6. Couple of basic questions on the Sarbanes-Oxley Act 2003

Couple of basic questions on the Sarbanes-Oxley Act 2003

  • S

    The first sentence of this site says ‘The Sarbanes-Oxley Act of 2002 is mandatory. ALL organizations, large and small, MUST comply.’
    With all organizations, does this page mean all organizations or all organizations with the following requirements:
    Listed at the New York Stock Exchange or belonging to such an organization
    A market capitalization of USD75 million
    Any organization that audits said listed organization
    Did I miss any requirements?
    And as for the large and small, is there a certain deadline where those organizations must comply with SOx? I get the idea that mostly larger organizations have complied with SOx while the smalller ones are ‘lagging’ behind. Mainly due to the implementation costs of SOx. Been using the search function but it’s a bit confusing with overseas/foreign and extending deadlines etc.
    As for abbreviation issues, is it OK to refer to it as SOx, SOX, SOA (this one is conflicting with at least 2 definitions actually) or Sarbox/SarbOx?
    Thank you for the help in advance,
    Seiruu
    Edit 1: Thank God you can edit the topic title, it would have been quite embarrassing for me otherwise 😛

    0
  • H

    Hi Seiruu and welcome to the forums 🙂 I’m more on the IT side, so I’ll share links rather than specific advice, as it’s important to thoroughly research compliancy requirements specifically for your company in detail.
    The following links might be helpful in delinating requirements between large and small company compliance criteria:
    Direct URL links in the forums aren’t allowed, and please copy and paste these to your browser:
    General Internet Search - Several good links here
    Please paste to browser and add www
    google.com/search?hl=en-and-q=which companies need to comply with Sarbanes-Oxley
    Wikipedia - Excellent Resource
    Please paste to browser and DO NOT add www
    en.wikipedia.org/wiki/Sarbanes-Oxley_Act
    Official SEC rules
    Please paste to browser and add www
    sec.gov/rules/final/33-8238.htm
    Official SEC rules - Section ‘H’ discusses company requirements
    Please paste to browser and add www
    sec.gov/rules/final/33-8238.htm#iih
    SOX 101 site - One of favorites for easy to understand explainations
    sarbanes-oxley-101.com/sarbanes-oxley-faq.htm
    What companies need to comply with Sarbanes-Oxley?
    All publicly-traded companies in the United States, including all wholly-owned subsidiaries, and all publicly-traded non-US companies doing in business in the US are effected. In addition, any private companies that are preparing for their initial public offering (IPO) may also need to comply with certain provisions of Sarbanes-Oxley.
    When did Sarbanes-Oxley compliance take effect?
    All parts of the Sarbanes-Oxley Act with the exception of Section 409 are effective now. For Section 404, public companies with a market capitalization over US USD75 million needed to have their financial reporting frameworks operational for their first fiscal year-end report after November 15, 2006, then for all quarterly reports thereafter. For smaller companies, compliance is required for the first fiscal year-end financial report, then for all subsequent quarterly financial reports after July 15, 2006

    0
  • S

    Thank you very much, I will look into them. Especially the FAQ 101 thing was new to me. It’s not entirely up to date I think, as I did read a recent article on SEC pushing the deadline for small businesses back to middle 2007? Something like that anyway.
    Also, I was wondering if there are any widely recognized/established ‘Best Practices’ for SOX compliance for bigger and smaller organizations?

    0
  • H

    … FAQ 101 thing was new to me. It’s not entirely up to date I think, as I did read a recent article on SEC pushing the deadline for small businesses back to middle 2007? Something like that anyway
    Yes - The FAQs may need some updating, as I saw on the SOX 101 news site more info related to smaller companies.
    SOX 101 - News site
    Please paste to browser and add www
    sarbanes-oxley-101.com/sarbanes-oxley-news.php
    Small Companies Play the Sarbanes-Oxley Waiting Game
    No www needed - please paste to browser
    prweb.com/releases/2007/3/prweb513381.htm
    … if there are any widely recognized/established ‘Best Practices’ for SOX compliance for bigger and smaller organizations?
    Many audit firms use COSO and COBIT as ‘measurements’ for SOX compliancy. COBIT 4.0 as a framework for IT standards (SOX 404) and COSO for the financial controls framework.
    What is SOX, COSO, and COBIT?
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=1516
    Free COBIT 4.0 PDF
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=1920

    0
Log in to reply