from year-one program design and implementation, to revamping, streamlining, or updating programs that may have become stale or outdated due to changes in internal and external factors. Working closely with management and internal audit, we can customize our methodology, tools, and templates to assist management in achieving SOX compliance in an efficient and effective manner.
Our experience includes:
- SOX education, training, and communication, including initial or refresher programs for company personnel, as well as members of the Board of Directors and the Audit Committee. Coordinating with the company’s internal and external auditors, and facilitating communications with senior leadership, the Audit Committee, and the Board of Directors.
- Designing and implementing SOX programs; we can work with management to design a company-specific SOX program – from risk assessment to reporting.
- Performing SOX program optimization reviews, which may include improving the SOX risk assessment process, resulting in reallocating resources and efforts to areas of higher financial reporting risk, focusing on automated and entity-level controls, and relying on a control self-assessment program for lower-risk, routine areas.
- Assessing COSO conformance, including assessing conformance with the Committee of Sponsoring Organization’s (COSO’s) Internal Control – Integrated Framework (2013 version). Mapping the company’s current controls and activities to the principles and relevant points of focus in the framework, and assisting management with remediating any gaps.
- Assessing controls including evaluating the design effectiveness of controls, as well as assisting management and/or Internal Audit in the testing of operating effectiveness of key SOX controls. This may include providing resources to test complex, specialized areas such as IT and income tax accounting. We can also assist in the development of a self-assessment program if not already in place.
- Assisting in the evaluation and remediation of deficiencies. We can assist management in the evaluation of any noted deficiencies and help prepare the necessary disclosures related to ICFR. We can also assist management in the development of remediation plans to cure any noted control deficiencies.
While some companies may choose to perform the minimum procedures to achieve compliance with the requirements of SOX, others may also opt to leverage their SOX program to achieve greater operational effectiveness and efficiencies, as well as address areas of compliance not required by SOX.
Having worked in industry, Big 4 firms, and global consultancies, we bring perspectives beyond traditional professional services firms. Our professionals also have relevant certifications, such as Certified Public Accounting (CPA), Certified Internal Auditor (CIA), Certified Information Systems Auditor (CISA), and Certified Fraud Examiner (CFE).