 |
| |
 |
| |
 |
| |
 |
Continuity Planning, there are three sections (302, 404 & 409) that would require publicly held
companies to do “due diligence” to protect the future viability of their business.
Section 302 – requires CEO/CFO on a quarterly basis to sign off on the financial report and
attest to their accuracy. There must also be effective internal controls to ensure that the
financial results are accurate. These procedures and methods must be audited (independently)
90 days prior to the report being submitted. Any changes to the internal controls must be
reported.
Section 404 – requires auditors on an annual basis to sign off on the CEO/CFO financial
assessment attestation. This implies a full audit on controls and an audit of the "CXO" audit
process. Business Recovery is interpreted under the “Internal Controls” heading as
Backups/DR/Security. In order to validate these controls, DR plan testing on an annual basis
would prove compliance.
Section 409 – requires real-time financial information availability. The excuse that a disaster
has made the information unavailable may not be enough to avoid further legal action or
financial penalties.
We are privately held – should we be concerned? The answer is Yes! If you do business with
publicly held companies, it may be their business requirement that you be in compliance! You
may be considering going public. Your Board of Directors may require accountability to
protect their investment.
It may simply be good business to protect yourselves!
Click here for a complete copy of the Sarbanes/Oxley Act of 2002
Whether you require help with Compliance, Planning, Business Impact Analysis
or Education we are able to help you with all of your
Disaster Recovery/Business Continuity needs.
Information
Contact Us At:
972.814.6772
or
800.550.4180
Email Us At:
Inquiries@180cc.com
180cc
17663 ACR 404
Palestine, TX 75803
CONSULTANTS