SOX Compliance Management
Sarbanes-Oxley (SOX) Compliance Management is a board-level priority for publicly traded companies across all industries. To comply with SOX mandates, companies typically establish an internal controls framework, guided by The Committee of Sponsoring Organizations of the Treadway Commission (COSO) and their external auditors, all in an effort to evidence effective Internal Control over Financial Reporting (ICFR). However, many times, spreadsheet-heavy processes are overlooked in this effort, but they present significant risk and cost to SOX compliance efforts.
Companies need to deploy policies, procedures and supporting technology to effectively manage and control their spreadsheets and other End User Computing Applications (EUCAs) that are critical to the SOX-related financial reporting processes. Current information suggests that policy-based or point-specific solutions are ineffective in helping to mitigate the array of risks posed by spreadsheets and other EUCAs. A better alternative is to design, configure, and deploy a holistic enterprise-level technology solution that effectively combines elements that address the demands of corporate governance, ease of use and process automation. Companies that have implemented the Apparity EUCA/Spreadsheet Management Solution have found that such an approach reduces residual risk and enhanced bottom line benefits.
Prevention or Remediation of a Material Weakness or Significant Deficiency
When an organization deploys the Apparity solution to prevent or assist in the remediation of a significant deficiency or a material weakness associated with Spreadsheets and other EUCAs, the Apparity platform provides companies with the critical tools needed to ensure the problem is appropriately addressed, and the likelihood of future audit findings are significantly reduced. The Apparity solution provides a company with the ability to:
• Define and identify spreadsheets (and other EUCAs) that present a SOX-related risk to the organization
• Maintain and evidence an accurate and up-to-date inventory of all discovered, registered and managed spreadsheets and other EUCAs
• Ensure that the spreadsheets and other EUCAs are inventoried, registered and managed as per the agreed EUCA Policies and Procedures
• Identify and persist spreadsheet and EUCA ownership, roles and responsibilities
• Monitor and report on all spreadsheet and EUCA activity
• Implement Spreadsheet and/or broader EUCA Controls
• Version Control
• Spreadsheet copy Tracking (Fingerprinting)
• Change Control
• Data Integrity Control
• Availability Control