Significance of SOX Compliance · 2019-11-14 · of SOX compliance. Fundamentals of SOX Compliance Essentially, the main objective of SOX compliance is to establish safety and security

Understanding theSignificance of SOX Compliance

www.cognoscape.com

2 | Understanding the Significance of SOX Compliance | cognoscape.com

Understanding the Significanceof SOX Compliance

The Sarbanes-Oxley Act (SOX) became effective in 2006 and was implemented to hold all US

corporations accountable for their internal financial auditing controls to the Securities and

Exchange Commission. This federal law was passed in response to a number of major corporate

and accounting scandals. The Sarbanes-Oxley Act itself is organized into eleven sections, but

sections 302, 404, 401, 409, 802 and 906 are the most important in terms of compliance.

Failure to comply with regulations can result in fines up to $10 million and 30 years in prison for

a corporation.

Cognoscape takes pride in being more than just your regular IT department. We understand

that your business is your top priority, and we want to formally address the Sarbanes-Oxley

Act to ensure that compliance and regulatory procedures are in full effect. That’s why we’ve

done extensive research to help you understand the significance

of SOX compliance.

Fundamentals of SOX Compliance

Essentially, the main objective of SOX compliance is to establish

safety and security measures that protect against misuse of

confidential data and to track personnel who might tamper with

data or commit fraud-related activities. A 2005 survey by the

Financial Executives Research Foundation found that 83% of

large company CFOs agreed that SOX had increased investor

confidence, with 33% agreeing that it had reduced fraud. By

implementing higher measures of security, the act is hoped to

reduce fraud, build public confidence and trust, and protect data

that may affect companies and shareholders.

3 | Understanding the Significance of SOX Compliance | cognoscape.com

According to HBS Associate Professor Suraj Srinivasan and Harvard Law School Professor John C.

Coates, “The costs of regulation are more direct and easier to comprehend than the benefits, which

are mostly indirect. So there will always be upfront concerns about regulation, which leads back to

the importance of building in opportunities to measure the costs and benefits.”

These are the two main sections of SOX compliance that directly correlate with safety regulations:

Section 302:

This is where the safety of faulty financial reporting can be immediately referenced. This particular

section requires companies to safely document their data in hopes to ensure that financial reports

are not built from false data, tampered data, or inaccurate data.

Section 404:

This section keeps organizations accountable to auditors. This is to ensure that independent

auditors may disclose to shareholders and the public possible security breaches that affect

company finances.

Subsections of SOX Compliance

302.2 Makes sure that the signing officer must agree to the

logistics of reported information.

302.3 Mandates that the signing officer must verify that the

facts are fairly presented in the report. This includes accurate

reporting for the time periods.

302.4.B Requires internal controls over data, so that officers

are aware of all relevant data. Data must exist in an internally

controlled and verifiably secure framework.

The costs of regulation are more direct and easier to comprehend than the benefits, which are mostly indirect.”“

“

4 | Understanding the Significance of SOX Compliance | cognoscape.com

302.4.C Demands that appointed officers are testing the durability of internal controls

within 90 days prior to the previous report. This security framework needs to be constantly

reviewed and made verified.

Section 302.4.D Requires officers to continuously generate a report based on the efficiency of

the security system and clearly state their findings.

Section 404.A.1.1 States that a business is obligated to select auditors and hold them

accountable to review control structures and procedures for financial reporting. All

information that correlates with the security framework

and parties responsible for the operation of the security

framework must be disclosed to the auditors.

Section 404.B Requires auditors to be aware of and

report on any drastic modification to internal controls

and/or significant failures that could immediately affect

internal controls.

Partnership With Cognoscape

SOX Compliance deals heavily with internal data control.

These laws and regulations are in accordance with

government guidelines. Implementation can be extensive

and overwhelming, but we have the tools and possess

the knowledge to keep your company in heeding to these

standards. Allow us the privilege to create and maintain a

SOX compliance plan for your company. Call and learn more today!

All information that correlates with the security framework and parties responsible for the operation of the security framework must be disclosed to the auditors.”

C o g n o s c a p e L LC

1 6 4 7 9 D a l l a s Pa r k w ay, # 2 3 0

A d d i s o n , T X 7 5 0 0 1

( 2 1 4 ) 3 7 7 - 4 8 8 4

c o g n o s c a p e . c o m