System and Process Assurance (SPA)
Print-friendly version
Email to a colleague
View this page in: 日本語

The System and Process Assurance (SPA) practice provides services related to controls surrounding the financial reporting process, including business processes and IT management controls. SPA meets a wide range of client needs related to internal control processes and the utilization of IT, based on the experience of our experts in managing internal control audits under Section 404 of the U.S. Sarbanes-Oxley Act.


In today’s business world, IT and financial reporting environments are becoming increasingly complex while even greater reliance is being placed on the information produced by these systems and processes, which in turn has increased management risks. Consequently, the importance of effectively managing these risks has reached unprecedented levels, and the governance of better IT and information systems has become a prerequisite for any successful company.

Due to an increasing reliance on information systems and operational processes to automatically generate information for financial reports, proper use of IT is now more important than ever before. Furthermore, because companies in Japan and many other countries must now adhere to regulatory standards in relation to aspects of their IT infrastructure, there is a need for advice and independent assurances on the effectiveness of these systems.

SPA, in coordination with CIPS, TICE, FS, ICA, and international members of the PricewaterhouseCoopers global network, is fully committed to providing a full range of products and services that are based on PricewaterhouseCoopers’ experience, know-how and best practice methodologies, and which clients can trust.

Key Service Areas:


  • Services related to internal controls under Section 404 of the U.S. SOX Act and a Japanese version of the Sarbanes-Oxley Act (J-SOX)

    •   - Control reviews of operational and IT processes
      - Preparation for the introduction of Section 404 of the U.S. SOX and J-SOX, as well as process improvements and maintenance services
      - Reviews of general IT controls
  • Services related to information security

    •   - Reviews of information security policy and administrative procedures
      - Information security reviews for computers, databases and networks
      - Information security audits and support for attaining ISO27001
  • Third-party assurances and opinion
      - Reports based on the U.S. Statement on Auditing Standards (SAS) 70
      - AICPA/CICA Trust services
  • Reviews for compliance with other regulations
      - Reviews for compliance with the financial inspections manual and laws regarding the protection of personal information; BCP/DRP reviews
      - Support for Privacy Mark acquisition
  • Audits of information systems and controls related to corporate acquisitions

  • Pre- and post-introduction system reviews for IT governance and information systems

  • Project evaluation services

  • Data verification services

    •   - Implementation of Computer Assisted Auditing Techniques (CAATs); Data quality reviews
Contact Us
aaratapr@jp.pwc.com

Privacy Legal About Site Provider Email Webmaster Site Map
© 2006-2008 PricewaterhouseCoopers. All rights reserved. PricewaterhouseCoopers refers to the network of member firms of PricewaterhouseCoopers International Limited, each of which is a separate and independent legal entity.
Accessibility information Skip navigation Countries online