So What Is This SOX Stuff About Anyway?

Some Examples from the Trenches

    So you've heard about this SOX stuff and wondered, "What the heck is SOX?" Well, when someone speaks of SOX they're referring to the Sarbanes-Oxley Act of 2002, and most commonly are referring to SOX 404... a specific sub-section of the law which requires the management of a publically traded company to include in its annual report a statement on how the company handles its controls over financial reporting.

In short, the law requires that:

  • The company must maintain adequate controls over financial reporting
  • The company must provide a statement about the method the company uses for evaluating their control over financial reporting controls
  • The company must disclose any material weaknesses in their accounting controls. (Material weaknesses are significant deficiencies in accounting control which can result in a "greater than remote" possibility that a material misstatement can appear undetected or unreported on their financial satements.) Needless to say, companies do everything in their power to succeed in a SOX audit in order NOT to have to report material weaknesses and give themselves a bad name!
  • The company's auditor issue an attestation regarding the managements own assessment of its financial reporting capabilities.

    Perhaps the single most important part of SOX to understand is the concept of "Internal Control Over Financial Reporting." Internal control is defined as a process created by or created under the watchful direction of the principle executive oficers and financial officers to provide reasonable asssurance that financial reporting and preparation of financial statements

    for external purposes in accordance with generally accepted accounting principles. It includes those policies and procedures for maintaining accounting records, authorizing receipts and disbursements, and safeguarding assets. Compliance with SOX 404 will require large commitments of time and effort for both public company management and public company auditors, so it is critical to know the compliance due dates. An accelerated filer (a U.S. company with market capitalization over $75 million that has filed at least one annual report with the SEC) was required to comply with the SOX 404 requirements for its first fiscal year ending on or after November 15, 2004. A non-accelerated filer must begin to comply for its first fiscal year ending on or after July 15, 2007. Look for related Implementing SOX 404 articles about management's assessment process, the auditor's attestation and related required communications.

    Oh, and some of us are quite proficient in helping companies figure our this SOX stuff. Feel free to be in touch and I'll help you learn more. Thanks for visiting.



    Some Select Articles on SOX:
    SOX Basics
  • Want to learn
    Handwriting Analysis
    by the Numbers?

    Get the book at Amazon

    Order with PayPal

    right here, right now.

    Want to learn
    Handwriting Analysis
    by the Numbers?

    Get the book at Amazon

    Order with PayPal

    right here, right now.