IT General Controls and SOX Compliance Testing Services
Confirm your company meets compliance standards with ITGC Testing and SOX ITGC ControlsIT General Controls (ITGC) Testing Overview
SOX 404 ITGC Testing
Cornerstone provides SOX compliance testing and remediation services as an outsourced internal auditor. As an outsourced internal audit team, we are comfortable using the client’s control framework (COBIT, NIST). However, we can also provide a control structure based on over 30 years of experience with external auditors.
Our SOX ITGC Controls (404) Testing follows a simple process:
- Scoping of Systems and Controls
- Evidence Collection
- Testing
- Reporting
We pride ourselves in aligning with the other audit teams for collaboration while maintaining independence to reduce the strain on the business contacts.

Fast, responsive, and extremely good quality of work. It was really a pleasure working with Bill and his team.
Frequently Asked Questions about SOX 404 ITGC Testing
Why Should You Consider SOX 404 ITGC Testing?
Sarbanes-Oxley Section 404 IT General Controls (SOX 404 ITGC) testing is required for publicly traded companies. These IT controls ensure the data in the financial systems and therefore the financial statements are complete and accurate.
Does my business needs a SOX 404 ITGC Testing?
If your business is publicly traded, then yes, you would need to have IT controls in place and operating effectively to be in compliance with Section 404 of the Sarbanes-Oxley Act. Testing must be done by an external auditor to verify the controls are operating effectively during the testing period.