Internal control review and SOX testing

In order to ensure our client's compliance with SOX 404, which requires the implementation and documentation of effective internal controls over financial reporting, management wanted to challenge the robustness and sustainability of its control systems over a four-batch scope. The main objectives were to assess the correct application of internal procedures in line with SOX standards, the regularity of their implementation over time, the segregation of critical tasks, and the effectiveness of corrective action plans following previous audits. The aim of this assignment is to meet the SOX requirement for transparency and reliability of financial statements.

The assignment followed the key stages recommended for SOX 404 audits: an initial document review phase identified and mapped the control systems in place, as well as the processes concerned. Interviews and sampling tests were then carried out with key players to verify the correct application of internal controls in current practices. Particular emphasis was placed on analyzing the segregation of duties and the traceability of operations. Finally, the approach included a review of corrective action plans and an assessment of their effectiveness, verifying that actions recommended during previous audits had been integrated and sustained.