When Congress enacted the Sarbanes-Oxley Act of 2002, its goal was to crack down on corporate and accounting fraud by placing new requirements on executives, directors, auditors, attorneys and securities analysts. A key provision of the Sarbanes-Oxley Act, and one that raises the level of personal risk to executives, is Section 404. It requires each annual report to contain a statement of management’s responsibility to establish and maintain an adequate internal control structure and procedures for financial reporting. It also calls for a self-assessment of risks for business processes that may affect financial reporting.
The Sarbanes-Oxley Act requires all publicly traded companies to document their internal accounting controls and attest to their accuracy. The Act centers on enhanced standards for corporate accountability.
Since the integrity of financial information rests on controls within a company’s IT domain, an infrastructure that supports enforceable policies and best practices is required to ensure compliance. But where does a company start? To avoid unnecessary costs, and provide a thorough accounting of your business risks, the first step should be to have an unbiased security review by an outside consulting firm.
A security assessment will define where your weaknesses are, what is required to comply with Section 404, and provide a plan to remediate deficiencies.
client login