Essential IT Considerations for Sarbanes-Oxley Act

Similar documents
Beyond Compliance. Leveraging Internal Control to Build a Better Business: A Response to Sarbanes-Oxley Sections 302 and 404

FREQUENTLY ASKED QUESTIONS ABOUT INTERNAL CONTROL OVER FINANCIAL REPORTING

Checklist for Higher Education

IPO Readiness. Sarbanes-Oxley Compliance & Other Considerations. Presented by:

Guide to the Sarbanes-Oxley Act: Internal Control Reporting Requirements

Increasing External Auditor Reliance

Corporate Governance Principles of Auditing: An Introduction to International Standards on Auditing - Ch 14

AN AUDIT OF INTERNAL CONTROL THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS: GUIDANCE FOR AUDITORS OF SMALLER PUBLIC COMPANIES

Negotiating in a Sarbanes-Oxley World

PGDBFS 103 International Financial Accounting and Policy (IFAP)

EY Center for Board Matters. Leading practices for audit committees

B S R & Co. LLP. Reporting on Internal. Reporting An Overview. Sarbanes Oxley Act (SOX) 28 December 2013

See your auditor clearly. Transparency report: How we perform quality audit engagements

CDK GLOBAL, INC. AUDIT COMMITTEE CHARTER Effective January 20, 2016

AUDIT COMMITTEE CHARTER

41880 Introduction to Hyperion Financial Management. Mike Malwitz Director Product Strategy Oracle Enterprise Performance Management

STARWOOD HOTELS & RESORTS WORLDWIDE, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

COSO What s New, What s Changed, Why Does it Matter and Other Frequently Asked Questions

An Audit of Internal Control Over Financial Reporting Performed in Conjunction with An Audit of Financial Statements

Evaluating Internal Controls

ABA Section of Business Law. Internal Control Reporting Under Section 404: An Update and Current Assessment. November 19, 2004

[RELEASE NOS ; ; FR-77; File No. S ]

BioAmber Inc. Audit Committee Charter

CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

Remediation of Material Weaknesses Related to Employee Compensation

BIO-RAD LABORATORIES, INC. (the Company ) Audit Committee Charter

Audit Committee Charter for XL Group Ltd

Sarbanes Oxley Impact on Supply Chain Management

FINANCIAL INSTITUTIONS AUDIT COMMITTEE GUIDE FOR FINANCIAL INSTITUTIONS

ABCANN GLOBAL CORPORATION CORPORATE GOVERNANCE POLICIES AND PROCEDURES

Annual Report of Moody s Investors Service Singapore Pte Ltd for financial year ended 31/12/2015

GRANITE CONSTRUCTION INCORPORATED AUDIT/COMPLIANCE COMMITTEE CHARTER

In Control: Getting Familiar with the New COSO Guidelines. CSMFO Monterey, California February 18, 2015

STANDING ADVISORY GROUP MEETING

Audit Committee Charter

Lincoln National Corporation Board of Directors Corporate Governance Guidelines

Current State of Enterprise Risk Oversight:

Gaining Financial Integrity Through Improved Internal Controls

White Paper. Effective and Practical Deployment of COSO: Entity Level Control and Lessons Learned. July 10, 2008 THE ROBERTS COMPANY, LLC

English Translation (For Information Purposes Only) CODE OF BEST CORPORATE PRACTICES. Introduction

Heads Up. Control Integrated Framework. COSO Enhances Its Internal. In This Issue: Enhancements in the 2013 Framework

Internal Financial Controls New perspectives as per Companies Act 2013 and CARO 2016

Present and functioning: Fine-tuning your ICFR using the COSO update

GENESIS GROUP HOLDINGS, INC. CORPORATE GOVERNANCE POLICIES OF THE BOARD OF DIRECTORS

irobot Corporation Audit Committee Charter I. General Statement of Purpose

BOARD GUIDELINES ON SIGNIFICANT CORPORATE GOVERNANCE ISSUES

AUDIT COMMITTEE CHARTER

Audit Committee Performance Evaluation

Chapter 1. Learning Objective 1, 2. Capital Allocation. Efficient Capital Allocation. Financial Accounting and Accounting Standards

MAGNA INTERNATIONAL INC. BOARD CHARTER

PRUDENTIAL FINANCIAL, INC. CORPORATE GOVERNANCE PRINCIPLES AND PRACTICES

Journal of Applied Business Research Third Quarter 2006 Volume 22, Number 3

FRONTERA ENERGY CORPORATION CORPORATE GOVERNANCE POLICY

Report on Inspection of KPMG AG Wirtschaftspruefungsgesellschaft (Headquartered in Berlin, Federal Republic of Germany)

CITIZENS, INC. AMENDED AND RESTATED AUDIT COMMITTEE CHARTER. Adopted November 5, the integrity of the Company s financial statements;

COSO Updates and Expectations. IIA San Diego Chapter January 8, 2014

Checkpoint Contents Accounting, Audit & Corporate Finance Library Editorial Materials Audit and Attest PCAOB Audits Chapter 1 Overview 100 Background

IAASB Main Agenda (March 2016) Agenda Item. Initial Discussion on the IAASB s Future Project Related to ISA 315 (Revised) 1

Sarbanes-Oxley and the Need to Audit Your IT Processes. An MKS White Paper By Jeff Smith Vice President Research & Development

BIOSCRIP, INC. CHARTER OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

PwC Kenya Transparency Report 2015

TERMS OF REFERENCE OF THE AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

SOX Audit Environment

GROUP 1 AUTOMOTIVE, INC. AUDIT COMMITTEE CHARTER

Sarbanes-Oxley Act of 2002 Can private businesses benefit from it?

EFFICIENT USE OF AUDIT COMMITTEES

SOX106. Accounts Payable and Sarbanes-Oxley; Strengthening your Internal Controls- 10 hours. Objectives

AUDIT COMMITTEE OF THE BOARD OF DIRECTORS

Audit quality a director s guide

Audit Committee Charter Amended September 3, Tyco International plc

WELLS FARGO & COMPANY AUDIT AND EXAMINATION COMMITTEE CHARTER

DAVITA INC. AUDIT COMMITTEE CHARTER

An Oracle White Paper December Reducing the Pain of Account Reconciliations

W. R. GRACE & CO. CORPORATE GOVERNANCE PRINCIPLES

NEWMARK GROUP, INC. AUDIT COMMITTEE CHARTER. (as of December 2017)

The Audit Committee of the Supervisory Board of CB&I

The Value Proposition

New Role of Audit Committee: A Post-Financial Crisis Analysis

Sheryl Vacca, CHC-F, CCEP-F, CHRC, CCEP-I, CHPC. SVP/Chief Compliance & Audit Officer University of California

15 Benefits of a Revenue Assurance Solution

SARBANES-OXLEY COMPLIANCE MANAGING CHANGING EXPECTATIONS January 20, 2017

QAD FINANCIALS BENEFITS

) ) ) ) ) ) ) ) ) ) ) )

EASTMAN CHEMICAL COMPANY. Corporate Governance Guidelines

BOARD CHARTER TOURISM HOLDINGS LIMITED

Strengthening Control and integrity: A Checklist for government Managers

MINDEN BANCORP, INC. AUDIT COMMITTEE CHARTER

IAASB CAG Public Session (March 2016) Agenda Item. Initial Discussion on the IAASB s Future Project Related to ISA 315 (Revised) 1

TEEKAY TANKERS LTD. Corporate Governance Guidelines

Sarbanes-Oxley Compliance Kit

CHARTER OF THE BOARD OF DIRECTORS

Auditing Standard 16

2016 INSPECTION OF BHARAT PARIKH & ASSOCIATES CHARTERED ACCOUNTANTS. Preface

Continuous Controls Monitoring for Transactions: The Next Frontier for GRC Automation

REPORT 2016/033 INTERNAL AUDIT DIVISION

Statement on Risk Management and Internal Control

1. Listed companies must have a majority of independent directors (303A.01)

Assurance Services. thinking strategically to your best advantage

Report on Inspection of Deloitte LLP (Headquartered in Toronto, Canada) Public Company Accounting Oversight Board

For personal use only

Transcription:

Essential IT Considerations for Sarbanes-Oxley Act Fulcrum Information Technology, Inc. 2050 North Collins Blvd, Suite 125 Richardson, Texas 75080 Phone: 972-312-8500 Fax: 214-242-3939

Table of Contents Introduction...3 Sarbanes-Oxley Background...4 Security Administration...6 Business Continuity Plan...6 Reporting Tools...7 Software Change Management...7 Improve Risk Assessment Process with COSO based Standard Framework...8 Internal Controls Framework (COSO)...8 Control Environment...8 Risk Assessment...8 Control Activities...8 Information and Communication...8 Monitoring...9 Internal Controls Management Tools...9 Internal controls management software...9 Sarbanes-Oxley Controls Implementation Approach...11 Conclusion...11

Introduction The Sarbanes-Oxley Act (SOA) of 2002 applies to companies which are required to file an annual report with the US Securities and Exchange Commission (SEC) under either Section 13(a) or 15(d) of the Securities Exchange Act of 1934. The SEC requires executives to certify 10-K and 10-Q filings as mandated by SOA Section 302 and Section 906, as of August 29, 2002. Now, the SEC has set the deadline for Section 404, which requires management to file an internal controls report with the annual report. The deadline to file a management report on internal controls for companies with market capitalization over $75M, accelerated filer, is in the fiscal year ending on or after June 15, 2004. Small business issuers are required to comply in the fiscal year ending on or after April 15, 2005. Many companies have formed an SOA committee, which is responsible for all aspects of internal controls necessary to comply with the Sarbanes-Oxley rules. Such a committee includes senior management, for example, CFO, Controller, General Counsel, CIO and COO. The purpose of this document is to highlight the essential Information Technology (IT) considerations for the disclosure committee and management team responsible for SOA compliance. Today, information technology is an integral part of a company s operations. Management should certify the integrity, reliability and security of IT systems that are used to prepare the financial statements for the company. Since technology is frequently updated and changed to meet business requirements, the responsibility for ensuring accurate systems controls should also be delegated to the appropriate IT managers. The information presented in this document is based on our experiences working with clients, external auditors, risk consultants, technology vendors and attorneys. This information may evolve as the Public Company Accounting Oversight Board (PCAOB) and SEC address the various issues regarding Sarbanes-Oxley rules. Public companies are expecting significant increases in external audit fees as well as increases in the cost of internal controls management in order to comply with the Sarbanes-Oxley Act. Companies should consider using information technology to establish a Committee of Sponsoring Organizations (COSO) of the Treadway Commission framework to reduce the costs and risks related to SOA compliance. For example, a company can implement off-the-shelf software to verify business processes and provide all employees access and training as needed for specific job roles and responsibilities. The internal audit department can create a library of key business risks, identify controls to address those risks and automate the audit procedures. This will enable management to establish and maintain adequate internal controls. A standard framework should be employed that will improve the annual risk assessment process required under Section 404 of the Sarbanes-Oxley Act. All major ERP vendors including SAP, Oracle and PeopleSoft have introduced new functionality to help companies manage internal controls. Business Intelligence vendors such as SAS and BusinessObjects also have software that can be integrated with business applications. Certain external auditors and risk consultants can also provide software tools. Once a company has identified objectives for implementing internal controls, IT management should develop the scope for IT initiatives by identifying tasks necessary for compliance, allocating resources and developing a project plan. SOA IT initiatives should include a review of IT systems and infrastructure and implementation of a COSO integrated framework.

Sarbanes-Oxley Background Due to several high-profile business failures, Congress passed the Sarbanes-Oxley Act ( SOA ) on July 25, 2002, and President Bush signed it into law on July 30, 2002. The Sarbanes-Oxley Act is widely seen as the most significant attempt at corporate governance reform by Congress in recent years. The purpose of SOA is to prevent accounting scandals from occurring again and to help restore the public s faith in corporate financial reporting. Every company whose stock trades on a US-based stock exchange is subject to the Sarbanes-Oxley Act. SOA provides clarity and certainty on a number of highly debatable issues by: Establishing an independent, full-time oversight board (the Public Company Accounting Oversight Board) for capital market participants. The SEC has oversight of the board. The board will oversee the audit of public companies and protect the interests of investors. Establishing new responsibilities for corporate officers. The CEO and CFO must certify in the quarterly and annual reports the following: that they have reviewed the reports and based on their knowledge, that there are no untrue statements of material fact or omissions and that the financial statements fairly present in all material respects the financial condition and results of operations of the company. The CEO and CFO have the responsibility for establishing and maintaining internal controls and must disclose to the auditors and the audit committee all significant deficiencies in internal controls and any fraud. Establishing new responsibilities for audit committees. SOA significantly increases the time commitment and will create a stronger working relationship between the audit committee and the independent auditor. The audit committee will develop policies and procedures to oversee the work of the auditor and to ensure compliance with the pre-approval process. Establishing an ethical conduct requirement. The company must disclose whether or not they have adopted a code of ethics applicable to executives and directors and state why or why not. The SEC has the ability to bar individuals from serving as an officer of a public company based on unfitness. CEOs and CFOs are required to forfeit bonuses and other equity-based compensation during the 12 month period following a re-statement of financial statements. Establishing several new public-company reporting requirements. SOA requires enhanced disclosure including real time disclosure on a rapid and current basis. The Management s Discussion and Analysis of Financial Condition and Results of Operations sections of the disclosure documents must include an explanation of the company s off-balance sheet arrangements, set apart separately within the section and an overview of aggregate contractual obligations. The pro-forma financial information must comply with the new SEC rules. SOA requires management to include in the annual report a report on internal control. The internal control report must include a statement of management s responsibility for establishing and maintaining adequate internal controls over financial reporting for the company and it must identify the framework used by management. Defining the services that public accounting firms can provide to audit clients. The new rules in this area focus on ensuring auditor independence by limiting or prohibiting the provision of non-audit services by auditors, limiting the hiring by companies of their auditor s employees, imposing mandatory audit partner rotation, limiting certain audit partner compensation related to non-audit services, requiring additional auditor reports to the audit committee, and enhancing disclosure of audit fees. Strengthening penalties for corporate fraud. Under Section 906 of SOA, if an individual willfully fails to submit the certifications required, they may be subject to criminal prosecution under Section 32 of the Exchange Act.

Prohibiting certain director activities, including loans by company to officers, insider trading of company s equity during any pension plan black-out period. Prohibits officers or directors from improperly influencing the audit.

Certify ERP Applications and Infrastructure Controls IT management should certify the controls in critical business applications and infrastructure that are used by the company to generate financial statements and monitor financial controls. Many companies use Enterprise Resource Planning (ERP) systems to support critical business processes and report financial results. Therefore, it is important to ensure the integrity, security and reliability of ERP systems or other such business applications used by the company. The IT system maintenance processes and policies should also be reviewed for control risks and the findings should be documented. The IT administrators responsible for system, network, database and applications along with business process owners should participate in a facilitated workshop to assess the key risk factors and identify adequate controls. For example, revenue recognition is critical as it directly impacts the financial statement. Therefore, the sales process from order to cash workflow in the ERP system should be reviewed. IT management should adequately test security administration, system continuity plan, reporting tools and workflow management to establish a baseline for IT controls certification. Security Administration IT systems should be secured physically and logically against any unauthorized access. The physical security includes intrusion and access control via surveillance, cameras and card readers. Often the data center has 24x7 staffing and management, including operations personnel and security guards. The physical structure should be equipped with environmental controls to provide the consistency and safekeeping of the equipment and data. Data centers should include environmental controls such as early warning fire detection, smoke management, and suppression systems. Well-designed ERP systems provide logical security to control system access and workflows. User access in ERP systems can be configured based on roles and responsibilities. ERP system controls may include user access, sign-on limits, field validation checks and workflows that provide a robust controls environment for the processing of data. For example, the system should not allow a user to approve an invoice with the same invoice number as a previous invoice. This type of automatic control reduces the likelihood of error and confusion in processing accounts payable. Business Continuity Plan A company can experience several business losses when its critical IT systems are down. The cost of systems failure can be significantly high for every hour of down time. An uptime of 99.9% is not good enough for most companies that compete in today s global markets. IT management should validate that the systems can handle planned maintenance or an unplanned "blip" without going off-line. The computer systems should be able to handle the anticipated or the unexpected failure and keep the business running. Business continuity planning not only includes having hardware and software placed at a remote facility, but it can also involve moving phone lines and people to a remote workplace. A continuity plan is as vulnerable as its weakest link. IT management should validate the plan for unexpected system outage.

Reporting Tools Many companies use reporting tools to extract information from the ERP applications and prepare financial reports such as 10K and 10Q for SEC reporting. Therefore, a review should be focused on testing the reporting tool that extracts, processes and reports data utilized by management for decision-making and business performance measurement. Software Change Management Software changes such as upgrades, patches, customization and interfaces can create risks, which are controlled through a software change management process. IT management should review the software change management process and verify the controls. Many companies customize and integrate ERP systems to meet business and industry specific requirements. Any customization to the system should be tested for control gaps to identify the risks. ERP systems are integrated using interfaces, which allow data to pass between the ERP application and other systems. The interfaces between different systems are a common risk area. Companies that have several systems interfaced for data transfer should assess the risk of controls at the interface points.

Improve Risk Assessment Process with COSO based Standard Framework Management is required to base its assessment of the effectiveness of the company s internal control over financial reporting on a suitable, recognized control framework established by a body of experts that followed due-process procedures to develop the framework. Based on the final ruling from the SEC, a suitable framework must be: free from bias; permit reasonably consistent qualitative and quantitative measurements of a company's internal controls; be sufficiently complete so that the relevant factors that would alter a conclusion about the effectiveness of a company's internal controls are not omitted; and be relevant to an evaluation of internal control over financial reporting. The SEC's final rule requires that each company identify the internal control framework used to evaluate compliance. The SEC identifies only a single framework by name, the COSO (Committee of Sponsoring Organizations) Internal Control - Integrated Framework. COSO satisfies the criteria and may be used as an evaluation framework for purposes of management's annual internal control evaluation and disclosure requirements. Internal Controls Framework (COSO) COSO is a voluntary private sector organization dedicated to improving the quality of financial reporting through business ethics, effective internal controls and corporate governance. COSO defines internal control as a process. It is not simply a matter of defining internal controls once and being done. The SEC requires that companies establish an ongoing process for monitoring internal controls while evaluating and improving their effectiveness. The right software solution recognizes the process-based nature of internal controls and is built upon a proven business process management foundation. In the COSO Framework, internal controls are designed to assure: (1) effectiveness and efficiency of operations, (2) reliability of financial reporting and (3) compliance with laws and regulations. The internal controls are composed of five interrelated components: (1) control environment, (2) risk assessment, (3) control activities, (4) information and communications, and (5) ongoing monitoring. The objectives in each of these interrelated components fall into one or more of the three broad categories of operations, financial reporting or compliance. Control Environment The control environment is the conscience of the organization. An entity s control environment is shaped by the actions of top management. Elements of the control environment include integrity, ethical values and management s operating style. Risk Assessment Risk assessment is the identification and evaluation of the risks from external and internal sources that could prevent an entity from achieving its objectives. Control Activities The policies and procedures implemented by an entity are the control activities used to manage risk. Control activities include procedures for approval, verification and segregation of duties. Information and Communication Every entity needs an efficient process for communicating information throughout the organization. An efficient communication process includes the downward flow of directional information from top management as well as the feedback from the operating functions of the

entity. Information and Communication also include the entity s information systems that are used to process data, produce reports and manage the organization. Monitoring The internal control activities are monitored to ensure effectiveness and quality. Monitoring includes the assessment by appropriate personnel of the control activities to determine that the controls are functioning as intended. Monitoring also includes a process for corrective action if required. The COSO framework states: the control environment provides an atmosphere in which people conduct their activities and carry out their control responsibilities. It serves as the foundation for the other components. Within this environment, management assesses risks to the achievement of specified objectives. Control activities are implemented to help ensure that management directives to address risks are carried out. Meanwhile, relevant information is captured and communicated throughout the organization. The entire process is monitored and modified as conditions warrant. Internal Controls Management Tools Using COSO as a guideline, we recommend using a tool to install a process database, which should include process definition, process owner, process category, risk category and approval status. Once a process is developed and populated, all the process owners should receive a notification to certify that their respective processes have adequate internal controls. Process owners at a higher-level should review the certification status of subsidiary processes as part of their own certification process. Once the company certifies the processes, the external independent auditor can verify the certification status. The online process database should include step-by-step instructions and serve as the desk manual for maintaining controls and future training for the process owner. Internal Controls Management Software Companies can select a controls management tool from ERP vendors, business intelligence tool vendors or external audit firms. All major ERP vendors such as Oracle, SAP and PeopleSoft offer software tools to document and validate internal controls. For example, Oracle has offered a process documentation and training tool called Tutor for nearly 10 years that comes with a repository of standard business processes. Tutor provided processes can be easily tailored to specific needs of a company. Once approved by the management, the processes can be published on the company intranet so that all employees can learn and follow consistent business processes. Oracle has also started shipping Internal Controls Manager (ICM), which has been tested by many Fortune 100 companies and several external audit firms. The ICM tool is integrated with Tutor and can significantly reduce the time to asses controls by providing access to the process library. The ICM tool can also be used to import a set of risks identified by management, which can be maintained in a risk library. The Tutor and ICM tools work stand-alone or integrated with the Oracle ERP applications to provide even greater control over the ERP system.

Business intelligence tool vendors such as BusinessObjects and SAS offer data extraction and analysis functions to identify controls and assess risks. Companies that do not have an integrated ERP system should evaluate business intelligence tools to improve access to data across multiple systems. Certain external audit firms also offer software tools in addition to the internal controls assessment services. But the SEC indicated in its open meeting in May 2003 that it would be problematic if management used auditor software that was designed to help evaluate the effectiveness of controls or to document the controls that exist. While the final SEC ruling on this issue is ambiguous, it does raise a red flag for management and audit committees.

Sarbanes-Oxley Controls Implementation Approach The company should use a project approach to assess the internal controls and prepare for Section 404 compliance. Here are a few key steps that should be considered as part of the approach: Assessment Workshop: Initial analysis of internal controls, risks and audit procedures to determine the scope of work and resource requirements. If the company has already established a disclosure committee, the analysis can be obtained from the committee. Systems Review and Certification: Develop a check list for all IT system controls to adequately test security administration, system continuity plan, reporting tools and workflow management to establish a baseline for IT controls certification. Controls Management: Work with key department managers to provide a repository for documenting business processes, identify risks and assess internal risks. Employee Access and Training: Provide access to all employees and train as needed. Controls Monitoring: On-going evaluation of business processes and control activities. Conclusion As public companies examine their internal controls, financial reporting systems and corporate governance to comply with the Sarbanes-Oxley Act, we believe that this effort can be leveraged to improve business performance by establishing a framework for on-going process management, risk monitoring and employee training. IT management should actively participate in developing the company s plans for Sarbanes-Oxley compliance. The plan should include a review and certification of all essential IT systems used to prepare and report financial results. The risks and costs for Sarbanes-Oxley can be high for most companies. IT management can provide IT services to streamline internal controls processes and reduce external audit costs. About the Authors Adil Khan is a Senior Director at Fulcrum responsible for delivering high impact IT solutions. Adil has over 15 years experience in enterprise business systems. Before Fulcrum, Adil served as the Chief Executive Officer of Alternate Marketing Networks, Inc., which is a small cap publicly traded company. He also founded Hencie Consulting Services, Inc., which is ranked number 157 on the Inc. 500 list of the nation's fastest-growing private companies. Hencie provided ERP consulting services and successfully delivered over 100 e-business solutions to middle market (Fortune 1000) companies in Manufacturing, Distribution, Energy and Services Industries. Adil has been nominated to receive the Ernst & Young Entrepreneur of the Year Award for 2000 and 2001 and was named one of America's entrepreneurial growth leaders by Inc. magazine. Barbara Schummer, CPA, is a Director at Fulcrum responsible for Sarbanes-Oxley practice which offers professional services to review and implement internal controls. Prior to joining Fulcrum Barbara was the controller at Hencie Consulting Services, Inc. where she helped the management design and implement internal controls needed to comply with the SEC standards. She has several years experience in working with Big 4 audit firms during the annual external audit and quarterly review process. About Fulcrum Fulcrum Information Technology, Inc.,(FIT) is a leading provider of utility computing services that offers a way to provision IT solutions as utility services. Fulcrum attracts and retains some of the most knowledgeable and experienced professionals in the industry with a focus on client success. FIT professionals work side by side with the clients to help them expand business and technology knowledge.

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback