Live Demo

Achieve Compliance

SOX 302

What it requires:

The CEO and CFO must certify that they have evaluated the effectiveness of disclosure controls and procedures and that their financial statements fairly present the company’s financial condition and results. 

The challenge:

Disclosure controls include the processes that gather, analyze, and report financial data.

How Incisive supports SOX 302 certification:

  • Visibility into what feeds disclosure: Discover and inventory all EUCs that contribute to quarterly and annual filings. 
  • Operating effectiveness evidence: Establish monitoring, version control, and change logs that demonstrate that controls operate consistently throughout the year. 
  • Audit readiness and efficiency: Produce structured reports and evidence packages.

SOX 404

What it requires:

Management must asses the design and operating effectiveness of internal control over financial reporting (ICFR) and report on that assessment annually. Public companies must also obtain an auditor’s attestation on ICFR effectiveness.

The challenge:

ICFR scope includes any process, tool, or control that could materially affect financial statements.

How Incisive supports SOX 404 assessment and evidence:

  • Completeness of ICFR scope: Identify all EUCs used in financial reporting processes so scoping is accurate and defensible.
  • Risk-based classification: Assess and tier EUCs and other assets to focus control design to areas with the highest impact. 
  • Establish defensible controls: Continuous monitoring, version control, ownership, and check-in/check-out 
Facebook
Twitter
LinkedIn
Share
WhatsApp