萨班斯-奥克斯利法案合规服务
2002年的萨班斯-奥克斯利法案, 特别是404条款, requires the CEO and CFO of a public company to document and assess as of the end of every annual reporting period that they established, 维护, and tested the operating effectiveness of the public company’s internal control over financial reporting (ICFR). The independent auditor of the public company must then provide an opinion on management’s assessment of the public company’s ICFR. The CEO and CFO also have to certify as of the end of each quarterly and annual reporting period that they are responsible for the design and operating effectiveness of ICFR based on Section 302 of the SOX Act.
Public companies establish compliance with the SOX Act by developing a compliance plan that includes the appropriate criteria which ensure that significant financial reporting risks have been identified, 评估并实施关键的内部控制以减轻这些风险. 上市公司使用的最突出的指导方针是 内部控制-综合框架 由特雷德韦委员会赞助组织委员会(COSO)出版.
整体, the process to ensure compliance with the SOX Act requires public companies to have specialized knowledge of the SOX Act requirements, COSO框架, 以及独立审计员所遵循的内部控制审计方法.
LBMC的萨班斯-奥克斯利法案专家在SOX法案方面拥有丰富的知识和经验, 第404节文档和测试要求, COSO框架, Generally 接受ed 会计 Principles (GAAP) and Public Company 会计 Oversight Board (PCAOB) 审计ing Standards (specifically AS 2201). We have been assisting numerous public companies with their SOX 合规 programs; working closely with their independent auditors. No matter if you are mature public company or a company in the process of entering the public market through a traditional public offering (IPO) or a special purpose acquisition company (SPAC). 我们可以帮助您遵守SOX法规. Our services can be packaged or selected a-la-carte based on your desired support to include the following:
- COSO框架遵守情况的记录和评估
- 风险评估及促进
- 重要过程和系统的文件
- 财务报告、风险及内部控制评估
- 内部控制测试和测试结果报告
为什么要外包SOX遵从性?
LBMC has a team of SOX 合规 experts and a well-established SOX compliance process that helps companies establish or continue compliance with the SOX Act in an efficient and cost-effective manner. Our resources can be allocated among multiple clients thereby reducing costs and providing significant cost savings to you.
外包SOX合规流程的公司通常满足以下要求:
- Company is in the process of entering the public market through an IPO or a SPAC and doesn’t have an established framework to manage SOX compliance nor the resources necessary to establish a well-rounded and compliant program.
- Public company has experienced a significant increase in costs to retain the talent that is needed to manage SOX 合规 and/or unable to leverage the expertise within the organization resulting in underutilization of talent.
- 上市公司无法吸引管理SOX合规性所需的人才.
LBMC SOX合规服务
LBMC provides a variety of SOX 合规 services which can be tailored to the needs of each company. The services that we typically provide include one or more of the compliance phases described below:
COSO框架遵守情况的记录和评估
我们协助客户对COSO框架的合规性进行记录和评估, 完成COSO框架模板, 以及控制差距的评估. 除了, we provide entity-level control testing services for key governance controls identified when assessing compliance with COSO框架.
风险评估及促进
在协助客户进行风险评估时, 我们遵循自上而下, risk-based approach to ensure that future compliance efforts focus only on critical processes and systems. The purpose of the risk assessment is to identify the significant financial processes and systems that will be documented and tested as part of the SOX compliance process.
We work alongside your internal audit department or directly with company management to understand the systems that generate your financial reporting and assess your risks related to reliability and accuracy of financial reporting. 然后, we develop a list of internal controls that are or should be in place to safeguard the financial reporting process.
重要过程和系统的文件
We can effectively document an organization’s significant processes and systems in an efficient manner. This phase of the SOX compliance process is often cumbersome due to the detailed interviews and documentation efforts that are necessary for all significant processes and systems.
通过年复一年地保持SOX审计业务的连续性, 明升体育app下载审核员对你们的流程和体系有很深的了解, 你也不必浪费时间重新培训明升体育app下载团队成员. This level of familiarity enables not only the most efficient SOX compliance but also strong working relationships.
财务报告、风险及内部控制评估
随着我们对客户关键流程的理解不断加深,并将相关系统记录下来, we will assess the key risks inherent within each process to determine which key risks would most likely prevent the related processes from meeting their objectives. 然后,我们将了解并评估现有的关键控制措施,以减轻这些风险. 然后,我们将报告任何控制缺口以进行补救.
内部控制测试和测试结果报告
在确定了关键的内部控制之后, we work with our clients to develop testing plans to assess the operating effectiveness of those controls. 在这个阶段, we will communicate frequently with the related financial statement auditor to ensure we agree to the controls being testing, 测试的频率和时间, 测试的文档和相关的测试样本大小. 在这个阶段,沟通是至关重要的,以确保所有各方都在同一页上.
在测试期间, we provide frequent updates to client management to ensure all control deficiencies are known and corrected as soon as possible. 除了, 在测试之后, 我们将向管理层和相关审计委员会提供正式报告, 如果请求.
