SOX 404

The Sarbanes-Oxley Act of 2002 represents a huge change to federal securities law. It was created as a result of the corporate financial scandals involving Enron, WorldCom and Global Crossing. Effective in 2006, all publicly-traded companies are required to implement and report internal accounting controls to the SEC for compliance. CISAs offer advisory and internal audit services to finance and IT teams to ensure they have and maintain IT General Controls required to address SOX.


The act requires that all public US companies and non-US companies with a US presence include an Internal Controls Report with their financial reporting. The report must show that a company’s financial data is accurate and adequate controls are in place to safeguard financial data. Year-end financial disclosure reports are also a requirement and a SOX auditor is required to review controls, policies, and procedures during a Section 404 audit.

Our Services

Our Security and Compliance group is under the direction of an ISACA-Certified Information Systems Auditor who provides security and compliance assessments, and consultations for clients.