Transcription
SOX 404 Compliance ProjectFinancial Reporting
ABOUT ACC GROUPThe ACC Group generates and handles assignments for medium size companies inthe areas of Audit, Controlling and Compliance.All Consultants have extensive Audit & Compliance experience.Extensive US GAAP and SOX knowledge.Hands on approach.Strong experience on operational and management level of Start Ups (seeReferences).Strong international background, excellent English proficiency.2
SOX 404 COMPLIANCERisk Assessment, Scoping, Process and PO selectionInterviews PO sNarratives, predefined structure in English and German language including SODMatrixDetermine Non Key and Key ControlsDetermine and Remediation of GAPsWalkthrough of all Controls including documentation (English)3
SOX COMPLIANCEConsolidation of risks, controls, GAPs and Walkthrough results in a RCM (English)Weekly Progress Report4
METHOTOLOGYSOX teGAPsTesting ofControls5
PROCESSESProcess Documentation StructureOverview of Processes and Sub Processes in scopeIdentify RisksProcess NarrativeControl Classification (Key and Non Key) andDescriptionSOD (Segregation of Duties) MatrixComprehensive Risk Control Matrix (RCM)GAP Analysis and Remediation6
PROCESSESSample of ProcessesFinancial Close (FC)Order to Cash (OTC)Purchase to Pay (PTP)Information Technology (IT)Fixed Assets (FA)Production Process (PP)Inventory (INV)Human Resources (HR)Tax (TAX)Intercompany Transaction(IC)7
Processes in ScopeSummary of Processes & Progress (Part 1)8
Processes in ScopeSummary of Processes & Progress (Part 2)9
Financial Statement Closing ProcessSample Narrative FSCPMain Process01 Financial Closing & Reporting / FSCPSub-processSub-process IDManage Close Schedule, Prepare and Approve Required Journal Entries and Reconcile and/or AnalyzeAccounts01 FSCP 01Process Owner (s)HeadAccControls0101, 0102, 0103,0104, 0105, 0106, 0107, 0108, 0109, 0110, 0111Systems involvedSAP – Used to record all transactionsSoftware Package "Upstream"Hyperion, Smart ViewCritical Reports andsignificant Spread sheetsPECL Period End Closing Check ListMicrosoft Excel (Transition) – Used for transition from German GAAP to US GAAPUpstream Bridge (XLS)Overview Key figures (XLS)Monthly Financial Review ChecklistWork Instruction ReferencesUS Corporation Due Dates, Period End Closing Check ListAccounting Manual: “HQ Accounting Procedures”Corporation Check Report, Validation Report Forecast,Master Data Change Report10
PROCESS NARRATIVEExample1. PurposeThe purpose of this memorandum is to document the sub-process and identifyrisks and key controls surrounding the Manage Close Schedule at Trumpf(referred to herein as the “Company”, “Trumpf”, “we”, “us” or “our”).Finally, a SOD matrix documents the Segregation of Duties situationconcerning this sub process.2. Process OverviewThe General Ledger (GL) Close sub-process documents the procedures andcontrols relating to the period end close process. Key components of thisprocess include:Ø Journal Entry ReviewØ ReconciliationsØ Period end close3. Risks IdentifiedThe GL Close sub-process is documented to address the following potentialFinancial Statements risks:Ø Ø Ø Ø Ø Not all required journal entries are posted.Inaccurate or improper journal entries are posted.Balance sheet and P/L accounts are not reconciled and/or analyzed.Account reconciliations are not reviewed.Necessary accruals are not identified and recorded.4. Process Narrative11
SEGREGATION OF XXXXXXScoped out12
TENTATIVE TIME STRUCTUREOverviewSTAGE ISTAGE II[10 man days][4 man days*] Risk Analysis Determine POs Set up Documentation Structure Process Documentation in English andGerman* Process incl. integration in the English RCMSTAGE IIISTAGE IV[0,25 man days*][0,5 man days*] Walkthrough of Controls Determine and Remediate GAPs* GAP incl. integration in the RCM* incl. documentation in English13
SOX REFERENCES14
Thank you for your kind attention.
SOX 404 COMPLIANCE Risk Assessment, Scoping, Process and PO selection Interviews PO s Narratives, predefined structure in English and German language including SOD- Matrix Determine Non Key and Key Controls Determine and Remediation of GAPs Walkthrough of all Controls including documentation (English) 3. Consolidation of risks, controls, GAPs and Walkthrough results in a RCM
