Case Study Sixteen: SOX Leadership - Smaller Reporting Company (SRC)

SOX Internal Control / IT Controls / Remediation

Details

Situation

A public company and nationwide provider of full solution security services and revenue approximating $140 million required expertise and leadership to implement the COSO Framework. We assisted the company in documenting its risk assessment, enhanced business process documentation and controls, including IT and entity level controls, and assisted in developing ongoing monitoring plans and separate evaluations.

Engagement

Engaged to provide expertise and leadership for efficient risk based internal control design and documentation, including IT controls.

Results

Management efficiently implemented the new COSO requirements and enhanced activity level controls utilizing a top-down risk-based approach
The following year, entity level controls implemented by management through our guidance helped to discover certain irregularities reported by an employee through a whistleblower hotline
Provided guidance for the Chief Information Officer while formalizing IT security and availability controls in an efficient manner