Sarbanes-Oxley Compliance (SOX)

Leading experts in SOX Compliance. It’s what we do every day.

We have served hundreds of clients with their SOX compliance needs that range from programme builds to turn-key execution, to rationalisation and transformation.

Protiviti has been a long standing and recognised global thought leader in Sarbanes-Oxley (SOX) and Committee of Sponsoring Organisations (COSO) compliance. Our publications, benchmarking studies and global seminars are widely recognised in the marketplace and continually provide the latest regulatory and industry trends. Our clients benefit by having access to leaders with deep industry and subject matter expertise for whom SOX compliance is a principal focus.


September 12, 2023

The Evolution of SOX: Tech Adoption and Cost Focus Amid Business Changes, Cyber and ESG Mandates

Protiviti’s annual Sarbanes-Oxley Compliance Survey provides detailed benchmarks for compliance costs and hours, while quantifying the impact of technology, automation and changing business conditions on these measures and activities....

Sarbanes-Oxley (SOX)

Pro Briefcase

Public Company Readiness – Year One SOX

Establish a roadmap to comply with SOX 404 by right sizing your SOX programme and infusing leading practises to build an effective, efficient, and sustainable control framework and programme.

Pro Building office

SOX Diagnostic

Assess your SOX compliance programme to rationalise your controls and validate your overall approach. Our diagnostic services build upon years of SOX compliance activities and the application of SEC and PCAOB guidance.

Pro Document Consent

Ongoing SOX Compliance

Assess the effectiveness of your SOX programme to ensure it adjusts to the changing needs of your organisation. Conduct training and awareness for executives, process, and control owners. Establish a controls-mindset in the organisation.

Pro Document Stack


Understand how technology impacts your control environment and identify optimisation opportunities by evaluating control design and operating effectiveness of application and IT general controls, as well as the impact of major technology projects (e.g., ERP implementations).

Pro Rightmark Square

SOX Transformation & Innovation

Test faster and more accurately by levering our testing accelerators, proprietary data-driven control testing tools, and Control Testing and Innovation Centre services, as well as our network of global delivery centres.


Efficiency. Effectiveness. Sustainability.

Our approach

Protiviti assists companies in designing SOX programmes that deliver upon compliance objectives, without putting undue strain on the organisation. We are experts and have years of proven SOX experience, working with organisations ranging from newly public to the largest global organisations. Our global network of SOX specialists continually monitors developments and changes within the landscape. Protiviti's approach:

  • Risk Assessment, Scoping & Project Management
  • Walkthrough & Control Design Assessment
  • Testing of Operating Effectiveness
  • Aggregation & Evaluation of Deficiencies
  • Monitoring and Validation of Remediation Activities
  • Reporting of Results to Management
  • External Auditor Liaison

Efficiency. Effectiveness. Sustainability.


Mark Peters
Mark is Managing Director in the London office in the UK. Mark leads the Internal Audit & Financial Advisory Practice in the UK. He has over 25 years of business, technology and operational risk consulting experience gained from serving a variety of companies ...
Esther Delgado
Esther is a Managing Director specialising in the provision of risk management, internal controls and assurance. She has assisted a number of organisations with their risk management and internal audit offering, including organisations across diverse industries. Prior ...
Sukhdev Bal
Sukhdev is a Managing Director within the London office Internal Audit and Financial Control practice. His combination of industry and consulting experience has enabled him to provide balanced and practical value added solutions to his clients’ problems. He has in ...

Key partners

We partner with leading software companies to provide direction and deliver an automated testing approach with speed and convenience.

Case Studies

As internal audit organisations look for effective ways to perform their work in a more agile manner, including how to leverage methodologies, data and technology to add value and become strategic advisers to their business partners, many are finding that the use of robotic process automation (RPA) checks a lot of boxes.

RPA integration into internal audit functions is expanding and improving productivity across many different sectors. In a recent successful engagement, Protiviti was retained by the internal audit team of a Fortune 500 organisation to help automate functions within their department. The objective was to use RPA to reduce manual effort, improve testing coverage and increase the reliability of Sarbanes-Oxley (SOX)-related IT controls testing.

The engagement team reviewed the SOX IT controls library to identify controls that would be best suited for automation. The goal of the exercise was to find automation candidates that would yield higher value with relatively low effort. The controls were evaluated and categorised according to value or potential benefits (e.g., time savings, enhanced risk monitoring) and automation complexity (e.g., system dependencies that could make the automation process difficult).