Sarbanes Oxley 101 -- Info Guide to the Sarbanes-Oxley Act of 2002

Sarbanes Oxley Summary

Thousands of companies face the task of ensuring their accounting operations are in compliance with the Sarbanes Oxley Act. Auditing departments typically first have a comprehensive external audit by a Sarbanes-Oxley compliance specialist performed to identify areas of risk. Next, specialized software is installed that provides the "electronic paper trails" necessary to ensure Sarbanes-Oxley compliance.

The summary highlights of the most important Sarbanes-Oxley sections for compliance are listed below. Note that certification and specific public actions are now required by companies to remain in SOX compliance.

SOX Section 302 - Corporate Responsibility for Financial Reports
a) CEO and CFO must review all financial reports.
b) Financial report does not contain any misrepresentations.
c) Information in the financial report is "fairly presented".
d) CEO and CFO are responsible for the internal accounting controls.
e) CEO and CFO must report any deficiencies in internal accounting controls, or any fraud involving the management of the audit committee.
f) CEO and CFO must indicate any material changes in internal accounting controls.

SOX Section 404: Management Assessment of Internal Controls
All annual financial reports must include an Internal Control Report stating that management is responsible for an "adequate" internal control structure, and an assessment by management of the effectiveness of the control structure. Any shortcomings in these controls must also be reported. In addition, registered external auditors must attest to the accuracy of the company management’s assertion that internal accounting controls are in place, operational and effective.

SOX Section 409 - Real Time Issuer Disclosures
Companies are required to disclose on a almost real-time basis information concerning material changes in its financial condition or operations.

SOX Section 902 - Attempts & Conspiracies to Commit Fraud Offenses
It is a crime for any person to corruptly alter, destroy, mutilate, or conceal any document with the intent to impair the object's integrity or availability for use in an official proceeding.