SOX (the Sarbanes-Oxley Act, a corporate reform law) was passed in the USA in 2002 response to the problem of major companies window-dressing their accounts from 2001 to 2002. SOX was passed with the purpose of making the financial reporting process stricter and legally encoding regulations, in order to protect investors. In Japan as well, the problem of major companies window-dressing their accounts has led to greater interest in internal controls, and resulted in a Japanese version of SOX being introduced in 2008, with a focus on the Financial Services Agency.
The purpose of J-SOX compliance (internal control audits) is to have to have top management submit "internal control reports" that they have labeled "valid," and have auditors evaluate with their "unqualified opinion"* that there are no significant discrepancies.

An "unqualified opinion" means that the financial statements prepared by top management comply with corporate accounting standards generally accepted as fair. It is the "opinion expressed when the auditors believe that all matters are displayed properly" with regard to important matters such as the company's complete financial status, operating results, and cash flow status. In addition, there is also the option of a "qualified opinion" and "adverse opinion."

This must be done every year


Internal control report
stated to be "valid"


"Unqualified Opinion"

J-SOX Control Areas

Company Level Controls

Clearly state the general stance, efforts, policies, processes, organizational structure, etc. of the company, the board of directors, management, and employees.

Financial Reporting Packages

Clearly state the internal control status considered necessary for the company to make financial statements and financial reports to its parent company.

Business Process Controls

Clearly state the reliability of financial reporting in business processes, as well as the details of controls implemented for business risks that impair integrity.

Information Technology Application Controls

Clearly state processes and the like concerned with automated controls and important accounting processes automated with programming.

Information Technology Application Controls

Areas we support

Clearly state risks and controls that should be assumed for system development, maintenance, operation management, access management, and outsourcing contract management.