Now I Can Do It Training – Sarbanes

The Sarbanes-Oxley Act of 2002 requires that audit committees, management and auditors assume responsibility for the implementation of certain processes that assist in the protection of the investing public. Each public company is affected differently by the Act and compliance will require a unique approach in each case.

Now I Can Do It can help you document existing policies and procedures, develop new procedures and policies and identify areas of weakness and actions needed to ensure that your policies and procedures are operating with effective controls.

We can use several methods to build the business process and risk repository for you. We are currently using Oracle Tutor Ž and Oracle Internal Controls Manager Ž software to gather this information and to identify risk and control information specifically related to financial reporting for one of our clients.

We will:

Document established policies, procedures and process information in flowchart format
Work with your managers and audit team to determine if they have any information that could assist us in the development of new policies and procedures
Interview management and perform a process walkthrough of the procedure being reviewed. Information will be collected via interviews, internal control questionnaires and control self-evaluations. We create and customize surveys after completing the initial interviews with your senior management team.

Deliverables may include:

Flowcharts and narrative memorandums to document the business process flow, objectives, risks and internal controls.
A draft Sarbanes-Oxley Internal Control Document for each area, reviewing it with management to ensure that they are in agreement with the objectives, risks and control environment and allow management to implement and monitor controls.

Analysis of the business processes and risks lead to the development and implementation of controls. Controls may be categorized according to the type of risk they are associated with such as Financial, Operational or Compliance.

Controls over initiating, recording, processing and reporting significant account balances, classes of transactions and disclosures, including non-routine and non-systematic transactions
Anti-fraud programs and controls
Controls on which other significant accounts depend
Controls over the period-end financial reporting process

Industry/Experience

Transportation

Trained personnel on the use of Oracle Tutor to document existing and new business processes to comply with the Sarbanes – Oxley Act.
Set up and trained personnel on Oracle Internal Controls Manager to document and manage risks and controls as required by the Sarbanes – Oxley Act
Developed business processes flowcharts based upon the risk and control information provided by management and outside auditors.

Please click on the links below to view a sample flowchart and a generic Sarbanes – Oxley project plan.