Is it a good fit?

If you work on a SOx audit, directly or tangentially, then this system was designed for you.

Our flexible features accommodate companies of all sizes, whether you are just starting your SOx 404 work or already have a mature SOx program.

When it comes to SOx compliance, one size does not fit all. That's why myCM supports a variety of audit methodologies, from traditional SOx projects --staffed primarily by Internal Auditors or external consultants-- to programs where process owners are more integrated into the overall auditing effort.




Your SOx project touches multiple stakeholders across your enterprise, each with different needs and varying degrees of SOx sophistication.

So you need a system to satisfy all of them, with tailored functionality that enhances each of their activities. Below is a partial list of myCM features that do just that; categorized by the four most common SOx stakeholder groups: your Core Audit Team, Employees & Process Owners, Executive Management, and External Auditors.


For the Core Audit Team

  • Daily to-do list & alerts
  • Real-time status dashboards
  • Internal Control database
  • Universal updates to all RCMs and work papers with a single, centralized change
  • Compensating controls linkages
  • Version control tracking
  • COSO & CoBIT mapping
  • Financial statement line item integration
  • Risk assessments
  • In-scope selection tools
  • Narrative management & global updates
  • PBC List / document request automation
  • IT Systems database
  • ITGC linkage to IT Systems
  • Walk-throughs workflow
  • Test plan automation
  • Testing workflow
  • Remediation Plan automation
  • Remediation & re-test workflow
  • Deficiency assessment logic tree
  • Deficiency assessment workflow
  • SAD reporting
  • Evidence & document library
  • Certification form builder
  • Certification management
  • Query builder & reports

For Process Owners

  • Easy-to-use interface
  • Zero training for most users
  • Personalized to-do list
  • User-specific control self-assessments
  • Narrative reviews & updates
  • PBC List response workflow
  • SOD surveys
  • Optional CSA testing by process owner
  • Remediation activity workspace
  • Certification workflow
  • Rep. letter workflow
  • Alerts and reminders

For Executive Management

  • 100% visibility globally
  • Real-time status dashboards
  • Drill-down summary trees
  • Personalized 1-click reports
  • Remediation accountability reports
  • Certification workflow
  • Optional ERM integration
  • Office of the Controller surveys with operational updates & change reporting

For External Auditors

  • Remote access
  • Review of all management assertions, testing and evidence
  • Sample source & size analysis
  • Full audit trail information
  • COSO & CoBIT framework review
  • SAD Analysis
  • Certifications review
  • PBC List / document request workflow
  • Query builder & reports
  • Project export for download

And all our solutions include...

What's my ROI?

Our secure cloud model allows us to deliver all of this in a cost-effective manner. In addition, before buying myCM, we encourage you to speak to our clients who have shared with us the following ROIs:

  • Up to 80% reduction in SOx project administration
  • Up to 50% reduction in external auditor review time
  • 1/5th of the time required to run and analyze SOx reports
  • Up to 50% increase in operational audit coverage, due to SOx taking less time
  • 1-2 FTEs that could be rolled off SOx and onto other critical projects
  • 100% response rate for certifications and sub-certifications

Our clients also reported that myCM helped them reduce their backlog of un-remediated controls, and improve operational accountability at both the process owner and executive process owner levels; all while achieving their primary SOx goal of enhancing financial report accuracy for investors.

Your SOx solution is waiting.

Contact us to learn more about our Sarbanes-Oxley Compliance solution.