SOX Audit - The Four Things a CFO Needs to Know

SOX is a blueprint for regulatory responsibilities, and a CFO and other finance executives needs to focus on what can be done to meet SOX and other regulatory requirements specific to their industry head on.

Here are the four things a CFO knows or needs to know about SOX audit, internal controls, the enterprise BI environment, and change management:

  1. Under the Sarbanes-Oxley Act of 2002 (SOX), the signing officers of a public company have a legal responsibility to implement and maintain internal controls to mitigate the risk of material misstatement in financial statements.
  2. One of the most critical of these internal controls in relation to the business intelligence environment is change management, as it allows you to baseline financial documents of record and account for all material changes to them.
  3. A change management process is only as good as IT's ability to reconcile change management documentation against a comprehensive audit log of actual changes.
  4. An automated BI audit solution is essential to the cost-effective and timely detection of potential issues and maintenance of confidence in the change management internal control process.

Internal controls create confidence in the processes that safeguard the financial integrity of the enterprise. Investors, internal auditors and external auditors must have confidence that you are doing everything in your power to maintain that integrity. But confidence is a delicate commodity - difficult to establish, but easy to destroy. It is much like a chain - only as strong as its weakest link.

Because SOX makes signing officers responsible for establishing and maintaining controls, the controls are necessarily top-down in nature. How deeply must these controls dive into the control details to establish the confidence of auditors? To what lengths should you go to ensure the transparency, efficiency, and effectiveness of these internal controls?

Interview: David Pigott, V.P., App Development, Boston Properties

Listen to Boston Properties' David Pigott talk about how they used APOS Insight's advanced Audit capabilities to overcome obstacles to audit readiness while streamlining change management processes and managing resources efficiently:

Listen to the recording…


Read the Boston Properties Case Study

The published case study contains a more detailed look at the challenges Boston Properties faced, and the solutions they implemented, as well as more commentary from David Pigott.

Read the complete Boston Properties Case Study (PDF)...