עברית English
Compliance Auditing
Internal Auditing
SOX & ISOX Services
Royalty Auditing
IT Auditing
Services for Internal Auditing Departments
 

General       

Our approach is that the SOX process can be very beneficial to the company by improving the control mechanisms in connection with the processes that have an impact on the financial statements, as well as by improving the overall control environment of the organization.

Our firm has been rendering SOX (article 404) services since 2004 (the year in which the Sarbanes Oxley Act went into effect) to companies traded in the U.S., and ISOX services to companies traded on the Tel Aviv Stock Exchange. In rendering these services, the firm incorporates the expertise of its employees in the areas of accounting, internal auditing and information systems auditing which provides the capability of analyzing accounting and operational processes, identification of control faults in manual and automated processes, and providing operational recommendations for the improvement of internal control mechanisms. Among our clients in this area are ClickSoftware (NASDAQ:CKSW), DSPG (NASDAQ:DSPG), DSP Ceva (NASDAQ:CEVA), Sapiens(NASDAQ & TASE :SPNS), Commtouch (NASDAQ:CTCH), LivePerson (NASDAQ:LPSN),Magic Software Industries (NASDAQ:MGIC), Attunity (NASDAQ:ATTUF), BluePhoenix (NASDAQ: BPHX), Formula(TASE: FVT) and RadView (NASDAQ:RDVWF (.SOX and ISOX services are rendered in accordance with the law that is relevant to the client being audited and in accordance with generally accepted principles. In performing the audit, we utilize, when necessary, advanced auditing techniques, including computerized audit tools. In our opinion, the combination of experience in internal and information systems auditing and information systems analysis grants the audit we perform added value, to the benefit of the audited organization.

Audit process

Determining the scope of the audit

On the basis of an analysis of the financial statements, conducting interviews with the relevant parties at the client, and obtaining additional material, we are able to identify the material accounts and the processes that impact these accounts, as well as the sites that are relative to SOX-related work. In addition, we will perform a risk assessment in order to determine the risk level of the accounts and the processes. The results of this stage of the work constitute the de facto work framework necessary for the SOX project.


 

Documentation of the process and controls

• We document the major processes and sub-processes which have a material impact on the financial statements.

• The documentation of each process includes a verbal description, flowcharts and a table that maps the controls.

• Control problems may already arise in the documentation phase, such as the absence of controls or controls that were not designed adequately enough to achieve their desired goals. These problems will surface in the documentation stage, providing us with the opportunity to improve them as early as possible in the process.

Testing the effectiveness of the controls

This phase includes:

• Testing for the existence of gaps between the controls set out by management and the actual implementation of the controls. These tests address only those controls that passed the previous stage since there is no reason to test controls that were found to be unsuitable.

• Preparation of a document that describes the tests that were performed, the results thereof and recommendations for improvement.

Re-testing    

On the event that control problems are identified, we will, at the request of the Company, retest the controls that have been remedied by the company.