Sarbanes-Oxley Act (SOX) glossary

A

appropriate state regulatory authority

A state-level agency responsible for overseeing specific aspects of compliance and enforcement, particularly in the regulation of accounting professionals

audit

An examination of financial information by an independent accounting firm to express opinions on it

audit committee

A subset of a company's board of directors that is responsible for overseeing the financial reporting process, the audit process, internal controls, and compliance with laws and regulations

audit report

A formal document containing a company's financial statements and disclosures, usually prepared after the audit process

audit trail

A history of events and activities that provides documentary evidence of the sequence of transactions or changes that occurred within a system or process

B

board

This term refers to the Public Company Accounting Oversight Board (PCAOB) that was established according to Section 101 of SOX

C

chief compliance officer (CCO)

An individual responsible for overseeing and managing compliance within an organization, ensuring adherence to laws, regulations, and internal policies

chief executive officer (CEO)

An individual who is the public face of a company and is also responsible for certifying the accuracy of the company's financial statements

chief financial officer (CFO)

An individual responsible for managing the financial actions of a company, including financial planning, risk management, and recordkeeping

code of ethics

A set of principles and rules used by companies to guide the behavior of their employees and management, particularly regarding financial practices

commission

This term refers to the Securities and Exchange Commission (SEC)

compliance

The act of adhering to the requirements, laws, and guidelines set forth by a regulatory body

compliance audit

An audit that examines if a company adheres to the applicable laws, standards, and internal policies

compliance risk

A risk, such as legal fines or a loss of business, associated with a failure to adhere to laws, regulations, and standards

Comptroller General of the United States

The director of the Government Accountability Office (GAO), an independent, nonpartisan agency that works for the US Congress; they are responsible for auditing and evaluating the financial activities and performance of the federal government

COSO Framework

The model for evaluating internal controls that was established by the Committee of Sponsoring Organizations (COSO) of the Treadway Commission and is widely adopted for SOX compliance

F

financial disclosure

The act of providing information on the financial status and operations of a company, including financial statements and accompanying notes

financial expert

A member of an audit committee who has an understanding of generally accepted accounting principles and financial statements, experience in preparing or auditing financial statements, and an understanding of internal controls and procedures for financial reporting

financial report

A formal record of a company's financial activities and statements, such as the balance sheet, income statement, and cash flow statement;it may also include notes, summaries, and explanations of the financial data

Form 8-K

A report filed with the SEC to announce major events that shareholders should know about, including acquisitions, changes in executive management, and other significant events

Form 11-K

An annual report of employee stock purchases, savings, and similar plans that must be filed with the SEC

fraud

Intentional deception made for personal gain or to damage another individual or entity, which SOX aims to combat through stricter regulations and oversight

G

Generally accepted accounting principles (GAAP)

A set of accounting standards used in the preparation of financial statements to ensure transparency

Government Accountability Office (GAO)

An independent, nonpartisan agency that works for the US Congress

Gramm-Leach-Bliley Act (GLBA)

The US federal law enacted in 1999 that allows financial institutions to consolidate and offer a combination of banking, securities, and insurance services

I

Internal controls

The measures implemented by organizations to ensure the integrity of financial and accounting information, promote accountability, and prevent fraud

issuer

A legal entity that develops, registers, and sells securities to finance its operations

M

Material weakness

A significant deficiency, or a combination of deficiencies, in internal controls over financial reporting such that there is a reasonable possibility that a material misstatement will not be prevented or detected on a timely basis

N

non-audit services

Services provided by an auditor that are not related to the auditing of financial statements and are restricted under SOX, such as consulting or advisory services

P

professional standards

Guidelines, principles, and rules that govern the conduct, practices, and performance of professionals within a specific field or industry; these standards are established by authoritative bodies and are designed to ensure consistency, quality, integrity, and accountability

public accounting firm

A professional services firm that provides accounting, auditing, tax, and consulting services for businesses, organizations, governments, and individuals

Public Company Accounting Oversight Board (PCAOB)

The nonprofit corporation established by SOX to oversee the audits of public companies in order to protect investors and the public interest by promoting informative, accurate, independent audit reports

public interest

The welfare or well-being of the general public, often referenced in the context of legislative measures designed to protect investors and the public

Q

quarterly report (Form 10-Q)

A report that is filed quarterly by publicly traded companies with the SEC and that contains unaudited financial statements and other important disclosures

R

registered public accounting firm

A public accounting firm registered with the PCAOB in accordance with SOX

risk assessment

The process of identifying and analyzing potential issues that could negatively impact key business initiatives or projects

S

Section 302

The section of SOX that mandates that senior corporate officers personally certify the accuracy of financial statements and disclosures

Section 404

The section of SOX requiring reports on the adequacy of the company's internal controls over financial reporting

Section 906

The section of SOX that certifies the accuracy of financial statements and imposes criminal penalties for noncompliance

Securities and Exchange Commission (SEC)

The US federal agency responsible for enforcing federal securities laws and regulating the securities industry

separation of duties (SoD)

A key internal control intended to prevent fraud and errors by ensuring that no single individual has control over all aspects of a financial transaction

W

whistleblower

An individual who reports misconduct, illegal activities, or violations of laws and regulations within an organization

whistleblower protection

A provision under SOX that protects employees who report fraudulent activities from retaliation by their employers