<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2822441&amp;fmt=gif">

Enterprise Compliance Engine

Proactive compliance strategy and regulatory change management in real time. Learn more >



Latest Case Study

Formula One: Feedback management solution​ improves car reliability during Formula 1 World​ Championship​

A No-Code Solution

At Decision Focus, our no-code solution allows users to adapt and modify fields and functionality within the application whilst hiding what happens behind the scenes, making our platform easily configurable to meet your exact needs.

Want to Know more?

At Decision Focus we deliver a GRC solutions customised to your needs - all in one SaaS platform.

Our support team is ready to help your organisation get started with Decision Focus.

Our Clients

decision focus company logo mono06
decision focus company logo mono04 (1)
decision focus company logo mono05-1-1
decision focus company logo mono07 (1)
decision focus company logo mono01
decision focus company logo mono03

Planning and Scoping

Planning and Scoping

Prioritise controls testing relative to risks, accounts, systems and processes with this module of our GRC software


Plan your quarterly SOX resourcing and testing with embedded sampling and risk-based methodology

You are informed of any movement in risk-relevant MI through live dashboards and notifications, enabling prompt action to keep your risk profile within the bounds you set.


SOX Testing

SOX Testing

Integrated progress tracking of SOX evidence and controls tested

Customizable workflow and approval checkpoints for controls and programmes

You are informed of any movement in risk-relevant MI through live dashboards and notifications, enabling prompt action to keep your risk profile within the bounds you set.


Conduct SOX testing all in one place

No more searching around for endless spreadsheets, e-mails and documents.

  • 1 Program which controls to test
  • 2 Request SOX Evidence
  • 3 Collate SOX Evidence
  • 4 Carry Out SOX Testing
  • 5 Track progress

Select which controls you want to test in the quarter and when you want to receive the evidence, with accelerated dates for listings where samples need to be selected.

Automated requests will be sent to control owners with details of what evidence is required when, for which periods, including any screenshots or parameters required for system-generated reports.

Control owners can upload evidence of control design, control operation, IT dependencies, end-user computing and management reviews. You can mark evidence as received to keep track of controls ready for testing and outstanding items.

Review evidence received and document results of testing. Our workflow setup allows for the primary SOX tester to pass on their work for review, with any number of approvals. Reviews can be carried out using @ messaging functionality within Decision Focus, which e-mails a link directly to the specific test, so that all review points are kept neatly in one place.

Check overall status of the quarter and year, with the ability to drill into individual controls, using our innovative dashboards. Track overdue items and follow up without needing to lift a finger by enabling automated past due notifications

Deficiency Management

Documenting root cause analysis, findings and remediation plans

Interactive action tracking in conjunction with the business

Automated notifications to keep remediation on track



Inform SOX decision-making with intuitive dashboards and powerful reports at the push of a button

Standardised and customised reports, including S302 certifications and Audit Committee papers

Generate risk and control matrices with the flexibility to select which data you want to see


One Integrated Platform

One Integrated Platform

Complete linkages between risks, controls, processes, systems and testing, with all changes tracked and fully auditable

Direct and focused access to relevant data for all relevant roles, from SOX tester to Chief Audit Executive to Control Owner


SOX Compliance Software FAQs

What is the Sarbanes-Oxley Act?

The Sarbanes-Oxley Act of 2002, often referred to as SOX, is a United States federal law enacted to improve the transparency, accuracy, and accountability of financial reporting by public companies to protect investors and maintain the integrity of the securities markets. SOX mandates strict requirements on corporate governance, financial disclosures, internal controls, and the independence of auditors to prevent corporate fraud and enhance investor confidence in the wake of accounting scandals such as Enron and WorldCom.

What is SOX Compliance Software?

SOX Compliance Software is a specialised tool or platform designed to help organisations ensure adherence to the requirements of the Sarbanes-Oxley Act. This software facilitates the implementation, monitoring, and enforcement of internal controls, financial reporting processes, risk assessments, and compliance activities mandated by SOX. SOX Compliance Software streamlines compliance efforts, automates control testing and documentation, and provides transparency and accountability in demonstrating compliance with SOX requirements.

What are the 4 SOX controls?

  1. The Sarbanes-Oxley Act outlines several key requirements, often categorised into five main sections. The four primary internal control provisions or controls prescribed by SOX are:
    • Control Environment: Establishing and maintaining an effective control environment with a commitment to integrity, ethical values, and compliance.
    • Risk Assessment: Conducting ongoing risk assessments to identify and assess financial risks that may impact the accuracy and reliability of financial reporting.
    • Control Activities: Implementing specific control activities, policies, and procedures to mitigate risks, ensure financial accuracy, and safeguard assets.
    • Monitoring Activities: Establishing monitoring mechanisms to track the effectiveness of internal controls, identify deficiencies, and take corrective actions when needed.

Is SOX compliance different in different countries?

While the Sarbanes-Oxley Act is a U.S. federal law applicable to U.S.-based public companies and organisations with securities listed on U.S. stock exchanges, its principles and objectives have influenced corporate governance and regulatory practices globally. Different countries may have their own regulations and compliance requirements similar to SOX, but the specifics can vary based on local laws, regulatory frameworks, and cultural contexts. Organisations operating internationally may need to comply with both U.S. SOX requirements and local regulations, adapting their compliance programs to meet the specific regulatory expectations in each jurisdiction.

No red tape, no 3rd parties involved. Immediate support from the team that develop the Decision Focus platform.

Any questions?

The Decision Focus team are here to answer your questions.