The Sarbanes-Oxley Act of 2002 is mandatory. ALL organizations, large and small, MUST comply.
This website is intended to assist and guide. It provides information, and identifies resources, to help ensure successful audit, and management. Whether you are entirely new to the Sarbanes-Oxley legislation, or whether you have an established strategy, this portal should hopefully prove to be of substantial value
The legislation came into force in 2002 and introduced major changes to the regulation of financial practice and corporate governance. Named after Senator Paul Sarbanes and Representative Michael Oxley, who were its main architects, it also set a number of deadlines for compliance.
The Sarbanes-Oxley Act is arranged into eleven titles. As far as compliance is concerned, the most important sections within these are often considered to be 302, 401, 404, 409, 802 and 906.
An over-arching public company accounting board was also established by the act, which was introduced amidst a host of publicity.
Compliance with the legislation need not be a daunting task. Like every other regulatory requirement, it should be addressed methodically, via proper analysis and study.
Also like other regulatory requirements, some sections of the act are more pertinent to compliance than others. To assist those seeking to meet the demands of this act, the following pages cover the key Sarbanes-Oxley sections:
Having studied the above pages, even if you are considering using an external consultant or legal expert, it is well worth taking some basic steps to enhance your position immediately. This not only demonstrates due diligence, but may well reduce the consultancy costs themselves.
One area that perhaps falls into the category is security. In many respects security underpins the requirements of the Sarbanes-Oxley Act. It is therefore important to quickly establish a credible and detailed security policy, which can often be done readily via off the shelf packages.
Finally, perhaps the most important statement on the entire web site: don't put off until tomorrow what can be done today! With other legislation and regulation we have seen far too often organizations leave compliance until the last few days, and subsequently suffer adverse consequences.