SOX-404 Compliance Services

Arsenal Security Group’s SOX-404 Compliance Services are designed to provide your business with assistance in understanding SOX, assessing your progress, and helping you determine your IT controls requirements. Click here to pdf brochure.

	The Quick Read Understand current state of compliance with SOX requirements Assess progress of your company’s effort to successfully achieve SOX Compliance Leveraging an industry leading compliance management solution to ensure consistency and accuracy Click Here to download SOX-404 Compliance Services (pdf)

Who Needs a SOX-404 Compliance Services?

	Publicly-owned corporations must comply with Sarbanes-Oxley Act (SOX) of July 2002.
	Companies that private and are considering going public should prepare early for SOX compliance requirements.
	Companies wishing to demonstrate due diligence in their IT controls and management processes may want to understand their level of compliance with SOX sections 404, 802, 1102, 409 and 302.

What is SOX-404 Compliance Services?

Arsenal Security Group’s SOX-404 Compliance Services are designed to provide your business with assistance in understanding SOX, assessing your progress, and helping you determine your IT controls requirements.

Arsenal has partnered with an industry leader in compliance assessment, using the latest in compliance management software, Arsenal consultants can quickly assess your current state of compliance and provide you with clear concise recommendation to achieve compliance.

	Mapping of IT Controls		Use of standard frameworks; COSO and COBIT
	Increased accountability		Understanding of controls
	Collection of evidence of controls implementation		Documentation for information monitoring, collection, retention, and disclosure of controls as required by SOX

SOX-404 Compliance Services Engagement Process and Deliverables

After an initial call, the Arsenal Security Group Senior Information Security Professional will prepare a statement of work within 2 days and we normally can begin an engagement within two weeks. During the engagement we will use interviews, questionnaires, physical tours and technical tools to develop our assessment. We usually use 1-2 consultants in tandem with our Senior Information Security Professional to complete an engagement. We will provide an executive summary, a detailed report with all of our findings and recommendations, and a final onsite presentation. Our engagement is not complete until all of our deliverables have been reviewed and accepted by our client.

About Arsenal Security Group
Arsenal Security Group is a security consulting firm that is focused on close client coordination and collaboration. From the initial meeting through the final presentation, one of Arsenal Security Group’s Senior Information Security Professionals will be the primary contact for all engagement activities. We proactively conduct weekly calls with our client when engaged and meet with clients on a quarterly basis to review and understand their security posture – even when we are not actively engaged on assignment to ensure they are aware of new security risks or regulatory changes they may impact their business.