Sarbanes Oxley

The Sarbanes-Oxley Act 2002 (SOX) applies to all public companies in the U.S. and international companies that have registered equity or debt securities with the Securities and Exchange Commission (SEC), and the accounting firms that provide auditing services to them.

Today there is increased pressure by the Public Accounting Oversight Board to improve Sarbanes Oxley compliance by focusing on internal control of financial reporting (ICFR).

Sarbanes Oxley Compliance Requirements

It is important to implement effective management and control around your spreadsheet processes to comply with SOX.

Entitled Management Assessment of Internal Controls, Section 404 of the SOX Act stipulates that public companies must take responsibility for maintaining an effective system of internal control, in addition to reporting on the system’s effectiveness.

Section 302 of the Sarbanes-Oxley Act 2002 states that senior personnel are directly responsible for the accuracy, documentation and submission of all financial reports as well as the internal control structure to the SEC.

Spreadsheets are widely used for business-critical reporting and are a major component in ICFR. A recent Finsbury study showed that 1 in 20 public companies experience a series spreadsheet error each year.

Sarbanes Oxley Compliance and spreadsheets

To comply with Sarbanes Oxley you need to include the following spreadsheet requirements:-

  • The control process needs to be defined in enough detail that users can follow it and auditors can understand the process
  • Input controls and process controls need to be defined
  • Maintain a record of changes to the logic of a spreadsheet and authorise those changes
  • Maintain a historic record of actual changes
  • Detailed review of the formula logic

Use Spreadsheet Workbench for Sarbanes Oxley Compliance

Spreadsheet Workbench is a market leading solution for meeting Sarbanes Oxley compliance

  • SWB workflow process can define the core process and controls
  • Automated audit trail and workflow process
  • Automated detection of high risk concepts, formula in-consistencies and hidden data.
  • And much more

click here for more details