To develop a formalized system of checks and balances, thereby helping protect GitLab stakeholders from fraudulant financial reporting.
GitLab has adopted the COSO framework as the criteria for evaluating the effectiveness of the company’s internal control over financial reporting.
|SOX Progam Management Office (PMO)||The division of internal audit department has the primary responsibility of managing GitLab’s Sarbanes-Oxley (SOX) program. In this role, the PMO will work under the direction of the Principal Accounting Officer. Responsibilities include:
→ Perform risk assesment and scoping to determine project scope of each reporting year
→ Prepare the internal control assessment plan and include timelines
→ Schedule process walk-throughs for each process with process/control owners
→ Review current and prior-year control deficiencies in order to determine the remediation status
→ Update process maps
→ Prepare control deficiency reports and follow up on remediation efforts
→ Meet with external auditors as necessary to provide status updates and remediation efforts of ongoing work
|Principal Accounting Officer||Executive Sponsor and provides oversight of Internal Audit’s execution of the SOX program|
|Director, SEC & SOX||Responsible for:
→ Confirming control description for controls that are assigned to them
→ Update SOX Internal controls page for any changes in the people, process and platform and provide edits to the SOX PMO for review within 30 days of change
→ Make themselves available to speak with the SOX PMO upon their request for walkthroughs, sign-offs , testing and for discussion of test results
→ Provide test evidence to the SOX PMO upon request.
→ Remediate control deficiencies
Following outputs of SOX program will be maintained and monitored by the Internal Audit function.