unit logo

Sarbanes-Oxley Compliance

Knowledge of the Sarbanes-Oxley Act (SOX) and ability to implement business processes required to ensure compliance with its tenets.

Behavior Statements

Proficiency Level 1 - Basic understanding

Describes the parts of SOX legislation that are applicable to the organization's business.

Identifies the types of penalties that can be imposed on the organization for failure to comply.

Explains the potential business risks if SOX-related processes are not adopted.

Locates resources that can help managers understand the SOX requirements.

Proficiency Level 2 - Working experience

Differentiates among the various sections of SOX from a business perspective.

Participates on a project team tasked with reviewing existing internal controls.

Recommends changes to internal controls to meet SOX requirements.

Assists in developing internal control reports to be provided to external auditors.

Tests and evaluates internal controls versus SOX requirements.

Proficiency Level 3 - Extensive experience

Directs implementation of changes to internal controls in light of SOX requirements.

Demonstrates internal controls and proves that they are fully SOX-compliant.

Manages outside consultants brought in to evaluate and enhance internal controls.

Coordinates and facilitates the work of external auditors in evaluating internal controls.

Evaluates and enhances required documentation.

Implements action plans for testing and evaluating entity-level controls.

Proficiency Level 4 - Subject matter depth and breadth

Coaches senior management about how and why to ensure SOX compliance.

Maintains awareness of emerging issues and best practices related to SOX.

Evaluates design and implementation of SOX-specific automated compliance tools.

Designs tools for monitoring controls at entity, process, application and transaction levels.

Develops communication programs to help employees understand their role in SOX compliance.

Speaks at industry-level conferences on the implications of SOX to the industry as a whole.

Interview Questions

  • Tell me about internal controls or SOX -related projects you were involved in as a part of your previous position(s).
  • How did you communicate with the internal and external auditors, consultants, senior managers or others for internal SOX projects you were involved in?
  • How did you minimize the impact of SOX or related legislation changes on your function or department?
  • How did you ensure that all members of your organization were following consistent standards to ensure SOX compliance?
  • How did you deal with any resistance to the implementation of organizational SOX compliance?

Titles with Shared Competencies