- Compliance administration can be complex and costly - stretching your already stretched resources even more.
- The risks of non-compliance can be colossal for the CEO and CFO who are responsible for certifying the accuracy of financial data.
- SOx was passed in response to a number of devastating accounting scandals, to ensure accurate financial reporting for public companies. It requires
- Maintain internal controls that ensure accurate financial reporting;
- Identify material weaknesses and significant deficiencies.
- Corporate governance;
- Financial reporting;
- Executive conduct;
- Internal controls.
- Corporate governance;
- Document internal controls
- Assess the effectiveness of internal controls;
- Prepare a report on internal controls.
NKA offers support to implement COSO framework that defines organization wide controls. The COSO framework defines five areas. The Objectives of COSO Framework aim at:-
- Operational Effectiveness
- Financial Reporting (Better and in timely manner)
- Compliance with regulatory requirements.
- Control Environment
As per Requirements of COSO framework, the control environment in the organization should be such that the top Management should assume its full responsibility for entire Internal control structure
- Risk Assessment
The Management should undertake the Risk Assessment procedure. It means that they should evaluate Internal and External factors that may have impact on the organization.
- Control Activities
The control activities are specific Policies and procedures which are undertaken to ensure correctness of some specific assertions. It helps the management to reduce the risk to an acceptably low level.
- Information and Communication
The management should ensure that relevant information is identified and communicated in a timely manner to Responsible Officer.
Monitoring refers to the process undertaken by Management to determine whether internal control system is adequate or not.
Testing documents and records can be used to aid the CFO and CEO obtain certification that internal controls have been implemented and are used effectively. NKA's approach to internal control provides complete traceability, transparency and personal accountability of all actions undertaken within your organization.
We approach could be outlined as below:
- Definition of the scope of the project (relevant portion of SOX)
- Understand your business;
- Discussion on business cycles on which SOX Compliance support services are required
- Preparation of test script by NKA with management consultation
- Test script to be communicated by management internally to control owners
- Control owners to implement and work in collaboration with new documented controls
- Process stabilization period - recommended 2 months or to be decided by management - NKA to address queries of control owners via emails
- Changing test scripts if required by control owners basis practical operations
- Once control is stabilized - Testing controls - sending data requirement to management
- Testing and reporting results to management
- Development remediation for testing failure to management
- Retesting post remediation implementation