Our team of professionals have helped several organizations in developing Sarbanes-Oxley (SOX) compliance programs during their first year of implementation, as well as the monitoring during the following years.

We pass on to control owners, supervisors and management, the approach to follow for complying with the internal certification, besides turn over the proper tools and methodology to be used during this process.

Assessment of controls operation:

• This process must be performed by every company’s department on a quarterly basis in order to verify if the control activities are in place and operating as designed.

Assessment of controls design:

• This assessment should be carried out annually by every company’s department, in order to validate that the control activity is designed for achieving the defined control objectives.

Implementation Phases:

1. Planning must include a clear definition of the project scope.
   
   
2. An evaluation of the existent documentation is performed (local policies and procedures), afterwards the processes are reviewed and are documented through process narratives and flowcharts, identifying risk and associated controls. On this phase, the control activities are tested.
   
   
3. On the remediation phase, action plans are prepared, implemented and process documentation updated
   
   
4. Validation with control owners of documentation prepared. Subsequently, documentation is approved by internal audit and a self assessment process program is defined including updating periods and follow up of the identified improvement areas.
   
   
5. Exportation phase of processes and corresponding procedures, these are adapted to affiliated and subsidiary companies in order to verify their compliance and consistency.