What is the primary objective of **WELL**?

**The primary objective of WELL is to advance human health and well-being in buildings through performance-based design, operations, and policies across 10 concepts: Air, Water, Nourishment, Light, Movement, Thermal Comfort, Sound, Materials, Mind, and Community.** Administered by the International WELL Building Institute (IWBI), WELL v2 requires meeting **24 mandatory Preconditions** and pursuing **102 optional Optimizations** (plus 6 in Innovation) to achieve certification tiers—Bronze (40 points), Silver (50 points with 1 point minimum per concept), Gold (60 points with 2 points minimum per concept), or Platinum (80 points with 3 points minimum per concept).

Who is legally or professionally required to comply with **WELL**?

**WELL is voluntary and not legally mandated for any organization.** It is professionally pursued by building owners, developers, facility managers, and corporate real estate leaders across new and existing buildings, including offices, residential, hospitality, education, and healthcare, to verify occupant health outcomes via on-site performance testing.

Does **WELL** require an external audit or third-party certification?

**Yes, WELL mandates third-party documentation review (preliminary and final rounds) and on-site performance verification by authorized WELL Performance Testing Agents.** Verification tests air (e.g., CO₂ ≤900 ppm), water quality, lighting, acoustics, and thermal comfort at ≥50% occupancy, ensuring measurable outcomes beyond design intent.

How often should an assessment for **WELL** be performed?

**WELL certification requires recertification every three years, with annual reporting for select features like air quality monitoring.** Ongoing assessments use continuous monitoring pathways (e.g., calibrated sensors recalibrated annually) and occupant surveys to maintain performance between full verifications.

What are the consequences of non-compliance with **WELL**?

**Non-compliance results in certification denial, additional curative review fees, and project delays.** Failed performance verification (e.g., exceeding pollutant thresholds) requires remediation; without recertification every three years, certification lapses, impacting ESG reporting and market differentiation.

An **WELL** be mapped to other international frameworks?

**Yes, IWBI provides official crosswalks mapping WELL features to frameworks like LEED.** These align overlapping strategies (e.g., air filtration, materials), enabling streamlined dual certification and reduced documentation for portfolios pursuing integrated sustainability and health goals.

What is the first step to begin implementing **WELL**?

**The first step is project enrollment in the IWBI digital platform and scorecard development.** Identify applicable Preconditions/Optimizations by building type (e.g., WELL Certification, Core, Residential), conduct a gap analysis with optional pre-testing for high-risk features (air, water), and assemble a cross-functional team including facilities and HR.

What is the primary objective of **SOX**?

**The primary objective of SOX is to protect investors by improving the accuracy and reliability of corporate disclosures under federal securities laws.** Enacted July 30, 2002, following scandals like Enron and WorldCom, it establishes PCAOB oversight (Title I), auditor independence (Title II), executive certifications (**Section 302**), and **ICFR** assessments (**Section 404**).

Who is legally or professionally required to comply with **SOX**?

**SOX applies to all U.S.-listed public companies, including foreign private issuers, and their PCAOB-registered auditors.** **Section 404(a)** mandates management **ICFR** assessments for issuers under Securities Exchange Act Sections 12 or 15(d); **404(b)** requires auditor attestation except for non-accelerated filers (public float under $75M) and EGCs (up to 5 years post-IPO unless revenues exceed $1.235B).

Oes **SOX** require an external audit or third-party certification?

**Yes, SOX Section 404(b) requires external auditor attestation on management's ICFR assessment per PCAOB standards for applicable issuers.** Non-accelerated filers and EGCs are exempt from **404(b)** but must comply with **404(a)** management reporting; auditors report directly to independent audit committees (**Section 301**).

How often should an assessment for **SOX** be performed?

**SOX requires annual management assessment of ICFR effectiveness under Section 404(a), reported in Form 10-K.** Quarterly **Section 302** certifications support ongoing disclosure controls; continuous monitoring, interim testing, and year-end validation align with PCAOB expectations for living control systems.

What are the consequences of non-compliance with **SOX**?

**Non-compliance with SOX triggers civil fines, criminal penalties up to $5M and 20 years imprisonment under Sections 802/906, and SEC enforcement.** False certifications (**Section 906**) or document tampering (**Section 802**) incur personal executive liability; material weaknesses prompt restatements, delisting risk, and higher capital costs.

An **SOX** be mapped to other international frameworks?

**No, these SOX FAQs do not address mappings to other frameworks.** SOX stands as a standalone U.S. federal statute with unique PCAOB standards, **ICFR** requirements, and enforcement via SEC rules.

What is the first step to begin implementing **SOX**?

**The first step for SOX implementation is a top-down risk assessment to scope material financial accounts, processes, and assertions per PCAOB AS 2201.** Form a steering committee, define materiality thresholds (e.g., 5% assets), and build risk-control matrices aligned to COSO for entity-level and ITGC focus.

WELL vs SOX | GRADUM

Standards Comparison

WELL

Voluntary

2014

Performance-based certification for building occupant health

SOX

Mandatory

2002

U.S. federal law mandating internal controls over financial reporting

Quick Verdict

WELL certifies healthy buildings via performance testing for all industries globally, while SOX mandates financial controls for U.S. public firms with severe penalties. Companies adopt WELL for ESG/occupant wellness, SOX for legal compliance and investor trust.

Building Health & Wellness

WELL

WELL Building Standard v2

Cost

€€€€

Complexity

High

Implementation Time

12-18 months

Key Features

Mandatory on-site performance verification testing
Preconditions plus point-earning Optimizations structure
10 core concepts for human health outcomes
Tiered certification levels Bronze to Platinum
Continuous monitoring pathways for compliance

Financial Reporting

SOX

Sarbanes-Oxley Act of 2002

Cost

€€€

Complexity

Medium

Implementation Time

18-24 months

Key Features

Mandates CEO/CFO certification of financial reports (Section 302)
Requires management ICFR assessment and reporting (Section 404(a))
Demands external auditor ICFR attestation (Section 404(b))
Establishes PCAOB for audit firm oversight (Title I)
Enforces auditor independence and rotation (Title II)

Detailed Analysis

A comprehensive look at the specific requirements, scope, and impact of each standard.

WELL Details

What It Is

WELL Building Standard v2 is a performance-based certification framework administered by the International WELL Building Institute (IWBI). It focuses on designing, operating, and verifying buildings to advance human health and well-being through evidence-based strategies. Its concept-based approach organizes requirements into mandatory Preconditions and optional point-earning Optimizations.

Key Components

**10 core conceptsAir, Water, Nourishment, Light, Movement, Thermal Comfort, Sound, Materials, Mind, Community (plus Innovation).
24 Preconditions and 102 Optimizations totaling up to 110 points.
Built on public health research and building science.
Tiered certification: Bronze (40 points), Silver (50), Gold (60), Platinum (80) with concept minimums at higher levels.

Why Organizations Use It

Enhances occupant health, productivity, and ESG reporting; differentiates portfolios with verified outcomes; supports talent retention and higher rents; complements LEED for holistic sustainability; builds stakeholder trust via rigorous verification.

Implementation Overview

Phased process: enrollment, scorecard development, documentation review, on-site performance verification, certification. Applies to new/existing buildings across sectors; requires cross-functional teams, pre-testing, continuous monitoring; recertifies every 3 years.

SOX Details

What It Is

The Sarbanes-Oxley Act of 2002 (SOX) is a U.S. federal regulation enacted to protect investors by enhancing the accuracy and reliability of corporate financial disclosures. Triggered by scandals like Enron and WorldCom, SOX establishes accountability through internal controls over financial reporting (ICFR) using a top-down, risk-based approach aligned with frameworks like COSO.

Key Components

**Title ICreates PCAOB for public company audit oversight, inspections, and standards.
**Title IIMandates auditor independence, partner rotation, and non-audit service restrictions.
**Sections 302/404/906CEO/CFO certifications, ICFR assessments, and auditor attestations.
**OtherWhistleblower protections (806), real-time disclosures (409), criminal penalties. No fixed control count; focuses on entity-level, process, and ITGC domains.

Why Organizations Use It

Mandatory for U.S. public companies and listed foreign issuers.
Reduces fraud, restatements, and reporting risks.
Builds investor trust, lowers cost of capital.
Drives governance maturity and operational efficiency via automation.

Implementation Overview

Phased risk-based program: scoping, documentation, testing, remediation, continuous monitoring. Targets public firms across sizes/industries; 404(b) audit for accelerated filers. Involves cross-functional teams, GRC tools, annual reporting.

Key Differences

Aspect	WELL	SOX
Scope	Occupant health across 10 concepts (air, water, mind)	Financial reporting controls and governance
Industry	All building types globally (offices, residential)	U.S. public companies and listed issuers
Nature	Voluntary performance-based certification	Mandatory federal law with criminal penalties
Testing	On-site performance verification annually	Annual ICFR testing and auditor attestation
Penalties	Loss of certification, no legal penalties	Fines up to $5M, imprisonment up to 20 years

Scope

WELL

Occupant health across 10 concepts (air, water, mind)

SOX

Financial reporting controls and governance

Industry

WELL

All building types globally (offices, residential)

SOX

U.S. public companies and listed issuers

Nature

WELL

Voluntary performance-based certification

SOX

Mandatory federal law with criminal penalties

Testing

WELL

On-site performance verification annually

SOX

Annual ICFR testing and auditor attestation

Penalties

WELL

Loss of certification, no legal penalties

SOX

Fines up to $5M, imprisonment up to 20 years

Frequently Asked Questions

Common questions about WELL and SOX

WELL FAQ

SOX FAQ

You Might also be Interested in These Articles...

Top 5 Reasons NIST SP 800-53 Rev 5 Overlays Unlock AI Risk Management for Private Sector Enterprises in 2025

Top 5 reasons NIST SP 800-53 Rev 5 AI overlays unlock risk management for private enterprises. Tailorable controls combat model poisoning & data leakage. CISO i

Top 5 Reasons TISAX Tabletop Exercises Prevent €10M+ Supply Chain Breaches for ADAS Tier 1 Suppliers in 2025

Unlock top 5 reasons TISAX tabletop exercises deliver 4:1 ROI preventing €10M+ supply chain breaches for ADAS Tier 1 suppliers. ENX case studies & VDA ISA contr

SOC 2 Audit Survival Guide: Auditor Questions, Red Flags, and Evidence Prep for First-Time Pass

Ace your SOC 2 audit with predicted auditor questions, model answers, red flags, and evidence checklists from CPA best practices & SignWell's journey. Reduce st

Run Maturity Assessments with GRADUM

Transform your compliance journey with our AI-powered assessment platform

Assess your organization's maturity across multiple standards and regulations including ISO 27001, DORA, NIS2, NIST, GDPR, and hundreds more. Get actionable insights and track your progress with collaborative, AI-powered evaluations.

100+ Standards & Regulations

AI-Powered Insights

Collaborative Assessments

Actionable Recommendations

Check out these other Gradum.io Standards Comparison Pages

PIPL vs Basel III

Explore PIPL vs Basel III: China's data privacy powerhouse meets global banking standards. Master compliance strategies, risks, and phased implementation for resilient success.

BREEAM vs ISO 26000

Explore BREEAM vs ISO 26000: Certifiable building sustainability ratings (BREEAM) meet holistic SR guidance (ISO 26000). Unlock the best ESG strategy for your projects today!

GDPR vs ISO 28000

Discover GDPR vs ISO 28000: Data privacy powerhouse meets supply chain security standard. Unpack differences, compliance tips & synergies for resilient ops. Dive in now!

WELL

SOX

Quick Verdict

WELL

Key Features

SOX

Key Features

Detailed Analysis

WELL Details

What It Is

Key Components

Why Organizations Use It

Implementation Overview

SOX Details

What It Is

Key Components

Why Organizations Use It

Implementation Overview

Key Differences

Scope

Industry

Nature

Testing

Penalties

Frequently Asked Questions

WELL FAQ

What is the primary objective of WELL?

Who is legally or professionally required to comply with WELL?

Does WELL require an external audit or third-party certification?

How often should an assessment for WELL be performed?

What are the consequences of non-compliance with WELL?

An WELL be mapped to other international frameworks?

What is the first step to begin implementing WELL?

SOX FAQ

What is the primary objective of SOX?

Who is legally or professionally required to comply with SOX?

Oes SOX require an external audit or third-party certification?

How often should an assessment for SOX be performed?

What are the consequences of non-compliance with SOX?

An SOX be mapped to other international frameworks?

What is the first step to begin implementing SOX?

You Might also be Interested in These Articles...

Top 5 Reasons NIST SP 800-53 Rev 5 Overlays Unlock AI Risk Management for Private Sector Enterprises in 2025

Top 5 Reasons TISAX Tabletop Exercises Prevent €10M+ Supply Chain Breaches for ADAS Tier 1 Suppliers in 2025

SOC 2 Audit Survival Guide: Auditor Questions, Red Flags, and Evidence Prep for First-Time Pass

Run Maturity Assessments with GRADUM

Check out these other Gradum.io Standards Comparison Pages

PIPL vs Basel III

BREEAM vs ISO 26000

GDPR vs ISO 28000