Webcast: Public Company ReadinessWebcast: Public Company ReadinessPreparing to meet the demands of Public Ownership
April 2, 200810:00am PST / 1:00pm EST
US / Canada Dial In #: 1.888.557.6117Conference ID Number: 38668421
The program will begin shortly
1
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Today's Presenter Today's Presenter –– Chris WrightChris Wright
Chris Wright is a Regional Managing Director in the Metro New York / New England Region. Chris also leads our Finance Remediation and Reporting Compliance practice, focusing on assisting clients with improving Financial Reporting Risk, dealing with restatements and related investigations and preparing for the adoption of new accounting pronouncements.
Steve Hobbs is a Managing Director in the San Francisco office of Protiviti and leads Protiviti's Public Company Readiness solution. Prior to joining Protiviti, Steve was a Senior Partner at KPMG for three years and spent over 20 years at Arthur Andersen. In addition to his current responsibilities at Protiviti, Steve serves on the board of directors for two companies - one as Chairman and one as Audit Committee Chair.
Today's Presenter Today's Presenter –– Steve HobbsSteve Hobbs
2
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Gordon Tucker is a Managing Director in the San Francisco office and heads the Firm's Manufacturing, Distribution and Technology industry team. Gordon began his career at Arthur Andersen in 1984 and has been with Protiviti since December 2003. He has over 20 years experience providing Internal and External Audit and consulting services to High Technology and Manufacturing companies. Client experience includes serving companies ranging in size from mid-market to Global 1000, with public and private ownership structures.
Erik Stone is a Managing Director in the San Francisco office. Erik has over 20 years of finance, accounting operations management and consulting experience including organization, process improvement, and technology related solutions. His project work has spanned Assessment, Due Diligence, Business Case Development, Design, Implementation and Execution phases.
Today's Presenter Today's Presenter –– Gordon TuckerGordon Tucker
Today's Presenter Today's Presenter –– Erik StoneErik Stone
3
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
A ReminderA Reminder
During the call you can ask questions by typing them into the chat box at the bottom of your screen.
There will be an Q&A at the end of the call.
4
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Today's AgendaToday's Agenda
• Going Public – The Challenges
• Going Public – The Current IPO Landscape
• Protiviti's Six Elements of Infrastructure for Public Company Readiness
• Inherent Pre-IPO Risks
• Additional Public Company Readiness Considerations
• Q & A
5
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Going Public Going Public –– The ChallengesThe Challenges
What should a privately held company do when planning to undertake an IPO?
"All companies, public and private, benefit from a sound and cost-effective system of internal controls. If a privately held company aspires to "go public," its management should consider an initial evaluation of its internal control over financial reporting to identify the company's readiness and areas that may require improvement. These areas can be addressed systematically over time rather than all at once when the company files its registration statement and is burdened with substantially more disclosure requirement responsibilities."
Source: Protiviti's Guide to the Sarbanes-Oxley Act: Internal Control Reporting Requirements –Frequently Asked Questions Regarding Section 404, Question 238, page 170.
6
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Going Public Going Public –– The ChallengesThe Challenges
As companies prepare to become public, they face many challenges. Executives must ask themselves:
• Can we meet the reporting timelines required by the SEC?
• Do we understand the Sarbanes-Oxley Act requirements?
• Can we handle the complex accounting and disclosure requirements?
• Is our IT infrastructure scalable to handle our growth?
• Do we have and document business continuity plans?
• Will our corporate governance structure be adequate for our growth?
• Does the data used to manage and report our results have integrity?
• How effective is our Internal Audit function?
• Do we have effective records of management processes?
• Will any unfavorable findings resulting from the audit of the previous three years of financial information negatively impact the timing of a public offering?
7
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Going Public Going Public –– The Current IPO LandscapeThe Current IPO Landscape
• Despite the sluggish market, there has been a 30% increase in S-1 filings over the same period last year.
• The SEC continues to make the US capital markets more accessibleand competitive.
• The effort and trend is expected to continue over the next 24 months.
131103Number of S-1 Filings
January & February 2008
January & February 2007
Source: U.S. Securities and Exchange Commission
8
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Protiviti's Six Elements of Infrastructure for Public Protiviti's Six Elements of Infrastructure for Public Company Readiness Company Readiness
• Is the finance function strategy linked to business strategy?
• Do we have all appropriate business policies documented?
• Have we clearly defined lines between finance, IT and other functional units?
• Do we have appropriate IT policies?
• Are overall governance charters, and board policies in place?
• How effective and efficient is our Financial Close Process?
• How effective is our Budgeting process?
• Do we have documented processes?
• Is process owner monitoring in place?
• Do we have an Enterprise Risk Agenda?
• Have we established Internal Audit function?
• Do we have appropriate IT Service Organization?
• Do we have BOD committees established?
• Do we have an effective corporate structure?
• Do we have the right professional advisory groups?
• Do we have the requisite skills to ensure accurate financial reporting?
• Do we have an appropriate Finance organization reporting structure?
• Have we defined system users to mitigate Segregation of Duties issues?
• Do we generate and review Enterprise Risk Assessment reports?
• Internal customer reports?
• External reports?
• Process owner self assessment?
• Internal audit reports?
• KPIs for Finance Organization effectiveness?
• Relevant and reliable system reports?
• Have we established methodologies for integrated SOX 302, 906 and 404 certification?
• Do we have budget and financial control methodologies?
• Have we established methodologies for application of accounting policies and estimates?
• Are we getting the information we need to run an grow the business?
• Do we have an integrated and scalable IT environment?
• Have we considered alignment of current ERP environment with key business initiatives?
• Do we have appropriate Financial and operating systems?
• Have we considered minimization of spreadsheets within financial reporting?
• Do we have Internal controls and contracts repositories?Action Item: Assess current state and urgency of remediation.
Business Strategies &
Policies
Business Processes
Organization and People
Management Reports Methodologies Systems and
Data
9
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Inherent PreInherent Pre--IPO RisksIPO Risks
In our experience, pre-public and newly public companies tend to face the risk of not achieving the following:
Accurate Financial Reporting –
– Companies need to ensure they have the requisite skills to understand the application of accounting principles and ensure accurate financial reporting.
Efficient Financial Close –
– In order to meet the revised SEC filing requirements, companies must ensure they have an accurate and efficient financial close process
Scalable IT Environment –
– Reviewing the IT system environment to ensure that the company is able to handle the growth in the business is imperative in being public
Appropriate Corporate Governance and SOX Compliance –
– Ensuring the company has a robust, regulatory and corporate governance understanding and an efficient, internal control environment is critical to achieving initial and ongoing compliance with SOX regulations.
10
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Finance Remediation and Reporting Compliance Finance Remediation and Reporting Compliance ––Six Elements of InfrastructureSix Elements of Infrastructure
Business Strategies &
Policies
Business Processes
Organization and People
Management Reports Methodologies Systems and
Data
• Policies over financial reporting procedures exist, and are updated frequently
• Operating processes are aligned with financial reporting segments and elements
• Established Corporate Risk Governance, including Disclosure Committee
• Process owner monitoring of internal and external trends, methods, and changes that impact financial reporting
• Research and issue development processes in external reporting of financial information
• Management and control over the information provided by outside service providers
• Professional advisors and experts – internal and external
• Clearly articulated roles, responsibilities, and accountability for coordination of activities
• Integrated working group including legal, HR, treasury, tax, and financial reporting
• External and internal reports; alignment of metrics and segmentation
• Valuation/ratio analysis and comprehensive reports
• Relevant and reliable system reports which provide critical data to support calculations and disclosures
• Monitoring, selection, and application of appropriate accounting principles and policies
• Ensure consistent adherence to the desired process for conducting transactions within the existing policy framework
• Methodologies for:
– Development of critical input variables,
– Periodic assessment of estimates
• Secure, verifiable data transfer between systems maintained by HR, outside service providers, and accounting/reporting
• IT systems across controls and forced edit/change of reports to safeguard general ledger and sub-ledger data and interfacing
• IT Business Continuity and Security Plans
Protiviti systematically evaluates the critical infrastructure components to identify opportunities to enhance a Company's business. Throughout our approach we look for areas to improve an organization across the six key elements of Financial Reporting Risk:
11
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Assessing Financial Reporting RiskAssessing Financial Reporting Risk
Do management and the audit committee know where the key risks to your company's financial reporting process exist, including:
• Accounting for transactions with significant estimates or judgments
• Complex transactions and accounting principles application
• Broad accounting guidelines
• Accurate underlying data
• Adequate system support
• Management override opportunity
Companies need to work in "anticipatory mode" to get out in front of financial reporting issues before they become reputation threatening.
12
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Financial Reporting (FR) Risk Profile AssessmentFinancial Reporting (FR) Risk Profile Assessment
• Financial Reporting ("FR") Risk Profile Assessment is a foundational component of our Public Company Readiness approach.
• The objective of an FR Risk Profile is to identify and monitor the areas prone to potential misstatements (new and old).
• An FR Risk Profile will provide a roadmap so appropriate oversight and control can be monitored or established to reduce financial reporting risk to an acceptable level.
The FR Risk Profile is a foundational component of Public Company Readiness.
13
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Financial Reporting (FR) Risk Profile AssessmentFinancial Reporting (FR) Risk Profile Assessment
• An FR Risk Profile is not another "one-off" assessment. It should be dynamic and updated periodically.
• An FR Risk Profile can serve as the logical "first step" in beginning the necessary risk assessment for scoping management's approach to Sarbanes-Oxley compliance.
• This will provide transparency for the drivers and magnitude of financial reporting risks for all to see.
Remediate
UnderstandPast, Presentand Potential Challenges
Identify Authoritative
Literature
Assign Profile Rating
Assess Need for Accounting
Position Paper
Identify Relevant
Accounts and Disclosures
• Material account balances
• Significant / complex transactions
• Financial statement disclosures
• Identify available guidance
• Consider the various alternatives
• Review application of alternatives
• Inventory existing policies and procedures
• Evaluate current practice
• Consider transparency of accounting position
• Review SEC comment letters
• Review external auditor findings and management letters
• Assess other regulatory agency notice or findings
• Finance management consideration of data gathered
• Discussion of findings
• Financial management assigns a rating
• Develop action plan with key stakeholders
• Implement changes
• Re-assess
14
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Inherent PreInherent Pre--IPO RisksIPO Risks
Accurate Financial Reporting –
– Companies need to ensure they have the requisite skills to understand the application of accounting principles and ensure accurate financial reporting.
Efficient Financial Close –
– In order to meet the revised SEC filing requirements, companies must ensure they have an accurate and efficient financial close process
Scalable IT Environment –
– Reviewing the IT system environment to ensure that the company is able to handle the growth in the business is imperative in being public
Appropriate Corporate Governance and SOX Compliance –
– Ensuring the company has a robust, regulatory and corporate governance understanding and an efficient, internal control environment is critical to achieving initial and ongoing compliance with SOX regulations.
15
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Efficient Financial Close Efficient Financial Close
Years Ending On or After Form 10-K Deadline Form 10-Q Deadline
Accelerated Filer
Non-Accelerated Filer
75 days after fiscal year-end
90 days after fiscal year-end
40 days after fiscal quarter-end
45 days after fiscal quarter-end
SEC Requirement for Public Companies:
Common Challenges for Pre Public Companies:
• Casual close process, few milestones, informal status reporting• Less mature accounting systems, little electronic integration• Numerous manual activities• Too much detail to close fast/Not enough detail for audit• No previous disclosure committee• Many spreadsheets, few controls, increasing risk of errors• Dependent on key people
16
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Financial Close Process Assessment Financial Close Process Assessment
• Develop detailed close checklist
• Holistic Assessment across Protiviti’s Six Elements of Infrastructure.
• Pre-determined escalation policy and protocols
• Remote location & 3rd party tasks, report formats clearly defined
• Financial reporting adjustments and approval authority established
• Detailed tracking of financial close activities
• Daily status meetings
• Frequency and participation for Disclosure Committee, Audit Committee and External Audit review
• Accountability to due dates
• Well defined roles, training and requisite skills
• Disclosure Committee composition
• Daily close status and issuereporting
• Use process dashboards to monitor/improve performance (time, JEs by task, person, day, etc.)
• Track proposed GL adjustments
• 302 sub certifications
• Level of detail appropriate to materiality requirements
• Reconciliations prioritized, standard templates used
• Replace spreadsheets
• Enhance Spreadsheet Controls
• Integrated systems to control data flow
• Electronic support schedules
BusinessPolicies
BusinessPolicies
BusinessProcessesBusiness
ProcessesPeople and
OrganizationPeople and
OrganizationManagement
ReportsManagement
Reports MethodologiesMethodologies Systems and Data
Systems and Data
17
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Financial Close Process Financial Close Process –– Revenue CycleRevenue Cycle
• Software or Service Revenue often major challenge for close
• Many functions in the “Revenue Cycle” impact revenue reporting
• Key challenge to collect data around cycle and from multiple functions
PRICING STRATEGY
INVOICING
QUOTE, CONTRACT &ORDER MANAGEMENT
ACCOUNTS RECEIVABLE& COLLECTIONS
REVENUE REPORTING& MONITORING
REVENUE PROJECTIONS& FORECASTS
DEAL MANAGEMENT& NEGOTIATION
REVENUE RECOGNITION
QUOTE, CONTRACT &ORDER MANAGEMENTEnablers
Aligned Processes, People, Roles & Skills, Tools &
Information
18
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Accurate Financial Reporting –
– Companies need to ensure they have the requisite skills to understand the application of accounting principles and ensure accurate financial reporting.
Efficient Financial Close –
– In order to meet the revised SEC filing requirements, companies must ensure they have an accurate and efficient financial close process
Scalable IT Environment –
– Reviewing the IT system environment to ensure that the company is able to handle the growth in the business is imperative in being public
Appropriate Corporate Governance and SOX Compliance –
– Ensuring the company has a robust, regulatory and corporate governance understanding and an efficient, internal control environment is critical to achieving initial and ongoing compliance with SOX regulations.
Inherent PreInherent Pre--IPO Risks IPO Risks
19
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Ensuring a Scalable IT EnvironmentEnsuring a Scalable IT Environment
Common Challenges:
• Smaller IT staff with limited skills and bandwidth
• Informal (non existent) policies & procedures including SDLC controls and business continuity plans
• Proliferation of desktop applications (spreadsheets) & decentralized data storage
• Immature ERP systems
• Lack of integration
• Short term decisions with significant long term implications (e.g. ERP selection, hosted solutions, outsourcing, etc.)
20
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
IT Strategy & Policies
The strategy should cover application, infrastructure and organizational requirements, including outsourcing. It should include a roadmap for
major projects and projected resource requirements and address the following critical IT related risks:
• Failover systems if highlight dependent of high availability systems.
• Data security and governance if loss of sensitive data or IP would have a sever impact on the business.
• Plans to comply with various regulations (SOX, HIPAA, PCI, etc.), as required
Business Process
Define and implement formal process and controls for:
• Change Management (including IT Steering Committee and SDLCs - System Development Lifecycle Controls)
• Security and Access Management and Operations
• Establish user support operations consistent with service level agreements
• Document and follow standard operations processes
People & Organizational Structure
• Ensure that org structure, reporting lines and responsibilities (such as Security or Production Support) are clearly defined
• Validate that IT personnel have appropriate skills to support their evolving functions, and ensure ongoing training
ITStrategy &
Policies
ITStrategy &
PoliciesBusiness
ProcessesBusiness
ProcessesPeople and
OrganizationPeople and
OrganizationManagement
ReportsManagement
Reports MethodologiesMethodologies Systems and Data
Systems and Data
Developing a Scalable IT Environment Developing a Scalable IT Environment –– Key ActivitiesKey Activities
21
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Ensuring a Scalable IT EnvironmentEnsuring a Scalable IT Environment
Management Reporting
Establish key metrics to monitor IT’s performance and measure progress towards goals. Some measures should be reported outside the IT
organization to validate IT service levels are appropriate to support the overall business goals. Sample metrics may include: time to break even on
new IT investments; time to resolve IT support questions; IT expense/employee; # employees/# IT FTE, IT exp/revenues, etc.
Methodologies
Consider what standard models and methodologies (e.g. COBIT) support your IT strategy, and consult with industry experts to determine the
methodologies the organization will follow. Provide training, require adherence and measure performance around the use of your methodologies.
Systems and Data
• Determine ERP solution to best meet the financial reporting and operational needs of the organization
• Review IT application portfolio and replace numerous, legacy applications with a more robust solution
• Assess current storage and backup solutions for greater reliability and cost savings
• Ensure systems are configured for security / regulatory compliance requirements
ITStrategy &
Policies
ITStrategy &
PoliciesBusiness
ProcessesBusiness
ProcessesPeople and
OrganizationPeople and
OrganizationManagement
ReportsManagement
Reports MethodologiesMethodologies Systems and Data
Systems and Data
22
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Inherent PreInherent Pre--IPO RisksIPO Risks
Accurate Financial Reporting –
– Companies need to ensure they have the requisite skills to understand the application of accounting principles and ensure accurate financial reporting.
Efficient Financial Close –
– In order to meet the revised SEC filing requirements, companies must ensure they have an accurate and efficient financial close process
Scalable IT Environment –
– Reviewing the IT system environment to ensure that the company is able to handle the growth in the business is imperative in being public
Appropriate Corporate Governance and SOX Compliance –
– Ensuring the company has a robust, regulatory and corporate governance understanding and an efficient, internal control environment is critical to achieving initial and ongoing compliance with SOX regulations.
23
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Becoming SOX Compliant Becoming SOX Compliant
SOX Section Key SOX Activity
Recommended Implementation
Timeframe
Section 404 1. Document the Company's Significant Business Processes Affecting Financial Reporting
By S-1 filing
Section 404 2. Identify Risks, Controls and Areas of Improvement in Internal Control over Financial Reporting
By S-1 filing
Section 404 3. Conduct Remediation of Internal Control Structure 3 quarters prior to 404 Compliance Date
Other Key Considerations
4. Evaluate the Role and Composition of the Board and Audit Committee
Prior to IPO
Other Key Considerations
5. Evaluate Need for Internal Audit Function After 404 Compliance
Section 404 6. Implement a Process to Test Internal Controls and Report on that Testing
2 quarters prior to 404 Compliance Date
Other Key Considerations
7. Evaluate Need for an Enhanced Financial Reporting Function to Support New Reporting and Disclosure Requirements
By S-1 filing
Section 302 / 906 8. Implement a CEO/CFO Certifications Process By First 10Q
SOX Section 406 9. Make Code of Ethics and Business Conduct Policy Publicly Available
Prior to IPO
Section 301 10. Establish "Whistle Blower" Hotline Prior to IPO
24
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Protiviti's Approach to SOX ComplianceProtiviti's Approach to SOX Compliance
Protiviti utilizes its proprietary market-proven standard approach for Sarbanes-Oxley Compliance. Following project scoping and initiation efforts in Phase I, the majority of efforts will be incurred in the documentation (Phase II) and testing (Phase III) of controls embedded within the business processes. To the extent that any controls are determined to be improperly designed or operating ineffectively during these Phase II and III efforts, remediation of these control weaknesses will be addressed in Phase IV.
PHASE I: Assess Current State and Identify Relevant
Controls
Set Foundation
Project Management Continuous Improvement
PHASE II: Document Critical
Processes and Controls
PHASE III: Evaluation and
Testing of Controls
PHASE IV: Remediation of
Control WeaknessesReport
Process Management
Assessment Management
Knowledge Management
Financial Reporting Requirements
Relevant Processes
Internal ControlReport
Process Risks/Controls
Control Design Control Improvements
Control OperationEntity-Level Controls
Components of Internal Control
Reporting
Our Approach
Tools & Technology
25
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
1. Project Scope, Approach and Plan defined (reviewed with External Auditor)2. Priority financial reporting elements identified, current state of critical
processes inventoried and assessed (reviewed with External Auditor)3. Risks and assertions for key financial reporting elements identified, critical
processes documented. Control design validated and internally tested, results documented and improvement action plan developed
4. Process improvements designed/implemented, e.g.: policies, processes, controls, reports and systems
5. Remediation testing and implementation activities completed. 6. External Auditor "Dry-Run" testing completed7. Remediation for External Auditor review comments completed8. Management certification and External Auditor attestation process completed
Assess Current State/ Identify Relevant Processes
Document Design and Evaluate Critical Processes and Controls Testing
Design and Implement Solutions for Material Control Gaps
Ongoing testing/evaluation of operating effectiveness
Set Project Foundation
2
1
3
External Auditor "Dry-Run" Testing
Remediation for External Auditor Review Comments
Management certification and External Auditor
attestation
8
01 02 03 04 05 06 07 08 09 10 11 12 13 14 15 16
Months
High Level Project Timeline High Level Project Timeline –– ExampleExample
= Major Milestones
4
5
6
7
26
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Additional Public Company Readiness Considerations
27
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Public Company Readiness Public Company Readiness –– The Four PhasesThe Four Phases
Phase IVMonitor & Manage
Phase IVMonitor & Manage
Phase III Remediation &
Preparation
Phase III Remediation &
PreparationPhase II
Solution DesignPhase II
Solution DesignPhase IInitial
Assessment
Phase IInitial
Assessment
• Assess the current state of readiness against the Six Elements of Infrastructure
• Identify readiness of core public company requirements:
– Accurate Financial Reporting
– Efficient Financial Close
– Corporate Governance and SOX Compliance
– IT scalability
• Assess the urgency of solution based on cost / benefit, required timeline
• Develop a high level work plan, timeline, resource requirements
• Design required solutions for initial assessment findings with urgent needs
• Develop baseline of appropriate policies and procedures
• Review the Revenue Recognition Process
• Develop baseline for Financial Close Process
• Perform Risk Assessment and initial scoping for SOX Readiness and Compliance
• Assess the IT Environment and help "spec and select" the right ERP system, if required
• Implement solutions and remediate urgent needs
• Produce SOX Section 302 certification
• Achieve SOX Section 404 compliance
• Manage short and long term goals
• Ensure Section 906 Hotline is in place
3 – 6 Weeks 6 – 8 Weeks Through S-1 filing Through 2nd 10-K Filing
28
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Additional Public Company Readiness ConsiderationsAdditional Public Company Readiness Considerations
Investment Bank Selection
Printing Company Selection
Transfer Agent Selection
Additional Related Entity Audit Requirement
Reportable Segment Identification
Interactions with the SEC
Pre-IPO Filings and Review
Board of Directors Composition
Insurance Coverage Analysis
Future finance organization
Resolution of a material weakness
Joint venture arrangement
Business Continuity Management
IT Security
IT Application Control Effectiveness
Bank Arrangement Discussion
Treasury Department Analysis
Records Retention Policy Review
Incentive Plan(s) Review
Income Tax Detail Review
Compensation Policy Review
Development and Implementation of Policies and Procedures
Accounting Staff Competency
IT Cost control
External Auditor Selection
General Counsel Selection
Enterprise Risk Agenda
Investment policies for marketable securities
Contract and License Management and Auditing
Intellectual Property protection
Fraud risk management
Litigation support and the use of eDiscovery tools
Corporate Restructuring
In addition to helping our clients remediate the urgent needs identified in the four core areas, we are also often asked to assist clients with the following important activities:
29
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Key TakeawaysKey Takeaways
• Public markets continue to be an attractive source for capital and exit strategy alternatives
• Strategic assessments and planning for an IPO are key factors to a successfully priced offering
• Resources and effort required to prepare for an IPO are frequently underestimated
• Companies generally have numerous infrastructure and other readiness issues that require remediation
• Challenges in today’s fast-moving markets – Will you be Ready?
30
© 2008 Protiviti Inc. An Equal Opportunity Employer. This document is for your company's internal use only and may not be distributed to any other third party.
Q&A
At Protiviti, we believe the companies that most effectively understand and manage their risk are the companies that most often succeed. Or as we like to say…
[email protected] Bay Area Managing Director
408.808.3260
Thank you for joining us!
[email protected] Bay Area Managing Director
408.808.3253
[email protected] York Managing Director
212.603.5434
[email protected] Bay Area Managing Director
415.402.6441