For organizations looking to prepare for or maintain compliance with The Sarbanes-Oxley Act of 2002 (aka: “Sarbanes Oxley”). One example of its key provisions is Section 404 which addresses Assessment of Internal Control. This provision requires management and the external auditor to report on the adequacy of the company’s internal control on financial reporting (ICFR). It is considered the most costly aspect for companies to implement. However, standards for compliance, guidance and practice have evolved since its enactment. DiSanto, Priest & Co. uses these evolved standards to assist management with their Sarbanes Oxley responsibilities, maintain compliance with the law, and help alleviate costs.
Commitment Beyond Compliance
Over the years, our team has worked with multiple commercial clients to assist them in preparing for or maintaining compliance with the Sarbanes-Oxley Act, and to evaluate, document and improve the effectiveness of their internal controls over financial reporting. We understand the need to integrate the responsibilities of the internal audit function with the need to satisfy Sarbanes Oxley related compliance requirements.
The DiSanto, Priest & Co. internal audit framework takes both an entity-level and a process-level view of the business utilizing the following methodology:
- Project planning: analysis of financial statements and disclosures to identify significant business units & processes
- Assessment of design and effectiveness of the system of internal controls
- Assessment of the current maturity level of the internal controls system
- Identification of weaknesses and gaps
- Development of remediation plans
- Design of a management assertion support process.
DiSanto, Priest & Co. adheres to the standards of the Institute of Internal Auditors regarding the nature, timing and extent of work. The experience we have encompasses the full life cycle of the Sarbanes-Oxley process.
Regardless of our role—whether it is a co-sourced or outsourced provider of your internal audit—as your Sarbanes Oxley compliance servicer, DiSanto, Priest & Co. will maintain independence and objectivity. Documentation and testing of the internal controls can be an important component of, and therefore utilized by, your third-party external auditors as they plan and perform audits of your financial statements.
- Design and Development of Control Framework
- Self-Assessment Design
- Control Documentation
- Controls Remediation
- Control Sustainability Consulting