Modern building with curved glass facade reflecting sky. Contemporary architectural design against a clear blue backdrop

How sub-certification can strengthen disclosure governance

Survey findings reveal how scope, automation and committee alignment can shape sub-certification effectiveness across public companies.


In brief
  • Sub-certifications are widely adopted as a core control, often executed quarterly across broad employee populations.
  • Companies vary in design, from standardized questionnaires to tailored approaches aligned to roles and risks.
  • Effectiveness likely hinges on governance choices, including ownership, timing and integration with disclosure committees.

Sub-certifications have increasingly become a foundational element of SOX execution and broader disclosure governance for public companies, helping reinforce consistency, accountability and reporting readiness at scale today. This report, Corporate governance in focus, is based on findings from the EY/Society for Corporate Governance survey of 102 public companies across six broad industry groups. It provides insights into how organizations are designing, governing and evolving their sub-certification processes.

 

While sub-certifications are widely seen as important, companies differ in how they operationalize them. Nearly all surveyed companies use them quarterly, often across large groups of employees, and many are moving toward automated or hybrid processes. Questionnaire design varies, with most organizations relying on a standardized core and a smaller group tailoring questions by function, role or risk area. Integration with disclosure committee reporting also varies, with some companies providing formal summaries and others treating sub-certifications as a separate process.

 

The survey results make it clear that sub-certifications are now a core governance mechanism, but their effectiveness can depend on how deliberately they are designed and embedded. Differences in scope, ownership, timing and committee integration may materially influence how well organizations surface disclosure issues, manage late-cycle risk and support executive confidence in the reporting process.

Summary 

Sub-certifications have evolved into a critical mechanism for strengthening SOX execution and disclosure governance. While broadly adopted, organizations vary in how they structure, automate and integrate these processes. Survey findings highlight that decisions around scope, design, ownership and reporting alignment can significantly influence effectiveness.

About this article

Authors

Related articles

How delegation of authority (DOA) can enhance operational efficiency

Delegation of authority (DOA) policies aid decision-making and risk management, but companies struggle with a lack of information and guidance.

How corporate disclosure committees are adapting in a time of change

Disclosure committees can offer transparency and trust as companies pursue compliance amid uncertainty and ever-growing demands. Read on to learn more.