News Stay informed about the latest enterprise technology news and product updates.

Sarbanes-Oxley: Seven steps to CYA

Don't repeat the same Sarbanes-Oxley mistakes you made last year. Take this tip sheet to your next compliance meeting.

Companies are breathing a sigh of relief after a year of scrambling and spending for SOX compliance.

Next year, however, is not expected to be a piece of cake. Compliance spending is expected to go up this year and next as SMBs and foreign registrants enter the fray. Experts advise companies see SOX as a business process, not a series of tactical problems. Here are seven ways to survive year two of compliance.

  1. Foundation: SOX is a process, not a project. Build compliances requirements into the foundation of how you run your business.
  2. SOX Office: Establish a SOX office staffed by people involved in year 1 compliance and fresh recruits, including, if necessary, new hires with specific skills.
  3. Dashboards: Sustain SOX compliance by making it front and center for your company through the use of portals, dashboards and/or scorecards. Expect to spend between $50,000 to $250,000
  4. Automate: Automate rather than replace. Don't toss out what you did last year. Experts estimate that automation technology can save upwards of 25% of SOX costs.
  5. Embed: Embed testing of internal controls in business processes or use a LAN that sits outside business processes to verify controls.
  6. Testing: Test all transactions, not just samples on a continuous basis.
  7. Monitor: Monitor controls that were put in place late last year to meet the deadline and make sure they continue to mature.

Sources: AMR Research; Pricewaterhouse Cooper; ACL Services Ltd., Iron Mountain Inc.

Dig Deeper on Risk and compliance strategies and best practices

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.