Sarbanes-Oxley (SOX) Program
Purpose
To develop a formalized system of checks and balances, thereby helping protect Denomas stakeholders from fraudulant financial reporting.
Scope
As a public company Sarbanes- Oxley (SOX) regulations apply to Denomas. Denomas has adopted the COSO framework as the criteria for evaluating the effectiveness of the company’s internal control over financial reporting.
Roles and Responsibilities
| Role | Responsibility |
|---|---|
| SOX Progam Management Office (PMO) | SOX PMO consists of controllership and internal audit department to manage Denomas’ Sarbanes-Oxley (SOX) program. Responsibilities include: → Perform risk assessment and scoping to determine project scope of each reporting year → Prepare the internal control assessment plan and include timelines → Schedule process walk-throughs for each process with process/control owners → Review current and prior-year control deficiencies in order to determine the remediation status → Update process maps → Prepare control deficiency reports and follow up on remediation efforts → Meet with external auditors as necessary to provide status updates and remediation efforts of ongoing work |
| Chief Financial Officer | Executive Sponsor of the SOX program |
| Control Owners | Responsible for: → Confirming control description for controls that are assigned to them → Update SOX Internal controls page for any changes in the people, process and platform and provide edits to the SOX PMO for review within 30 days of change → Make themselves available to speak with the SOX PMO upon their request for walkthroughs, sign-offs , testing and for discussion of test results → Provide test evidence to the SOX PMO upon request. → Remediate control deficiencies |
Outputs of the SOX Program
Following outputs of SOX program will be maintained and monitored by the SOX PMO function.
- Risk Assessment and Scoping documentation
- Risk Control Matrix
- Process Flowcharts
- Control Deficiency Tracker
Last modified November 19, 2023: updated (
b8f75ed5)
