SOX Compliance

In today’s regulatory climate, achieving and maintaining compliance with the Sarbanes-Oxley Act (SOX) can be difficult and time consuming. But it doesn’t have to be.
Streamlining Compliance

Streamlining SOX Compliance

Focal Point’s SOX services are designed to reduce compliance costs and efforts across all phases of your project, including risk assessments, scoping, documentation, and controls testing. Our methodology is modular in design and easily tailored to provide your business with only the services it needs. Our top-down, risk-based approach incorporates all components of a control evaluation, including entity-level controls, IT general controls (ITGCs), application controls, disclosure controls, and procedures and process-level controls.

Our Approach

Focal Point's full-time, certified professionals provide specific, detailed guidance and execution through every phase of a compliance initiative, from planning to reporting.

Phase 1

During Phase 1, we meet with your project leaders and key stakeholders to learn more about your overall business objectives and specific compliance needs. Timelines and communication plans are also established.

  • Defined Scope
  • Project Timeline
  • Status Reporting

Phase 2

We perform walkthroughs of key business processes using previous years’ documentation. Through this process, we review control activities, determine key controls, and document changes from the previous year.

  • Process Narratives
  • Documented Controls
  • Control Improvements

Phase 3

Focal Point tests key controls using generally accepted testing techniques to ensure that your external auditor can place maximum reliance on the work and related work papers we prepare.

  • Process Improvements
  • Remediation Activities
  • Draft Report

Phase 4

After finalizing testing and remediation, Focal Point provides a detailed report to your management team and external auditors, identifying any outstanding control deficiencies or material weaknesses.

  • Final Report
  • Executive Summary
  • Control Recommendations

Different from the Rest

At Focal Point, we take a different approach to managing SOX Compliance.

Compliance Expertise

Focal Point brings expertise in a variety of regulations, including HIPAA, CCPA, GLBA, PCI, and GDPR, to every audit project, helping you streamline your compliance efforts.

Industry Experience

Focal Point has supported compliance initiatives for organizations in all major industry verticals. We bring the cumulative best-practice knowledge from these projects to each new compliance engagement.

Proven Experience

Focal Point has nearly 15 years of experience helping clients build best-in-class SOX compliance programs that span geographies and technologies and adapt to change.
Featured Case Study

Leveraging IAM for Compliance

Focal Point led the implementation and integration of SailPoint IdentityIQ to help a financial services company meet its a quarterly SOX certification. The U.S.-based business has more than 12,000 users across 41 countries.

Learn More
Week Timeline
Focal Point completed this implementation in just 2 months.
The scope for this global implementation.
Global SOX Compliance

Global Compliance

Focal Point serves as the trusted compliance partner for many public companies across the U.S. We provide these organizations with a number of SOX Section 404 compliance services – from Year One readiness to remediation assistance. We also offer C-SOX services to Canadian companies and J-SOX services to international companies with operations in North America. In addition, we frequently support our clients in the insurance industry with MAR compliance.