In order to restore integrity and trust among corporations, the Sarbanes-Oxley Act (SOX) of 2002 was created.
Most importantly to WTG was the development of section 404 of the Sarbanes-Oxley Act, which deals specifically with internal control reporting.
SOX Section 404 requires annual evaluation and reports on the effectiveness of an organization’s internal controls on financial reporting. Auditors must attest to and report on the internal control assessment of the management team. As automated systems are included in the internal controls, Information Technology (IT) and Information Systems (IS) have been incorporated into the annual audit.
Unfortunately, most technology professionals are not familiar with the rigors of such an audit, and the documentation and evidence needed for support.
It requires the right education and understanding to scope the work that is truly needed, without including more than is required. The complexity of this part of the audit is exacerbated by the fact that due to professional conflict of interest, the technology auditors who perform the audit are prohibited from helping an organization prepare for it.
At WTG, we have extensive experience working with the “Big 4” auditors. We can walk the walk and talk the talk. We know what we’re doing, and can guide you through the process one step at a time. We can help demystify the regulations, and offer clear guidance and support to help you through the audit process.