Operational Risk Management

Sarbanes Oxley Compliance

Generating Enterprise Risk and Compliance Impact

More than a decade since the enactment of Sarbanes-Oxley (SOX), mature organizations have processes in place to enable compliance.

Historically SOX programs required costly manpower to be redirected away from other strategic risk management activities. However, with changes in business priorities, increasing regulatory expectations and internal cost pressures, organizations are revisiting their internal governance, risk and compliance programs to adapt to these internal and external changes.

Genpact addresses these challenges by reimagining end-to-end operations to meet SOX standards through a combination of process, analytics, and digital capabilities.


Show More

Genpact’s end-to-end SOX solution integrates and optimizes SOX compliance with operational risk and other internal control frameworks like the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and Control Objectives of Information and Related Technology (COBIT).

In addition, our solutions are based on Genpact’s Lean DigitalSM methodology that harnesses design-thinking methods, Lean principles, digital technologies and analytics, and deep domain expertise. Through this unique approach we not only improve effectiveness and provide scalability; we also bring down the cost of SOX compliance by around 40%.

Our team includes leaders with in-depth experience working with the Securities and Exchange Commission and the Public Company Accounting Oversight Board while the SOX guidelines and standards were drafted. The team includes technology experts and leaders with significant first-hand experience from many SOX engagements.

Our services include: 

  • Top-down, risk-based SOX scoping and planning support
  • Process documentation including risk-and-control matrices, flowchart , and narratives,
  • Controls design and operational effectiveness assessment
  • Entity-level controls documentation and evaluation
  • Assisting with IT general controls and application controls
  • Evaluation of spreadsheet controls
  • Deficiency assessment, remediation, and retesting support
  • Control rationalization and optimization
  • SOX program management