This memo documents an organization’s approach to Sarbanes-Oxley Section 404 compliance and concluding results from the annual assessment.

In this example, the organization followed the Public Company Accounting Oversight Board’s (PCAOB) recommendation and implemented the requirements of Section 404 using the Committee of Sponsoring Organization of the Treadway Commission (COSO) Framework, including the five internal control components. The organization outlines the compliance process by focusing on the following: materiality, risk assessment, process documentation, testing, IT assessment, walkthroughs, benchmarking, and evaluation of deficiencies.