How to Comply with Sarbanes Oxley and Protect the Interests of Your Employees, Vendors and Investors
by: Admin
Total views: 93
Word Count: 575
For those that do not know, SOX outlines several organizational and operational compliance mandates management must fulfill to demonstrate its control over financial reporting. These include external auditor affirmation as to whether or not the company and its management team has effective internal financial reporting controls in place and affirmation of the level of accuracy reflected in the company's financial statements. Extensive, and quite costly, regulations mean external auditors must clearly understand transaction flow. They also require routine fraud risk assessments, accurately evaluate and assess the effectiveness of internal, company-wide fraud detection and financial reporting controls.
Why IT Controls is So Important When Complying with Sarbanes Oxley
Just as significant as organizational and operational controls, if not more, so are the information technology mandates SOX introduces. Under the Act, ultimate responsibility for data management, security, reliability, integrity and accuracy reside collectively with the Chief Information Officer (CIO), the Chief Executive Officer (CEO) and the Chief Financial Officer (CFO). Pursuant to Sarbanes-Oxley, the CIO is accountable for the systems that control and report financial data, while the CEO and CFO are accountable for actual financial reporting.
Electronic document archive and retention play a key role in SOX compliance, with everything from Word, Excel and PowerPoint files to instant messages and email communications in question. It's not enough anymore to simply store these documents. Public corporations must have an effective data management solution in place guaranteeing retrieval in a timely fashion. This means full lifecycle management, from document creation and retention to auditing and destruction. Under the Act, wrongful business record deletion can result in serious legal ramifications.
Here Are My Top Tips to Help You Comply with Sarbanes Oxley
While there are broad-reaching measures corporations could take to ensure compliance, the Act boils down to three core issues:
1. Documentation
2. Control
3.Accountability.
All corporations should take the following steps toward Sarbanes-Oxley compliance:
- Develop a corporate accountability structure ensuring proper oversight and ownership
- Implement a solid technological structure promoting effective and efficient compliance processes
- Invest in one, united, web-based financial and non-financial information source offering real-time, or immediate, access to applicable stakeholders
- Expand information flow and collaboration
- Document accurate and timely financial reconciliations using Excel, Access or other customized technology solutions
- Encourage employee evolvement and concern escalation
- Document IT systems' usage rules and develop a financial information audit trail
- Introduce in-house auditing procedures
- Implement risk-rating processes for all financial accounts
- Understand and map financial reporting process, IT systems and internal controls
- Identify financial reporting, IT and internal control risks
- Adopt a continuous improvement process
- Document and test controls
- Perform and update controls assessments corresponding with any financial reporting process changes
When corporations thoroughly understand Sarbanes-Oxley and implement strategic processes within both the IT and finance departments, they not only ensure compliance, but they also promote fairer, more uniform disclosure practices and clearer accountability lines.
About the Author
Data Protection Expert, Tim Rhodes has helped hundreds of companies just like yours protect their most valuable asset online. Now, you can discover if you’re doing everything you can to prevent information loss with Tim’s Free Risk Assessment Quiz. Take the FREE QUIZ now at: http://www.webargos.com/quiz and see if your company is at risk!
Rating: Not yet rated
Login to vote