Best Practices of:
Sarbanes-Oxley Act- Section 404 Compliance Approach

By:       Robert Putrus, PE, CMC, CFE                                                                                                

Although SOX Section 404 compliance projects are intended to be comprehensive and thorough, they don’t need to be overwhelming. Companies ought to use the opportunity to re-engineer and streamline their business processes.  As a rule, companies ought to consider the following when they embark on a Sec. 404 compliance project:

1. Make staff available to the SOX project team. Most audit consultants take an integrated project team approach.
2. The integrated project team must include company management, company functional staff and members of the consulting team.
3. The team will apply the COSO framework for the business processes.
4. The team will apply the COBiT framework for its information technology area.
5.  The project must have program and project managers who are accountable.