Home page About us Our Products Careers Contact us
Contrak SOX Compliance
Pain points of SOX Compliance
Do you need SOX Compliance Application
THE ConTrak SOX Compliance Solution

Please click on the links below to learn more about Contrak SOX Compliance Solution...
 Why your company needs Contrak SOX Solution
 Ease of Use and General Set up

 The ConTrak SOX Compliance application is designed to make setting up your SOX Compliance Plan an easy and intuitive process. You first define the basic building blocks of your plan like the Organization, the various members, the member types, the different business units, the Compliance Document Types and the Deficiency Types.

Once you have this foundation built, you start defining the main points of your Compliance Plan. The application logically divides the tracking and compliance procedures into groupings known as Entities. The Entities are:

  • Accounts – this section allows you to record what areas of the business must meet SOX requirements.
  • Objectives – this entity allows you to record your company’s objectives to meet the SOX requirements.
  • Risks – this entity allows you to identify the risks in each specific business area.
  • Controls – this entity allows you to record what controls are in place to show that the risks have been mitigated.

Once you have set up the basics and the main components of your Compliance Plan, you can define Initiatives to make your Financial Statement Assertions. Initiatives allow you to associate high-level processes and then define more specific sub-processes underneath. You can link multiple assertions to each sub-process and assign multiple COSO Objectives to address each assertion and include a signoff throughout the entire process.

 Sign Off

 The ConTrak SOX Compliance application allows you to set required signoffs for many different actions in the system and it allows you to assign multiple people to a Control, Process or Activity and require multiple signoffs before it passes. Sign off can only be entered by the person assigned to the action as well as to the upper level Controls. Sign off for a Control cannot be performed until all Control Tests have been completed and signed off on.


Building your Sox Plan

Let’s take a more detailed look at the different sections of the ConTrak SOX Compliance application and how they are used to meet the requirements of SOX Compliance.

Entities

Accounts

The accounts entity is designed to allow companies to designate high-level areas that must meet SOX requirements and then to subdivide these areas into more manageable blocks that will then be associated with risks, objectives and controls as you continue setting up your Compliance Plan.

Each accounting area from your balance sheet can be defined as an account and then multiple sub accounts can be associated to each Major account.


Objectives

The Objectives section allows you to list all of the objectives you must meet to satisfy all areas of risk. First, you decide on the risks that will be addressed for the SOX audit and then enter the objectives in this section that you must then demonstrate to the SOX auditors.



When defining your objectives, each of them must also be associated with an Objective Type that refers directly back to the Accounts defined earlier. This association will aid in tracking requirements and demonstrating compliance. For ease of viewing and organizing, you can filter the objectives by clicking the Objective type shown on the left side of the screen.

Risks

The Risks entity allows you to list all of the risks associated to the accounts defined in the accounts section. After defining the risk, you can associate an objective for demonstrating that the risk will be mitigated.



You should now be seeing how each entity allows you to segregate large amounts of information into more manageable parts and tie those parts together to meet your SOX requirements. You should also start seeing the relationship between the Risks we just defined, the objectives defined earlier and, finally, how the accounts we created are associated to both the objectives and the risks.

Controls

The Controls entity allows you to tie together all of the previously defined data in logical groupings to demonstrate that all risks are addressed and mitigated. Once you define a control, you associate objectives and the corresponding risks to the control; define a test plan; and create the specific Control Test. Creating the Control Test consists of assigning the test to an individual in the organization and allowing them to upload test results documentation; record any deficiencies and any remediation plans; track notifications related to the Control test; and if the test fails, the system automatically creates the retest section where you can record your subsequent test results.


 
Assertions

Define an Initiative


Once you set up all the necessary components to build a SOX compliance program and define the necessary signoff requirements, you need to make assertions from the company’s financial statements and decide what COSO Objectives will address them. Addressing financial statement assertions to comply with a SOX audit in ConTrak’s Sox Compliance application is done by creating Initiatives. Initiatives allow you to associate high-level processes and then define more specific sub-processes underneath.



You can link multiple assertions to each sub-process underneath the associated processes. Once assertions are linked to a sub-process, you can assign multiple COSO Objectives to address each assertion and include a signoff throughout the entire process. As you will see throughout the assertion process, you can view the status, the associated control, the sub-process description and any changes made this period, the Assertion and the COSO Objectives assigned to address the assertion.


Initiative Reports



You can run the Objective Report to view a listing of the Company Objective Documentation Report. This report shows you the list of Objectives and the associated Control, any Tests assigned and any Deficiencies noted, the Account/Risk, COSO Objective, the assertion and any Remediation, changes made this period, any planned changes and the signoff status.



You can also run Outstanding Reports and view the portions that have not been signed off on for the initiative. You can view the Outstanding listing for Controls, for Sub-Processes, for Processes and for Assertions.



Initiative Audit Program

You can create an Audit Program that applies to an initiative and you can associate the related Processes and sub-processes. You can also add any Steps necessary for actions to be performed for the Audit.

 Reporting functionality of the ConTrak SOX Compliance application


The ConTrak SOX Compliance application provides robust functionality to ensure that your corporation meets the minimum requirements for SOX compliance. The application also provides excellent reporting capabilities. The main reporting page segregates the reports by topics similar to the entities discussed early on.




  • In the Account section we have: The account listing that allows users to view accounts and the associated processes and signoffs.
  • The sub-account Process listing that allows users to view sub-account process activities.
  • The sub-account Assertion listing that allows users to view sub-account Assertions and COSO Objective Activities.
  • In the Objective section we have: The objective/risk/control listing that allows users to view a list of objectives, associated risks and controls for each SOX compliance initiative.
  • The company documentation listing that allows users to view a company document report of objectives.
  • In the Process section we have: The process listing that allows users to view a list of processes, associated sub-processes and signoffs.
  • In the Risk section we have: The risk assessment listing that allows users to view a report of risks and associated controls. The risk objective listing that allows users to view a report of risks and associated objectives.
  • In the Control section we have: The control assertion/COSO Objective listing that allows users to view a report of control assertions and COSO Objectives. The control/risk/objective listing that allows users to view a report of controls, objectives and risks.
  • In the Auditing section we have: The audit listing that allows users to view a report showing all of the active audit programs.

All reports allow you to drill down to corresponding supporting data that provides a more granular level of detail. This allows you to know right where you stand at any given time without having to search around for the control owner to get an update.

Install Options

The ConTrak SOX Compliance application is unique in that you can purchase it as a stand-alone software application and host the services within your firewall or you can purchase it as an ASP model and reduce the headaches of maintaining an application in-house.

If you host the application within your own environment, you can alleviate any internal concerns about security and data integrity. The ASP model provides for a monthly maintenance schedule as well as seamless upgrades and telephone support available from Object Module Inc.

Another unique option with the application is that you can purchase only the parts you need and do not have to acquire the entire application before you are able to utilize it. ConTrak SOX is scalable to fit a variety of situations and is robust enough to handle large as well as small scale applications.



The application provides a secure connection using 128-bit encryption. It is built on Microsoft Sequel technologies and is easily integrated with other applications. Object Module, Inc provides complete implementation, training and support services and will customize them to fit your needs.

 Are you looking for a SOX Compliance application that is scalable to meet the unique needs of most companies?

Are you looking for more control and workflow management to increase oversight and define controls making it difficult for employees to circumvent?

Do you need a tool that provides visibility into the control environment and control activities and provides individual accountability and Role-Based Access Control that is appropriate to individual responsibilities?

Would you be interested in a tool that enables rapid, consistent, real-time and reliable reporting as well as facilitates management of controls for individual business units, subsidiaries as well as the entire enterprise?

And finally, do you need a SOX compliance application that generates an audit trail of all compliance activities managed through the system including version control, rollback and historical function for a complete record of control changes?

Whether you are a small public business or a large public corporation, ConTrak SOX Compliance and Document Management System provides you with an affordable software application to help you comply with the Sarbanes-Oxley Act of 2002.


Call us for more Information

For more information on how the ConTrak SOX Compliance and Document Management System can provide the necessary compliance tools for your company, contact us today.


Home | About us | Our Products | Careers | Contact us | © 2006 OBJECT MODULE, INC. All rights reserved.