Share with your friends

Assess the health of your ICOFR with a SOX Health Check

Assess the health of your ICOFR with a SOX Health Check

KPMG’s SOX Health Check assesses the health and maturity of your company’s Internal Controls Over Financial Reporting (ICOFR) program and provides valuable and actionable insights on ways to advance your program. A SOX Health Check is like a physical at the doctor’s office – it diagnoses pain points and develops a prescription for better health.




Managing Director, ERM GRC Advisory Services

KPMG in the U.S.


Related content

ICOFR programs often focus on compliance, with less focus on identifying internal control efficiencies or value-add activities. With benchmarks and examples of potential benefits from KPMG, your program can be structured to better align to your strategic direction – support growth, reduce risk, reduce costs, or drive value.

Importance of ICOFR Health

Companies should not wait for symptoms to occur to seek help; they need to have regular check-ups to assess their ongoing health. It is more expensive and stressful to remediate a problem once something has gone wrong or you have had a “close call.”

A healthy, strategically-aligned ICOFR program helps to:

  • Ensure a strong 404a process.
  • Reduce the impact of control issues.
  • Avoid negative economic impacts to the company related to material weaknesses.
  • Develop stronger controls to enhance company performance.
  • Avoid erosion of Audit Committee confidence.
  • Focus on total cost of control.
  • Drive improvements and efficiencies by supporting a company culture that embraces change.

The SOX Health Check provides actionable insights to:

  • Identify opportunities to lower your total cost of control
  • Improve ICOFR governance
  • Enhance ICOFR team performance
  • Improve program efficiency

Using quantitative and qualitative criteria, the SOX Health Check considers how your company compares to others on topics such as:

  • What is the strategy for your ICOFR program?
  • How does your company manage its total cost of control?
  • Does your SOX program add value to your company and processes?
  • How effective is your ICOFR risk assessment?
  • How is technology leveraged in your ICOFR processes, and what level of automation exists in the control portfolio?
  • How does the company align with your external auditors?

KPMG’s Approach

Our professional experience and tested approach can diagnose your issues and guide you through an improvement process. We can help:

Understand key areas of focus

  • Current ICOFR program and areas of concern
  • Strategies for the company and ICOFR program
  • Prior control testing results
  • Comparisons of ICOFR program data points to reference points

Assess current state ICOFR program maturity

  • Review documentation against KPMG’s maturity continuum
  • Interview stakeholders to understand the current state andthe desired future state
  • Determine maturity of the current state

Establish future state roadmap

  • Understand the gap between current and desired state maturity
  • Identify areas of improvement
  • Develop project profiles and a calendar view of projects to help advance the program.


To learn more, please download the .pdf

Connect with us


Want to do business with KPMG?


loading image Request for proposal