SOX Project Plan 990
-
My company is just beginning is SOX compliance foundation work. One of the things we’re struggling with is how to develop project plan with tasks and milestone that we might be able to use for managing the working being performed. Any help or direction would be appreciated.
-
i would also be interested in seeing such a project plan.
most of the sox projects i’ve seen don’t have a project plan unfortunately. they may know of some big tasks that need to get done, however it is not being managed like a real project. dates end up slipping.
i’ve not seen a good work break down structure for sox project either.
-
My company allreday has all the process done but we don’t really know if we have to focus in all of them.
What is the real process we have to focus on (for the Certification)?
Are there main precess? main controls? Do we have to pay attention to all the activities of the Company or only to the ‘non regular activities or transactions’
-
I have created a SOX implementation plan in Ms Project with a timeline and scheduling important activities. The major activities I identified for implementation of SOX are :
- Preparing SOX documentation:
Business flows
Process flows
Imformation flows
Documentation flows for each area of business / department - Conducting a Risk Assessment:
Identifying the risks
Classification of the risks Qualitative and Quantitative risks
Quantifying the risks identifying the cash flow impact
Development of risk mitigation strategies - Finalizing the risk grades and score cards:
Discussions with the department heads
Review and assessment of the risk matrices and mitigation strategies
Finalizing the risk grades and score cards
Information Technology and automation - SOX Compliance:
Management report on internal control (u/s. 404)
Management certifications (u/s. 302)
On-going compliance and implementation of risk mitigation strategies
with the SOX champion of that department / area.
- Preparing SOX documentation: