Also part of the UPMC family:
Also part of the UPMC family:

Sarbanes-Oxley Compliance

UPMC Content 2

The Sarbanes-Oxley (SOX) Act of 2002 represents landmark legislation in the world of corporate compliance, securities and capital markets, and overall organization governance and responsibility.

UPMC's voluntary compliance with the legislation marks the first nonprofit ever to meet these rigorous accounting rules intended for corporate America.

  • UPMC established formal governance over financial reporting and interaction with the Board of Directors, Audit Committee, and external financial auditors.
  • CEOs and CFOs certify quarterly whether the company’s financial statements are true, complete, and fairly stated.
  • CEOs and CFOs evaluate the effectiveness of the company’s disclosure controls and procedures each quarter and present their conclusions about the effectiveness in each quarterly and annual filing.
  • Management annually assess and assert to the effectiveness of the company’s internal controls and procedures for financial reporting.

This last requirement, known as Section 404, has had one of the largest impacts on corporations in America. Companies impacted have initiated projects to document, assess the gaps over, remediate, and test the internal controls over financial reporting (ICOFR). In addition, each company must assert as to its findings resulting from this process and that the ICOFR are adequate within the parameters established by the Public Company Accounting Oversight Board (PCAOB) and the Securities and Exchange Commission (SEC).

As a not-for-profit organization, UPMC is not required to comply with the regulations established by SOX. However, UPMC and its Board of Directors has determined that voluntary compliance with SOX is in the best interest of the organization. UPMC initiated a project in June 2004 to comply with the key components of SOX. Among the activities included in this project are:

  • Review of key financial reporting governance areas
  • Identification and strengthening of the corporate ethics program
  • Development of an entity-wide project plan to comply with SOX
  • Review of entity level controls that impact ICOFR
  • Initiation of the ICOFR evaluation program required by Section 404, including the following:
  • Identification of the key business operations and locations for inclusion
  • Development of an entity-wide ICOFR documentation program
  • Completion of a pilot ICOFR documentation project
  • Initiation of ICOFR documentation within the key business operations and locations
  • Initiation of a gap analysis over the ICOFR documentation components

Within the not-for-profit industry segment, UPMC is leading the way in adopting the requirements of SOX. Many organizations have begun to realize the value to be gained through an assessment of internal controls over financial reporting. In fact, organizations such as UPMC see it as making good business sense. However, while others have waited, UPMC decided it was time to act.

Find a Doctor

Browse UPMC doctors and medical professionals to find the care that's right for you. Customize your search by specialty, zip code, last name, and more.


Visit the UPMC Find a Doctor website.
Make an Appointment

Find important information on scheduling your appointment or finding a doctor or service that meets your needs.


Request an appointment now.
Find a Location

Browse addresses and contact information for our network of hospitals, specialty care practices, and community health locations.


Find a UPMC location near you.
Pay Your Bill

Learn more about how to pay your UPMC bill. Find resources including payment methods and contact information for assistance.


Pay your bill now.
Find a Career

Advance your career with UPMC. Discover our latest job listings and learn about our values and career pathways.


Find your ideal career at UPMC.