• Home
• Sarbanes-Oxley
  • Sarbanes-Oxley Overview
  • Sarbanes-Oxley FAQ
  • Our SOX Approach
• Services
  • Sarbanes-Oxley
  • Executive Consulting
  • Knowledge Services
• Products
• About Us
• Partners
• Contact Us
  • Information Request Form
  • Phone/Email

QuickLinks

Sarbanes-Oxley Frequently Asked Questions

What is SOX?
SOX is a common term used to refer to the Sarbanes-Oxley Act of 2002 which was passed in reaction to the scandals at Enron, WorldCom, Tyco and other publicly traded companies that resulted in billions of dollars in corporate and investor losses. This act, effective in 2006, requires publicly traded companies to establish a financial control framework able to report on the effectiveness of their internal controls to investors.

How long does the compliance process take?
As was the case when the Act was first implemented, public companies are required to comply with SOX standards in stages. The timing of the stages is dependent on your company's profile and how it fits into groupings established in SEC rules. Intelli-Solve can assist you in putting together a realistic project plan to meet your compliance deadlines. Click here to learn more about our approach.

How do we approach SOX compliance if our company has branches in other countries?
U.S. and Canadian companies with branch or remote operations in other countries are required to consider foreign locations when "scoping" the SOX project. The extent to which foreign operations are "in scope" is dependent on their materiality alone or when grouped with other like operations within the company or on the extent to which they process unusual transactions. Intelli-Solve personnel are ready to help determine the materiality of all corporate and remote operations for clients, whether they foreign or domestic.

Is there a difference between SOX requirements for U.S. and Canadian companies?
Yes. When the CSA (Canadian Security Authority) determined that Canadian companies must comply with SOX requirements, they adopted identical standards to those found in the U.S. Since that time and in response to industry input and the outcry in the U.S., they've modified standards to a) not require use of COSO as the control framework and b) not require certification of results of SOX assessment by the company's external auditor. While the standards in Canada may appear to be relaxed from the U.S., Canadian companies are recognizing that they place greater responsibility on the company to effectively assert their control environments.

My company is a non-profit organization, what are the benefits of voluntarily becoming SOX compliant?
Many non-profit organizations are finding that they need to initiate voluntary SOX-style assessment of their control environments around certain key business cycles to satisfy agencies and organizations providing them funding. Banks and other funding institutions are putting increasing pressure on non-public companies to ensure their control environments will prevent fraud and detect errors - requirements perfectly suited to SOX-style control initiatives.

What's the cost?
The cost of SOX compliance depends on the type and number of material cycles and related sub-processes. The better question really is "what's the cost of not implementing sound SOX compliance initiative?" Even voluntary SOX-style internal control initiatives, when properly designed and deployed, produce advantages for companies that can far outweight the costs by year two. Properly implemented, there can be virtually no cost to SOX compliance considering the benefits control can bring to your bottom-line.