Automate and manage Sarbanes-Oxley governance initiatives, assess compliance deficiencies by business unit and track remediation processes related to operational risk.

Business Need

The Sarbanes-Oxley (SOX) Act of 2002 radically tightened federal regulation of public companies, especially in the areas of reporting obligations and accountability standards for directors, officers, auditors, securities analysts and legal counsel. Two key sections of the Act, 302 and 404, require management to implement and document an internal control program while publicly asserting its effectiveness. Because CEOs and CFOs are unlikely to have the time or resources to review every internal control test result, companies must ensure that managers at every level conduct extensive reviews and make certifications along the way to verify proper review and testing. Due to the complexity and far-reaching nature of these required controls, complying with SOX can be a daunting and expensive task.

Archer's Solution

The Archer Sarbanes-Oxley Compliance Management solution assists companies by automating and managing their compliance efforts, thereby reducing the effort and costs associated with SOX initiatives. This comprehensive solution integrates seamlessly with other Archer solutions, enabling organizations to leverage pre-existing data and to employ the Archer application as a centralized tool for compliance data aggregation, process control and reporting.

Key Features and Benefits

Documentation

Perform easily configurable risk-rating assessments for each business unit’s processes to determine an efficient and effective risk-based testing program. 

Employ automated assessments and certifications, including the following:

Quarterly certifications required for Section 302 compliance

Design assessments of control activities and their ability to achieve control objectives

Operating assessments of control activities to determine their effectiveness, which can be performed on a continual basis 

Enable self-assessments by informing process owners and testers of their tasks via rules-driven email notifications and a “My Tasks” list on role-specific home pages.

Employ automated assessments and certifications, including the following:

Quarterly certifications required for Section 302 compliance

Design assessments of control activities and their ability to achieve control objectives

Operating assessments of control activities to determine their effectiveness, which can be performed on a continual basis 

Enable self-assessments by informing process owners and testers of their tasks via rules-driven email notifications and a “My Tasks” list on role-specific home pages.

Issue Management

Automatically generate deficiency records for all testing and assessment failures to facilitate consistent tracking and evaluation.

Assess the nature and status of each deficiency, including net exposure evaluation and applicable compensating controls. All deficiencies are automatically related to financial statement accounts and COSO assertions, enabling quick and powerful reporting.

Create remediation records automatically, allowing process owners to track all of the tasks related to rectifying a deficiency.

Monitoring

View the status of SOX-related work quickly and easily through Archer’s dashboard presentation interface.

Reference a consolidated picture of compliance efforts and remediation processes while preserving the ability to expose the details of any area or activity with a simple click of the mouse.

Gain access to information via a simple ad-hoc reporting interface, or deliver status and alert-type reports to users via email.

Project Management

Control entitlements to each piece of information collected and managed by the system.

Utilize the Archer SmartSuite Framework’s simple HTML interfaces, customizable user input forms and rules-driven email notifications.

Add custom data elements and modify the solution workflow to meet the company’s specific SOX compliance processes.

Vendor Site:- Archer Technologies