SOX becoming timesaver for fraud examiners

Using the new Sarbanes-Oxley documentation

By Cynthia Harrington

The new documentation required under sections 302 and 404 of the Sarbanes-Oxley Act helps fraud examiners by quickening the creation of deterrence programs and simplifying investigations.  

ALLTEL Corporation of Little Rock, Ark., according to industry experts, is one of several large companies that started early on SOX compliance and continues to improve on the basics. ALLTEL, a firm with $8 billion annual revenues, provides wireless, local telephone, long-distance, Internet and high-speed data services to more than 13 million residential and business customers in 26 states.

ALLTEL's SOX documentation tells the story of processes and controls throughout the company through explanatory risk/control matrices, flowcharts, and narratives, says the documentation's architect, Brandi Joplin, CPA, vice president of internal audit. The flowcharts provide basic information and the narratives describe
those responsible for activities and controls, specific reports utilized within an activity, and specific description of controls.

The matrices describe specific risks and controls to mitigate the risks, evaluation of each risk's likelihood and impact, and the design assessment and operating effectiveness of the internal controls.

Next on the task list, Joplin says, is to document operational processes in the same manner as the financial processes.


For full access to story, members may sign in here.

Not a member? Click here to Join Now. Or Click here to sign up for a FREE TRIAL.