The Sarbanes-Oxley Act (SOX) of 2002 was created in response to a number of accounting scandals. The main objective of the act is to ensure accurate financial reporting to the investors and stakeholders of public companies. It requires regulated companies to maintain internal controls to ensure accurate financial reporting and identify material weaknesses and significant deficiencies that could lead to material misstatement in financial statements.

Prolianze has assisted several companies with their SOX assessment efforts, including documenting key controls, testing controls, assisting with the remediation of identified failure of controls, and so on. During the course of assisting our clients, we have worked with premier accounting firms, which has led us to develop an eight-step approach to ensuring compliance with Section 404.

• Perform entity level control testing at front end to assess the control environment.
• Identify materiality threshold, including qualitative factors, as defined by SEC Staff Accounting Bulletin 99.
• Identify key accounts that could result in material misstatement of financials at both the financial statement and disclosure levels.
• Map the business processes to key accounts, highlighting key control activities.
• Identify controls that mitigate the risk of material misstatement in financials in the major processes.
• Test key control activities for each business process and location that falls within the scope.
• Evaluate control gaps in line with other mitigating controls and assess the overall exposure of material misstatement to the financial statements.
• Assist management in mitigating the control gaps and test the remediated controls.

• Complete Turnkey Compliance: Under this arrangement, the organization hires us to be the exclusive SOX compliance service provider. We are responsible for managing and executing the SOX compliance plan for all locations, including Financial and General Computer Controls testing. We also act as the client’s main contact with the external auditors and report to the audit committee.
• Location-based Compliance: Under this arrangement, clients hire Prolianze to execute the SOX testing plan for an identified location. We are responsible for managing and executing all the test plans for the chosen location. Our efforts are coordinated with the SOX project manager, which could be another compliance service provider or a client liaison at the company headquarters.
• Service-based Compliance: Under this arrangement, Prolianze is hired to execute either the financial audit or general computer controls testing of the SOX compliance effort.
• Special Projects: Prolianze professionals have worked from time to time on a special project basis. Our professionals step in to fill the gap, on an interim basis, and assist our clients with their SOX 404 compliance efforts. 

Examples of services offered as a part of the SOX Compliance Solutions include:

• Process flow and key controls documentation and mapping to financial statements.
• Assess key controls, including the identification of preventative, detective, and directive controls.
• Assist with deficiency analysis and remediation, including the testing of remediated controls.
• Assess, document, and test general computer controls.
• Assess, test, and remediate entity level controls.
• Provide control documentation depository solutions and ongoing maintenance.