Skip to main content

SOX and Financial Controls

Sox photoIn today’s regulatory climate, achieving and maintaining compliance with the Sarbanes-Oxley Act (SOX), Model Audit Rule 205 (MAR), and other financial controls regulations can be difficult and time consuming.  But it doesn’t have to be.  Focal Point can provide the technical expertise, financial knowledge, project management, resources and value-priced consulting to keep your SOX or MAR compliance program on track and on budget.  We help internal audit functions through the peak periods of second, third and fourth quarter testing. Our approach incorporates low-cost, qualified testing resources to reduce overall compliance costs.

A Proven Compliance Methodology

Our methodology is modular in design and easily tailored to provide your business with only the services it needs. Our top-down, risk-based approach incorporates all components of a control evaluation, including entity-level controls, IT general controls (ITGCs), application controls, disclosure controls and procedures and process-level controls. Our methodology supports both outsourced and co-sourced service models and is aligned with the 2007 Securities and Exchange Commission (SEC) Guidance provided to management, Public Company Accounting Oversight Board (PCAOB) Auditing Standard 2201, and COSO 2013 Internal Control-Integrated Framework.

End-to-end SOX and MAR Compliance Services

Focal Point serves as the trusted compliance partner for many public companies across the U.S. We provide these organizations with a number of SOX Section 404 compliance services from Year One readiness to remediation assistance. We also offer C-SOX services to Canadian companies and J-SOX services to international companies with operations in North America. In addition, we frequently support our clients in the insurance industry with MAR compliance.  Focal Point's full-time, certified professionals provide specific, detailed guidance and execution through every phase of a compliance initiative, from planning to reporting.

  • Year One readiness assessment
  • Risk assessment and scoping assistance
  • Preparation of process narratives, entity-level controls documentation and IT general controls documentation
  • Key control identification
  • Preparation and review of control testing plans
  • Controls testing (i.e., walkthroughs and detailed sample testing)
  • Remediation assistance
  • Integration of compliance efforts
  • Audit committee/board updates
  • External auditor coordination


tweets by @FocalPointDR

Loading Tweets...