Tuesday, November 30, 2004

SEC gives companies more time to file reports

Companies with a market capitalization of less than $700 million now have an additional 45 days to file reports about their "internal controls"-the testing and documenting of sales, assets and liabilities. The new deadline of the end of April 2005 applies to companies with fiscal years ending between Nov. 15, 2004 and Feb. 28, 2005.

The internal control reports are required by 2002's Sarbanes-Oxley Act, which was passed in the wake of the Enron and WorldCom accounting scandals and was intended to combat financial fraud. Companies are required to submit their internal control procedures to both internal and external auditors.

SEC gives companies more time to file reports

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley Act passes first court test

In the first court test of the Sarbanes-Oxley Act — which requires a public corporation's top executives to vouch for the company's financial reports — U.S. District Judge Karon Bowdre rebuffed Scrushy's argument that the law is unconstitutionally vague and should not be part of the indictment accusing him of massive fraud at HealthSouth.

Ruling in what she said was the first decision on the constitutionality of the 2002 law, Bowdre said jurors, and not the judge, should decide key questions of Scrushy's case.

Scrushy last year became the first CEO charged under Sarbanes-Oxley. Free on $10 million bond, he is accused of heading a scheme to overstate earnings by some $2.7 billion of the operator of rehabilitation hospitals and clinics.

His attorneys claimed the new law uses phrases like "willfully certifies" and "fairly represents" that make it all but impossible for corporate officers to tell if they are following the law. Prosecutors argued that similar language is used without problem in other laws.

In her 11-page opinion, Bowdre sided with the government and said it was up to a jury to decide if Scrushy met the letter of the law.

Sarbanes-Oxley Act passes first court test

Tell us what you think. (0) comments.
Send to a friend:   

SOX 404 Trends for Next Year Beginning to Emerge

As public companies strive to meet compliance deadlines for Section 404 of the Sarbanes-Oxley Act, trends related to how companies will implement an efficient and effective process beyond the initial year of compliance are beginning to emerge, according to the results of a new survey released by Ernst & Young.

The survey, the third in a series, is part of an ongoing study from Ernst & Young's Business Risk Services practice entitled "Emerging Trends in Internal Controls." The study takes an in-depth look at emerging trends in Section 404 compliance, and polls nearly 100 large, public companies
representing a diverse cross-section of industries. This survey provides an update on the progress large public companies are making in 404 compliance and addresses key issues such as the level of effort involved; the amount of testing being done; key areas of remediation; and the extent and frequency of executive and audit committee oversight and communications.

The survey shows a sharp increase in the urgency of public company first-year efforts to meet compliance deadlines, with 46 percent of companies expecting largely to complete evaluation and testing of 404-related controls only one to two months before their fiscal year end, compared to only 13 percent in the previous survey. In addition, 30 percent of companies reported the time they expect to spend complying with Section 404 has increased by nearly 50 percent, due in large part to the increased number of controls identified for testing.

Some companies are also using or exploring the potential to use control self assessment (80 percent), continuous controls monitoring and analytics (48 percent), and, to a lesser extent, management self testing to support their Year 2 efforts.

SOX 404 Trends for Next Year Beginning to Emerge

Tell us what you think. (0) comments.
Send to a friend:   

US to unveil concessions on accounting rules

Regulators will unveil on Tuesday new concessions for US companies struggling to compile reports on their safeguards against fraud and bad financial reporting.

The Securities & Exchange Commission, the chief US financial regulator, is set to give more than 2,000 public companies with market capitalisations of between $75m and $700m extra time to prepare reports on their internal controls.

The companies are expected to be allowed to file the reports with the SEC up to 45 days after they send their annual reports to the regulator.

They were originally supposed to file their reports on internal controls alongside the annual reports.

Internal controls are meant to ensure good financial reporting as well as detect fraud, and US lawmakers made the reports on such safeguards mandatory for public companies in section 404 of the 2002 Sarbanes-Oxley legislation.

But section 404 has become the most expensive and challenging provision of the legislation for companies.

US to unveil concessions on accounting rules

Tell us what you think. (0) comments.
Send to a friend:   

Monday, November 29, 2004

Sarbanes-Oxley: Stop Whining! - Computerworld

Publicly, most chief executives are begrudgingly positive about the Sarbanes-Oxley Act. In private, some of those same CEOs express grave reservations about its costs and complexity. If they are self-contradictory, it's because few want to risk being cast as spokespersons against good corporate governance.

Industry front groups have been more open in their criticism of Sarbanes-Oxley, citing it as a threat to U.S. competitiveness. The naysayers have warned that the high cost of compliance will squeeze profit margins, discouraging initial public offerings (IPO) and forcing smaller public companies to delist.

But more than two years after passage of the act, the sky hasn't fallen. On the IPO front, activity has actually increased since Sarbanes-Oxley went into effect. According to Thompson Financial, there have been 164 IPOs in 2004 through October, raising a total of $31.07 billion, compared with just 84 deals totaling $15.58 billion for all of 2003. If anything, Sarbanes-Oxley seems to have engendered investor and market confidence, not wariness.

Sarbanes-Oxley: Stop Whining! - Computerworld

Tell us what you think. (0) comments.
Send to a friend:   

Translating COSO for the CIO

Control Objectives for Information and Related Technology (CoBiT) is a set of IT-specific internal controls based on the integrated internal control framework developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). The Sarbanes-Oxley Act and its interpretation by the Public Company Accounting Oversight Board (PCAOB) direct publicly listed U.S. companies to use the COSO framework as a guide to the internal controls documentation requirements of Section 404.

"The typical CIO has no idea what the COSO cube is," notes Dwayne E. Jorgensen, director of Sarbanes-Oxley services with CTG, a Buffalo, N.Y.-based provider of IT staffing, software and services. But he also notes that "the typical CFO can't speak in the CIO's terminology in terms of how the CIO views the management and protection of IT assets."

Translating COSO for the CIO

Tell us what you think. (0) comments.
Send to a friend:   

Foolproof Compliance For Your IT Systems

In the context of Sarbanes-Oxley compliance, IT really does matter. Systems access, security and change management controls within IT's domain can make or break compliance efforts. Yet many CIOs and CFOs remain confused about how Section 404 applies to their company's information technology infrastructure.

In Auditing Standard No. 2, its lengthy interpretation of the Sarbanes-Oxley Act, the Public Company Accounting Oversight Board (PCAOB) indicated that it will be strict in monitoring external auditing firms' approach to examining and reporting on the technological aspects of their corporate clients' financial reporting processes. That decision, audit experts say, pushes external auditors, IT managers and finance executives to cultivate a deeper understanding of the data that courses through financial systems.

CFOs now confront much larger IT challenges than figuring out whether the CIO is overspending on technological bells and whistles. They need to know that the data which flows into IT's labyrinth of systems and applications emerges securely and accurately. Sound corporate governance increasingly depends on policies and procedures that demonstrate, document and communicate that knowledge.

Foolproof Compliance For Your IT Systems

Tell us what you think. (0) comments.
Send to a friend:   

Sterling Commerce Value-Added Network Attains Sarbanes-Oxley Readiness

Multi-Enterprise Collaboration innovator Sterling Commerce today announced that its value-added network, Sterling Information Broker, has passed the SAS 70 Type II (Statement of Auditing Standards Number 70) audit. The significance of the audit surrounds Section 404 of Sarbanes-Oxley Act of 2002, requiring service providers to have proper controls and processes in place when managing customer information.

The SAS 70 Type II assurance confirms that the Sterling Information Broker infrastructure has passed rigorous third-party testing and that it has strict processes in place relating to security, application development, communications, customer service and disaster planning.

"This is of great interest to our customer base, and quite an achievement for our company," said Nolan Rosen, Sterling Commerce chief marketing officer. "It means that we have gone above and beyond to meet strict regulations around the handling and reporting of business information."

"Auditors were onsite at our Columbus headquarters during much of September performing the audit of our operational controls," Rosen added. "It's gratifying to be able to say we had such outstanding results - and that our customer-driven efforts are paying off." During the past three years, Sterling Commerce added $30 million worth of enhancements to its value-added network.

Sterling Commerce Value-Added Network Attains Sarbanes-Oxley Readiness

Tell us what you think. (0) comments.
Send to a friend:   

Preventsys Ensures Sarbanes-Oxley 404 Compliance with Latest Update to Enterprise Security Management System

Preventsys Inc., a pioneer in information security and policy compliance systems specifically for large organizations, today announced that it has updated the Policy and Regulatory Compliance module of the Preventsys Enterprise Security Management System to include new and updated compliance rules related to Sarbanes-Oxley (SOX) -- including section 404 of the Act, which mandates that internal controls be proven to protect the confidentiality, integrity and availability of financial, management and reporting technology systems.

"The Section 404 deadline of November 15, 2004 has come and gone, and it's a safe bet that hundreds of top companies are still struggling to comply with Sarbanes-Oxley's strict guidelines," said Tom Rowley, chief executive officer of Preventsys. "With the new update to the Preventsys Enterprise Security Management System, we automate the compliance audit process across all IT systems, so there's no need to guess what the state of compliance is for your company. Also, we added up to the minute compliance reports that can be generated with the push of a button. The Preventsys system can pinpoint and identify Section 404 trouble spots immediately."

Rowley noted that Preventsys' December 3rd webinar is a "must-attend" event for any company CIO or corporate compliance officer concerned about ongoing SOX compliance: "We're going to use a refreshing amount of plain English to discuss how corporations can best handle the audit process and its aftermath," Rowley said.

The Preventsys Policy & Regulatory Compliance system is an automated compliance management software solution that enables complex organizations to effectively measure compliance against requirements deemed necessary for financially significant IT systems in accordance with the Sarbanes-Oxley law, and other policies and regulations. The Preventsys system enables repeatable and consistent auditing and reporting over time at both a macro level (global network, business units, financial systems, etc.) and at a micro level (per sub-network or per audit). Preventsys also enables large companies to have a complete record of computer and monitoring controls, and an effective, automated way to address non-compliance issues through its built-in workflow, issue assignment and tracking capabilities.

Preventsys Ensures Sarbanes-Oxley 404 Compliance with Latest Update to Enterprise Security Management System

Tell us what you think. (0) comments.
Send to a friend:   

No escape from the escalating cost of Sox

European companies with a listing in the US are up in arms over the cost of complying with the Sarbanes-Oxley Act. In common with many US businesses, they are especially exercised about the requirements of Section 404 on internal control.

Yet there is a curious aspect to this backlash. For as Lynn Turner, former chief accountant at the Securities and Exchange Commission, points out, Section 404 does not mandate a single new control beyond those already mandated by Congress in 1977 in the Foreign Corrupt Practices Act. Nor is there anything that goes beyond the Treadway Commission's recommendations in 1992 on internal control, which have long been regarded in the US as best practice.

Part of the problem is that the enforcement climate is tougher. Auditors, with the Public Company Accounting Oversight Board at their back and the demise of Andersen playing on their nerves, have also become hyperactive on the internal control issue.

No escape from the escalating cost of Sox

Tell us what you think. (0) comments.
Send to a friend:   

Disgruntled CFOs are calling it quits

The push for better ethics and transparent accounting in corporate America, including the drive to pass the Sarbanes-Oxley law in 2002, has had an unexpected side effect: More finance chiefs are calling it quits.

"Coping with the pressures of Sarbanes-Oxley even as they try to guide companies through a recession has put an enormous strain on CFOs and their staffs," said Julia Homer, editor in chief of CFO magazine.

It has also taken the fun out of the job.

"Sarbanes-Oxley has turned CFOs into scorekeepers rather than players, and they just can't be strategic anymore," said Eleanor Bloxham, co-president of the Corporate Governance Alliance, a consulting firm in Westerville, Ohio.

Disgruntled CFOs are calling it quits

Tell us what you think. (0) comments.
Send to a friend:   

Friday, November 26, 2004

Anglo-German action against Sarbanes-Oxley

British and German business groups are to launch a joint campaign to fight what they see as the “excessive costs and regulatory burden” imposed by the US Sarbanes-Oxley corporate governance legislation.

In a sign of the growing international corporate backlash against the Act, they will urge the US Securities and Exchange Commission to make changes, including making it easier to delist from US stock exchanges.

The CBI and the BDI, the German industry federation, will write a joint letter to the SEC outlining their members' rising concern over the legislation. This will be followed by meetings between leading officials from the business groups and the SEC early next month in the US. The two groups will also step up their lobbying of US authorities.

“UK and German business feels very strongly over this issue,” said Digby Jones, CBI director-general. He said Sarbanes-Oxley would lead to heavy regulatory and compliance costs. “Sarbanes-Oxley is endangering New York's role as an international location to raise capital,” he added. The joint campaign was agreed at a meeting of Unice, the pan-European business federation that claims to represent 16m companies, in The Hague.

Anglo-German action against Sarbanes-Oxley

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley Act may find its way into Singapore rules: PwC

International accounting firm PricewaterhouseCoopers says authorities in Singapore may see it fit to adopt some of the best practices form the Sarbanes-Oxley Act, in line with efforts to become a world class financial hub.

The Sarbanes-Oxley Act was made law by the US in 2002 in the wake of accounting scandals, like Enron, that shook investor confidence in the corporate world. Under the act, filings to the US Securities and Exchange Commission will have to be accompanied by sworn statements from the company's chief executive and chief financial officer as to their fairness and accuracy.

Some say the rules are tough but industry players see that as a growing trend.

Gererd Tan, a partner at PricewaterhouseCoopers, said, "Certainly, I think we have our share of problems in Singapore in terms of misreporting. I think regulators around the world are trying to see what best practices come out of the US from the Sarbanes-Oxley Act."

Sarbanes-Oxley Act may find its way into Singapore rules: PwC

Tell us what you think. (0) comments.
Send to a friend:   

Thursday, November 25, 2004

UK concern over impact of Sarbanes-Oxley

The business backlash over the impact of the US Sarbanes-Oxley corporate governance legislation will be raised at a meeting of European employer groups on Friday in the Hague. The Confederation of British Industry, the UK business group, said on Thursday it expected to hold talks with European counterparts over co-ordinating a push for changes in the legislation.

Digby Jones, director-general of the CBI, said the increased regulatory and compliance costs imposed by Sarbanes-Oxley had become a prime concern for companies with listings on US stock exchanges. He said large public companies were actively considering de-listing in the US as result.

“New York is regulating itself out as a international location for raising capital. That is how serious it is,” he said. “Our members are complaining this is going to lead to millions of extra compliance and regulatory costs that will be ongoing.”

UK concern over impact of Sarbanes-Oxley

Tell us what you think. (0) comments.
Send to a friend:   

Wednesday, November 24, 2004

Hidden gold in corporate cleanup

Sarbanes-Oxley may strike dread in the hearts of some IT executives, but not Tracy Austin. Austin, the chief information officer with casino operator Mandalay Resort Group, said the financial reporting regulations act resulted in a 30 percent increase in her information technology budget this year and battle-tested her fairly young IT staff.

"I was able to beef up our test and development system budget, as well as our firewall and intrusion detection system budget," Austin said. "Sarbanes-Oxley opened up the awareness of our (chief) executives and prompted questions about...our business risks. So instead of talking about technology, we were talking about what are our business risks and the technology to address them."

Compliance technology has gone from the wish lists of bean-counters to the important to-do lists of key executives and board members. That's because the regulations laid down in the Sarbanes-Oxley Act and other laws hold executives' feet to the fire, making them responsible for signing off on the accuracy of their financial statements. Last week, a key section of Sarbanes-Oxley kicked in, turning up the heat.

Hidden gold in corporate cleanup

Tell us what you think. (0) comments.
Send to a friend:   

Governance compliance takes toll

The cost of corporate governance regulations being forced on companies here by the Higgs Report and in the US by Sarbanes-Oxley legislation is costing top British companies hundreds of million of pounds a year. A report into major international companies found that, in Britain, the Higgs rules on director best practice plus the accounting and auditing shake-up in the Smith Report are costing companies on average £1.6m.


If the companies also have securities listed in the US, the additional cost of the new financial reporting legislation there is put at $8.8m (£4.7m) each. Much of that will be going on advice from lawyers, accountants and executive consultancies.

Governance compliance takes toll

Tell us what you think. (0) comments.
Send to a friend:   

Tuesday, November 23, 2004

Firms Cram for a Passing Sarbanes Grade

Hundreds of public companies soon may get a failing grade on a key Sarbanes-Oxley-related report. As disturbing as that may sound, some observers are more worried about how investors will react to such news. Many observers consider the reports, which were intended to prevent the next Enron debacle, to be the key provision of the Sarbanes-Oxley Act. But some accounting experts and regulators are warning investors that just because a company turns in an imperfect report doesn't mean it's a corporate scandal in the making.

"It's important that investors have an understanding of what the material weakness is," said Erica Sulkowski, a spokeswoman for the Securities and Exchange Commission. "If the reaction to a material weakness is that everybody sells without regard to the substance of [them] , that could be problematic."

But some corporate watchdogs think companies have little excuse for the poor reports, which concern a company's so-called internal controls.

Firms Cram for a Passing Sarbanes Grade

Tell us what you think. (0) comments.
Send to a friend:   

Better Governance and Reporting Under Sarbanes-Oxley: Are we There Yet?

Since its enactment in 2002, the Sarbanes-Oxley Act has led to a deluge of studies, reports, and regulations. Public companies, auditors, regulators, attorneys, and U.S. federal, state and local, and foreign governments have all grappled with its implementation and implications. This article provides an update on where things now stand. It covers many of the recent developments, and identifies still unsettled areas. The article will discuss Sarbanes-Oxley generally, with special attention to the international scope of Sarbanes-Oxley and exceptions for foreign entities, and the tax area. The intent is to provide a general understanding of how Sarbanes-Oxley is shaping business operations, describe the provisions of greatest concern to public companies and their applicability to foreign persons, and give citations to additional guidance.

Better Governance and Reporting Under Sarbanes-Oxley: Are we There Yet?

Tell us what you think. (0) comments.
Send to a friend:   

Line56.com: Technology Rising for SOX

Technology spending is growing as a component of overall investment in Sarbanes-Oxley compliance, according to a study released by AMR Research this week.

SOX spending will grow to $5.8 billion in 2005, with the technology component rising from $1.13B in 2004 to $1.62B in 2005, a 43 percent increase. Overall, companies say that 42 percent of 2005 SOX spending will be for internal labor and headcount; 29 percent will be for outsourced services; and 28 percent will be for technology.

The top four "hot button" areas for technology spending are document and records management; all types of security, (internal and external); business process management; and compliance management software.

Line56.com: Technology Rising for SOX

Tell us what you think. (0) comments.
Send to a friend:   

Price of Regulatory Compliance Skyrockets, According to Board Directors Worldwide

Complying with the Sarbanes-Oxley Act and other corporate governance legislation has come at a significant cost — both monetary and otherwise — to companies worldwide, according to the 31st Annual Board of Directors Study, released today by Korn/Ferry International (NYSE:KFY), the premier provider of executive search and leadership development solutions.

The most comprehensive, longest-running survey of its kind in the world, the Board of Directors Study examines opinions and practices found in boardrooms of major corporations throughout the world. The findings are based on the responses of nearly 1,000 board members from 14 nations in the Americas, Asia Pacific, and Europe. This year, the survey population was expanded to include directors of South African companies.

Price of Regulatory Compliance Skyrockets, According to Board Directors Worldwide

Tell us what you think. (0) comments.
Send to a friend:   

BT chairman slams cost of Sarbox

The 'great burden' of Sarbanes-Oxley compliance will cost BT £10m, according to chairman Sir Christopher Bland. But Sir Christopher said there was no chance of BT delisting from the US stock market. 'We have American shareholders and US dollar-denominated bonds as well. So we've just got to grit our teeth and get on with it.'

Sir Christopher also said that he preferred the splitting of chairman and chief executive roles, which has formed part of the recent UK reforms of corporate governance.

BT chairman slams cost of Sarbox

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley: Compliance Issues Can Mean Business Benefit

As a key section of the Sarbanes-Oxley Act took effect last week, companies continue to race against the clock to meet the act's rigorous financial-documentation and reporting requirements before the end of their fiscal years. And not all companies will make it.

Under Sarbanes-Oxley's section 404, most public companies are required as of Nov. 15 to include with their 2004 annual reports a statement containing management's assessment of the effectiveness of the company's internal financial controls, as well as corroborating statements from outside auditors. Companies whose fiscal year ends Dec. 31 have until March to issue statements.

PricewaterhouseCoopers LLP, which has a large compliance practice, reported last week that 70% of its clients have experienced "significant slippage" in meeting section 404 requirements, and 10% are at severe risk of not being in compliance. As many as 20% of companies will report "material weaknesses" in their annual reports, the Securities and Exchange Commission's chief accountant said in a recent speech.

Sarbanes-Oxley: Compliance Issues Can Mean Business Benefit

Tell us what you think. (0) comments.
Send to a friend:   

Monday, November 22, 2004

U.S. Workers and Investors Largely Unaware of Sarbanes-Oxley Act

Eighty percent of U.S. workers and 76 percent of employed investors have never heard of the Sarbanes-Oxley Act of 2002, according to a Hudson survey measuring its impact in the workplace. As the first compliance deadline approaches in December, only nine percent of workers say they have been asked to do something differently in their jobs as a result of the Sarbanes-Oxley Act.

Among working investors, defined as owning at least $5,000 in stocks, bonds and mutual funds, only seven percent indicated that Sarbanes-Oxley had increased their confidence as an investor. Likewise among this group, only seven percent said it had increased their confidence in the leadership of public companies. The Sarbanes-Oxley Act was enacted to restore investor confidence in public company accounting and leadership by increasing transparency and requiring CEOs and CFOs to attest to the soundness of their companies' internal controls.

"Clearly, U.S. workers and individual investors are not well informed about the Act or its intended benefits," said Dee Lonn, executive vice president of Hudson Financial Solutions. "Despite massive investments of corporate resources, public relations is lagging and the workplace impact has not extended much beyond those directly responsible for achieving compliance." Companies are spending an average of $3 million in the first year to comply with the Sarbanes-Oxley Act, according to Financial Executives International.

U.S. Workers and Investors Largely Unaware of Sarbanes-Oxley Act

Tell us what you think. (0) comments.
Send to a friend:   

Whistleblower Law: A Guide to Legal Protection for Corporate Employees

In Whistleblower Law, D.C. lawyers Stephen Kohn, Michael Kohn, and David Colapinto examine the Sarbanes-Oxley Act (SOX), which in part spells out protections for employees who point out corporate misdeeds. One of the goals of this legislation, the authors claim, was to break "the corporate code of silence" that often cloaks corporate shenanigans.

SOX goes beyond simple protections for whistleblowers to incorporate the following four basic provisions: a prohibition against employment discrimination, criminal penalties for those who discriminate against whistleblowers, corporate responsibility to receive whistleblower complaints, and the responsibility of attorneys to report wrongdoing.

The target audience for this book, in addition to employees, includes corporate HR professionals and trainers, legal eagles, and managers.

Whistleblower Law: A Guide to Legal Protection for Corporate Employees

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley -- compliance or excellence?

Large publicly traded companies had until November 15, 2004 to comply with the new Sarbanes-Oxley (Sarbox) rules. Among other things, these regulations require that corporate executives have meaningful internal controls over financial reporting and that they personally swear to the accuracy of their company's financial statements. For auditing purposes, companies must have a verifiable link between the original data and the quarterly or year-end numbers reported to government agencies, most especially to the Securities & Exchange Commission.

Companies have had two years to work on this issue; Sarbox was put into place in 2002 and the deadline for the most intensive regulations was extended from June until this week. And although much good and hard work has taken place, I'm wondering how many of these public firms can look their largest institutional shareholders square in the eye and swear that they have the firmest of financial controls and absolutely *all* the verifiable information that a tight ship requires. I'd suggest that, while we're certainly in a lot better shape on the financial-accountability score than we were before the Sarbox rules, there's a whole lot more that could be done. It's the difference between simply meeting the basic requirements (and in the absence of any proof to the contrary I'm assuming that all good corporate citizens have done their duty here) and doing everything that can be done with today's technology.

Consider this. Despite how intertwined Sarbox compliance must be with the IT group - and the reasons why should be obvious to any technologist reading this - the IT unit was not even involved in Sarbox planning at many organizations. A study earlier this year by Atlanta-based benchmarking firm Hackett Group found that just 12 of 22 companies surveyed had IT representation on their Sarbox steering committees. And when Gartner Group surveyed 75 public companies last fall, only 63 percent said IT was involved in Sarbox.

Sarbanes-Oxley -- compliance or excellence?

Tell us what you think. (0) comments.
Send to a friend:   

Ingersoll-Rand Selects OpenPages SOX Express for Sarbanes-Oxley Compliance

OpenPages, a leading provider of enterprise governance, risk and compliance management (GRCM) solutions, today announced that Ingersoll-Rand Company Limited has selected OpenPages Sarbanes-Oxley Express (SOX Express) for its Section 302 and 404 compliance initiatives.

Ingersoll-Rand is a leading innovation and solutions provider for the major global markets of Security and Safety, Climate Control, Industrial Solutions and Infrastructure. The company's diverse product portfolio encompasses such leading industrial and commercial brands as Schlage locks and security solutions; Thermo King transport temperature control equipment; Hussmann commercial and retail refrigeration equipment; Bobcat compact equipment; Club Car golf cars and utility vehicles; and Ingersoll-Rand industrial and construction equipment. In addition, IR offers products and services under many more premium brands for customers in industrial and commercial markets.

Ingersoll-Rand will deploy SOX Express to streamline its internal control documentation process across all of its locations. It will enable the collection of information regarding ongoing business controls deployment and monitoring, resulting in a reduction of compliance costs. By combining a strong document repository with powerful compliance automation capabilities, SOX Express will facilitate both project management and compliance, using web-based tools to get users up to speed quickly.

"Leveraging our internal controls documentation to date was a critical factor in selecting a software application for Sarbanes-Oxley," said Tim Scofield, vice president and director, Audit Services, for Ingersoll-Rand. "By offering an easy migration from Internal Controls Workbench to SOX Express, OpenPages keeps our initiatives on track while significantly upgrading our capabilities for ensuring highly efficient, cost-effective, quarter-over-quarter compliance."

Ingersoll-Rand Selects OpenPages SOX Express for Sarbanes-Oxley Compliance

Tell us what you think. (0) comments.
Send to a friend:   

Saturday, November 20, 2004

Restoration Hardware shares drop on loss, outlook

Shares of Restoration Hardware plunged Friday after the home furnishings chain posted a wider-than-expected quarterly loss and issued a disappointing outlook. Costs to comply with the Sarbanes-Oxley Act and continued distribution and supply-chain inefficiencies also hurt earnings, the company said

Restoration Hardware stock closed at $5.35, down 96 cents, or 15 percent, Friday on the Nasdaq Stock Market.

Restoration Hardware shares drop on loss, outlook

Tell us what you think. (0) comments.
Send to a friend:   

Web Hosting News: NaviSite Completes SAS 70 Type II Audit

NaviSite, Inc. (www.navisite.com) announced today that it has successfully completed a SAS 70 (Statement on Auditing Standards No. 70) Type II Audit. The SAS 70 Audit was performed by a nationally recognized public accounting firm.

Successful completion of SAS 70 Type II audit indicates that NaviSite's processes, procedures and general controls have been formally reviewed.

"With the increased emphasis on integrity and security in today's business environment, and a concern for regulatory standards, such as Sarbanes-Oxley, we believe that the successful completion of the SAS 70 Type II Audit will help to assure our customers that they can trust their systems, data and processes to NaviSite," said Arthur Becker, Chief Executive Officer of NaviSite.

Web Hosting News: NaviSite Completes SAS 70 Type II Audit

Tell us what you think. (1) comments.
Send to a friend:   

Friday, November 19, 2004

OSHA Orders Controller to be Rehired

A former finance executive of an industrial-products company has regained his job and will receive back wages under the whistle-blowing provision of the Sarbanes-Oxley Act.

The Department of Labor's Occupational Safety and Health Administration (OSHA) has ordered the American Standard Cos. and subsidiary Trane Corp. to reinstate former Trane controller David Windhauser, to pay him $105,489.55 in back pay and compensatory remedies, and to remove any disciplinary letters from his personnel file. OSHA determined that Windhauser had been fired in violation of Sarbox after he raised questions about company accounting practices to his supervisors.

"This is precisely the type of whistle-blowing activity that is protected under the law," said Patricia K. Clark, OSHA's regional administrator in New York, in a statement. "We are determined to enforce the law so that employees who expose corporate wrongdoing know they will be protected."

OSHA Orders Controller to be Rehired

Tell us what you think. (1) comments.
Send to a friend:   

Study finds over 60% of CFO�s of SEC registered companies resign or are pushed when a Material Weakness is Disclosed

A.R.C. Morgan has produced its latest Sarbanes-Oxley research report 'Using Reported Weakness Disclosures to Benchmark Internal Controls'.A comprehensive study that provides full disclosed weakness data reported by over 350 SEC registered companies.

The results and conclusions of this study provide significant insight to all those involved with, or interested in understanding, an audit of Internal Control over Financial Reporting. The work effort required to document processes, identify significant risks and mitigating controls, evaluate control design and effectiveness, and report on such effectiveness of internal controls over financial reporting (on an annual basis) has already been extremely time-consuming and, by extension, costly. Yet despite the investments made weaknesses are still being declared and the expectation is that many more companies will be in a similar position. The research was designed to gauge what weaknesses are being disclosed, remediation action taken, impact on the organization and help give other filers a benchmark tool to asses their own environments and what to look out for. The rigorous research that forms the basis of this report has unearthed some unexpected results.

Study finds over 60% of CFO�s of SEC registered companies resign or are pushed when a Material Weakness is Disclosed

Tell us what you think. (0) comments.
Send to a friend:   

Thursday, November 18, 2004

404 Compliance, Exec Compensation Top Governance Issues Among Directors

Executive compensation and internal audit compliance issues rank as the top concerns of corporate directors, according to a survey by the Columbia Business School Executive Education Division.

Nearly 40 percent of directors polled identified compensation, while one-third cited compliance with Section 404 of Sarbanes-Oxley as today's key issues in corporate governance, during a poll at the recent Columbia Executive Education course, "Accounting Essentials for Corporate Directors: Enhancing Financial Integrity."

"Director concern over executive compensation and Sarbanes-Oxley compliance is unabated. When we surveyed corporate directors six months ago, they cited the same concerns," noted Ethan Hanabury, associate dean of executive education at Columbia Business School.

404 Compliance, Exec Compensation Top Governance Issues Among Directors

Tell us what you think. (0) comments.
Send to a friend:   

White Paper: Sarbanes-Oxley and the Branch Office

For the more than 15,000 publicly-traded corporations doing business in the United States, the Sarbanes-Oxley Act of 2002 (also known as "SOX") is a major piece of legislation that is a having profound impact on the way financial information is collected, processed, stored and reported. These companies must develop, test, document and consistently execute processes that lead to full, accurate and timely disclosure of any events that materially impact the financial standing of the corporation.

SOX lays out the potential for severe penalties, including prison, for corporate executives that fail to meet the new compliance standards created in the Act. Most CEOs and CFOs are taking these new mandates very seriously, and are putting programs and processes in place to help them meet this challenge. However, many of these corporations have not yet addressed the management of financial information that resides in their remote or branch offices.

This is a tough problem - often with hundreds or even thousands of locations, each with their own levels of data protection technology and personnel skills - but it's one that needs to be addressed to fully meet SOX compliance.

Signiant has developed a white paper "Sarbanes-Oxley and the Branch Office", providing an insight into the management of remote data with regards to SOX compliance, and will help the reader to gain a better understanding of its purposes, requirements, and consequences.

White Paper: Sarbanes-Oxley and the Branch Office

Tell us what you think. (0) comments.
Send to a friend:   

Sarbox to cost UK corporates £120m

LSE predicts regulatory burden will prompt a dash to de-list from US markets to avoid burden of compliance. UK plc faces an estimated $226m (£122m) bill for implementing stringent rules on internal controls under section 404 of the US Sarbanes-Oxley Act.

The news came as the London Stock Exchange revealed it was anticipating a surge in de-listings by companies fleeing the increasing burden of regulatory compliance on US markets.

One of the heaviest blows came in the form of section 404, which will force UK companies with a dual US listing to document and annually test key controls. The requirements, to be phased in from July next year, will also require management to prepare audited statements that controls are working effectively.

According to research done in the US, the cost of compliance is likely to be around $2m (£1.08m), but UK companies have so far been reluctant to talk figures.

Sarbox to cost UK corporates £120m

Tell us what you think. (0) comments.
Send to a friend:   

SAS Goodnight To Discuss Sarbanes-Oxley in CFO Keynote

Jim Goodnight, chief executive officer of SAS, will deliver the keynote address at the MIT Sloan chief financial officer Summit on Friday. The conference will include some 400 executives in Newton, MA.

"With new government regulations such as the Sarbanes-Oxley Act, Basel II and International Financial Reporting Standards, CFOs have both increased organizational power and added responsibility," Goodnight said in a statement. "With this new focus on finance, organizations need to have unwavering confidence in the financial data they create and in the analysis of this data for making timely and accurate business decisions. This shift places increased importance on the finance department in overall enterprise strategy, thus necessitating a stronger bond between CEO and CFO."

SAS will also be touting its new SAS Financial Intelligence product that it says offers “a new level of precision across business processes including consolidations, reporting, budgeting, planning, strategy, forecasting, risk and the audit process.”

SAS Goodnight To Discuss Sarbanes-Oxley in CFO Keynote

Tell us what you think. (0) comments.
Send to a friend:   

SEC Delays Annual Report Filing Deadline

The U.S. Securities and Exchange Commission said on Wednesday it was postponing by one year a deadline for large corporations to speed up filing of annual and quarterly financial reports with the SEC.
After numerous requests for a delay, the SEC said it pushed back the deadline to give companies and corporate auditors more time to comply with new rules on internal controls over financial reporting mandated by Congress.

The SEC had moved to speed up corporate reports before Congress ordered companies to beef up their internal controls over financial reporting with the approval of their auditors.

The internal controls rule prompted many companies to complain they could not comply with that as well as meet the accelerated filing deadlines.

In a bid to get financial information into investors' hands more quickly, the SEC in 2002 shortened the submission period for corporate annual report filings to 75 days from 90 days after the end of the fiscal year, effective for 2003 reports.

This year, the submission period was scheduled to shrink to 60 days from 75 days, effective for 2004 annual reports; and to 35 days from 40 days for 2004 quarterly reports, the SEC said.

SEC Delays Annual Report Filing Deadline

Tell us what you think. (0) comments.
Send to a friend:   

Wednesday, November 17, 2004

Wharton study: Does Sarbanes-Oxley Hurt Shareholders and Hide Poor Management?

In April 2004, minutes after posting healthy increases in sales and earnings, the publicly traded Niagara Corp. announced it was "going dark," delisting its common stock. The company, a steel manufacturer with sales last year of nearly $300 million, was hardly alone: During 2003 for example, 198 firms went dark, up from only 67 in the previous year. While most companies say they are deregistering from major exchanges to escape the steep costs associated with regulatory filings, some investors and others see darker reasons, rooted in serving insiders' self interest. A new study co-authored by Wharton accounting professor Christian Leuz entitled, Why Do Firms Go Dark? Causes and Economic Consequences of Voluntary SEC Deregistrations, analyzes this recent trend.

In 2002, responding to a spate of accounting scandals that threatened to undermine confidence in the American securities market, Congress enacted the Sarbanes-Oxley Act of 2002 (SOX). Designed to promote transparency, the Act mandated increased disclosure, required new board oversight and internal controls, and promised to give investors better information. But in the year following its passage, the number of firms that went dark and ceased to issue detailed financial reports tripled, meaning more investors were receiving no information at all.

When a company goes dark it can no longer be listed on a big exchange like the NYSE but can continue to trade on the Pink Sheets, an electronic quotation medium for over-the-counter stocks. Stocks that list here do not have to meet minimum requirements or file with the Securities and Exchange Commission (SEC).

Why did they go dark? Cost was certainly a factor in some of the decisions, says Leuz. "Some smaller companies estimated that the cost of complying with SOX was as high as $500,000 per firm, while the cost for bigger companies could be in the millions," notes Leuz, who co-authored the study with Alexander Triantis and Tracy Wang from the University of Maryland's Robert H. Smith School of Business. Among the estimated increased costs are those related to "higher audit and legal fees, new internal control systems that need to be implemented, higher director and officer insurance premiums, and a host of other expenses associated with compliance."

Wharton study: Does Sarbanes-Oxley Hurt Shareholders and Hide Poor Management?

Tell us what you think. (0) comments.
Send to a friend:   

Microsoft Sarbanes-Oxley Accelerator Won't Meet Needs Alone

Microsoft's Office Solution Accelerator for Sarbanes-Oxley was well-received when it was first introduced. Now, however, the company's commitment to the product is in question, as is its ability to meet its customers' business needs.

Microsoft Sarbanes-Oxley Accelerator Won't Meet Needs Alone

Tell us what you think. (0) comments.
Send to a friend:   

National Survey Finds Awareness of Sarbanes-Oxley Among Not-for-Profits Surges

Awareness of the Sarbanes-Oxley Act of 2002 had surged in the not-for-profit industry over the past year. According to the second annual Grant Thornton Board Governance Survey for Not-for-Profit Organizations, 83 percent of survey respondents say they are "very" or "somewhat" familiar with the act, compared to 56 percent in the 2003.

The survey, which includes responses from more than 700 not-for-profit entities, also found that these organizations are not only aware of the act, but many are also taking action because of it. Almost half (48 percent) of survey respondents have made changes to their corporate governance policies as a result of Sarbanes-Oxley.

"This increased awareness and action is, no doubt, the result of board members, governmental entities and other constituencies requiring enhancements in governance, operational and fiscal matters." says Frank Kurre, managing partner of Grant Thornton's National not-for-profit practice.

National Survey Finds Awareness of Sarbanes-Oxley Among Not-for-Profits Surges

Tell us what you think. (0) comments.
Send to a friend:   

Cost of Sarbanes-Oxley

The Sarbanes-Oxley Act (SOX) is perhaps familiar to readers mostly for its detrimental effect on the clarity of MR industry league tables. However, the cost to others is rather greater: US companies will spend an estimated $5.8 billion on meeting its requirements in 2005, according to AMR Research.

The initial deadline for public companies to comply with Section 404 of the Act was yesterday, November 15. Section 404 demands that companies document, control, and secure business processes that directly and materially contribute to reported financial results.

According to Vice President of Research John Hagerty, it was initially thought that Sarbanes-Oxley spending would be a one-time expenditure, but in fact 36% of companies plan to increase spending, 52% will maintain current levels and 12% will decrease SOX spending.

Cost of Sarbanes-Oxley

Tell us what you think. (0) comments.
Send to a friend:   

The Sarbanes Raiders

With the implosion of Enron and WorldCom, it seems strange that -- in light of the new stringent regulations such as Sarbanes-Oxley -- there has not been much hostile activity lately. Well, this may change.

Take yesterday's deal, in which General Electric (NYSE: GE) purchased the Edwards Systems unit of SPX (NYSE: SPW) for $1.4 billion. SPX is the perfect target for a hostile bid. It is a conglomerate of slow-growing industrial properties. It recently had issues with its accounting. And, most importantly, it has assets that are undervalued -- such as the Edwards Systems unit.

A firm called Relational Investors LLC purchased a significant stake in SPX (about 5.7%) and recently launched a proxy fight to throw out management. The firm alleges in an SEC statement that management improperly altered its compensation structure.

The Sarbanes Raiders

Tell us what you think. (0) comments.
Send to a friend:   

Tuesday, November 16, 2004

Mycom Announces New Electronic Mail Archiving Service

The new mailMAX Archiving option will add an important long term document retention dimension enabling companies and organizations to better comply with regulatory requirements such as HIPAA, Sarbanes-Oxley and SEC Rule 17a-4, NASD Rule 3010.

Mycom Announces New Electronic Mail Archiving Service

Tell us what you think. (0) comments.
Send to a friend:   

NaviSite Successfully Completes SAS 70 Type II Audit: Hosting service supports Sarbanes-Oxley Reporting Requirements

NaviSite, Inc. (NASDAQ SC: NAVI), a leading provider of managed application services and a broad range of outsourced hosting services for middle-market organizations, announced today that it has successfully completed a SAS 70 (Statement on Auditing Standards No. 70) Type II Audit. The SAS 70 Audit was performed by a nationally recognized public accounting firm.

Successful completion of SAS 70 Type II audit indicates that NaviSite's processes, procedures and general controls have been formally reviewed. The systems and processes evaluated in this audit include security monitoring, change management, problem management, backup and environmental controls, logical and physical access.

NaviSite was able to satisfy the requirement of the SAS 70 Type II audit, which places the highest level of scrutiny under SAS No. 70 on the company's operational controls and procedures. SAS No. 70, Service Organizations, is an internationally recognized auditing standard developed by the American Institute of Certified Public Accountants (AICPA). A SAS 70 Type II Audit is an in-depth analysis of a service organization's control over information technology and related processes and is often required by public companies for compliance requirements or other companies that want assurance that processes, procedures, and general controls meet the industry's highest standards and best practices. NaviSite is committed to maintaining a semi-annual audit program to provide our customers with current audit results, thus accommodating the varying fiscal year ends of our customers.

NaviSite Successfully Completes SAS 70 Type II Audit: Hosting service supports Sarbanes-Oxley Reporting Requirements

Tell us what you think. (0) comments.
Send to a friend:   

Audit the Data - Or Else

In this 9-page, informative white paper, Baroudi-Bloor International, a research, analysis, and strategic advisory company serving high technology vendors and users, discusses the hazards that surround data, shows the role of audit in mitigating those risks, and describes best practices in auditing data. The necessary role of data auditing as it relates to meeting compliance regulations, including The Sarbanes-Oxley Act, the California Senate Bill 1386, HIPAA, and The Gramm-Leach-Bliley Act is explained.

Audit the Data - Or Else

Tell us what you think. (0) comments.
Send to a friend:   

Accounting problem at SunTrust could delay Sarbanes-Oxley filing

An internal financial audit at SunTrust Banks Inc. has confirmed an accounting problem with its loan loss reserves that could prevent the bank from completing its Sarbanes-Oxley Act reporting requirements by a Dec. 31 deadline.
In an announcement last Wednesday, Atlanta-based SunTrust said that its internal audit found "numerous errors in the loan loss allowance calculations for the first and second quarters, including data, model and formulaic errors," that were not immediately investigated and corrected. Also found were problems with the implementation of a new accounting allowance framework in the first quarter, which resulted in inadequate internal control procedures, insufficient validation and testing, and a failure to detect errors in the allowance calculation.

The bank has since had to restate its first- and second-quarter 2004 financial results because of the problems, according to SunTrust. Three employees in the bank's credit administration division, including its chief credit officer, were fired in connection with the problems, which weren't properly investigated and pursued by the Allowance Committee, according to the bank.

Accounting problem at SunTrust could delay Sarbanes-Oxley filing

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley Is Now a Fact of Business Life

Like it or not, the Sarbanes-Oxley Act (SOX) is not going away. In fact, companies are stepping up their response and have been spending significantly this year on compliance. SOX legislation was enacted to protect shareholders and the general public from accounting errors and fraudulent practices in the enterprise, and is used to define corporate records (electronic and otherwise) to be stored and for how long. Based on detailed survey results with more than 70 companies conducted in the fourth quarter of 2003 and subsequent 2004 research, we estimated this year's SOX spending would be $5.5 billion, with more than half—nearly $3 billion—in hard expenditures impacting bottom-line performances.

Many companies entered the SOX maelstrom thinking the bulk of money they spent to comply would be a one-time expense. Unfortunately, that does not appear to be the case. Based on a later survey in May, spending has continued to escalate.

Sarbanes-Oxley Is Now a Fact of Business Life

Tell us what you think. (0) comments.
Send to a friend:   

New piece of Sarbanes-Oxley kicks in

A section of the Sarbanes-Oxley Act took effect Monday, part of new accounting regulations that promise to be a multimillion-dollar bonanza for tech security companies.

Under Section 404 of the law, publicly traded companies must have policies and controls in place to secure, document and process material information dealing with their financial results. Vendors helping companies with compliance are expect to reap $5.8 billion next year, with 28 percent going to technology companies, according to an AMR Research survey released Friday.

"Technology will play an increasingly significant role in the integration of SOX (Sarbanes-Oxley) compliance initiatives into the business process," John Hagerty, vice president of research at AMR, said in a statement.

This year, companies and organizations are expected to spend $1.13 billion on technology to comply with Sarbanes-Oxley. That is expected to increase to $1.62 billion next year, according to the study.

New piece of Sarbanes-Oxley kicks in

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley legislation passes latest deadline for compliance

Many businesses have less than 75 days to ensure their IT systems are compliant with US Sarbanes-Oxley legislation.

Any public company with more than $75m in market capitalisation that closes its 2004 fiscal year on or after 15 November must meet the needs of Section 404 of the 2002 US accounting regulation within 75 days of their year-end date.

Some 300 companies have already warned the US Securities and Exchange Commission (SEC) that they face non-compliance with the deadline for Section 404 due to weaknesses in their internal controls.

Section 404 mandates a company's auditor to identify 'any material internal control weakness' or 'significant deficiency', in verifying that management has sufficient operational command to produce reliable and compliant financial reports.

'Now we have all these other obligations including internal reporting, which is causing companies all this grief, because internal control reporting for US companies starts now,' said Rick Mitchell, partner at law firm, McDermott, Will & Emery.

Sarbanes-Oxley legislation passes latest deadline for compliance

Tell us what you think. (0) comments.
Send to a friend:   

SOX and User Provisioning

Many companies are struggling with their initial compliance to the Sarbanes-Oxley Act. This Act has forced all public companies to analyze and document their process of creating and managing corporate financial information. For some companies, SOX has caused them to adopt entirely new internal business processes.

Section 404 of Sarbanes-Oxley relates to identifying users and controlling their access to sensitive information and applications. Despite its importance, this section actually does not prescribe any particular technologies or procedures that must be adopted. Many companies have begun to look to the Control Objectives for Information and Related Technology (COBIT) framework published by the IT Governance Institute to provide the details to support the required IT controls assessment and design activities to meet Sarbanes-Oxley.

SOX and User Provisioning

Tell us what you think. (0) comments.
Send to a friend:   

Monday, November 15, 2004

Sarbanes-Oxley Compliance: SunTrust Banks May Not Make Sarbanes-Oxley Deadline

Problems with how SunTrust Banks Inc. calculates loan-loss reserves will likely prevent the company from meeting Sarbanes-Oxley Act reporting requirements this year. Last week three SunTrust employees were fired in connection with accounting irregularities--deficiencies in the bank's method of determining loan-loss reserves--uncovered by an internal investigation. The bank restated its earnings upward for the first half of the year because of the discovered irregularities.

The investigation revealed "inadequate control procedures, insufficient documentation, and a failure to detect errors in our loan-loss calculations," SunTrust chairman and CEO Phillip Humann said in a conference call last week.

The three terminated employees, including the bank's chief credit officer, belonged to its credit-administration division. In addition, the bank's controller was reassigned to a position not related to financial reporting.

Sarbanes-Oxley Compliance: SunTrust Banks May Not Make Sarbanes-Oxley Deadline

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes Oxley internal control rule hits today

Firms with fiscal years ending after Nov. 15, including financial giants like Morgan Stanley (MWD), Goldman Sachs (GS), Bear Stearns (BSC) and Lehman Brothers (LEH) are now required to prove in their annual reports that they've tested and documented their sales, assets and liabilities in a way that complies with the sweeping Sarbanes-Oxley law of 2002.

The post-Nov. 15 deadline applies in particular to companies with a market capitalization of more than $75 million. Passed in the wake of the Enron and WorldCom scandals, the Sarbanes-Oxley Act was broadly aimed at combating financial fraud and protecting investors.

But the results of the first-time reports could throw investors some curve balls.

"The big unknown here is really what those statements are going to say," said David Richards, president of the Institute of Internal Auditors. Another uncertainty, he adds, is "how the marketplace is going to react to the statements made by management and the external auditors." Outside audit firms must sign off on a company's own assessment of its internal controls.

Sarbanes Oxley internal control rule hits today

Tell us what you think. (0) comments.
Send to a friend:   

Rules trigger IT overhaul

Firms need a unified strategy to comply with new corporate governance rules including the US Sarbanes-Oxley (SOX) Act, a key part of which comes into effect today, if they want to ensure efficiency and keep down costs, say experts.

SOX will be followed next year by the Operating and Financial Review (OFR), which obliges listed UK firms to produce an analysis of risks in their annual reports. And the UK's Freedom of Information Act will come into effect in January, forcing local authorities and government departments to carry out data searches in a speedy way.

Firms will have to allocate resources to comply with the new rules, so IT directors should use this as an opportunity to develop best practices and build a framework that can meet a wide range of reporting needs, said Shaun Fothergill, security strategist for software giant Computer Associates.

Rules trigger IT overhaul

Tell us what you think. (0) comments.
Send to a friend:   

TNS Announces Turnkey Sarbanes-Oxley 409 Solution for Companies

Regulators enforcing the Sarbanes-Oxley Act have focused their energies on Section 404, a provision that requires businesses to document their financial- reporting controls and procedures. But most IT managers have yet to tackle a potentially more onerous requirement: Section 409.

TNS, a South Florida company, has released its new product line of Sarbanes-Oxley 409 turnkey solutions - the TNS OBServer. It features real-time monitoring and reporting as well as real-time intrusion detection and notification - all in a single device that scales from 10 to 5000 nodes quickly and cost-effectively.

TNS Announces Turnkey Sarbanes-Oxley 409 Solution for Companies

Tell us what you think. (0) comments.
Send to a friend:   

SEC urged to enforce Sarbanes Oxley whistle-blower law

Two senators who wrote a tough but little-understood law to protect corporate whistle-blowers are pressing the Securities and Exchange Commission for aggressive enforcement, just as a case emerges that could determine how companies are policed.

Spurred by scandals at Enron, WorldCom, and other large corporations, Congress passed the Sarbanes-Oxley Act in 2002. It requires chief executives to swear their companies' books are accurate. It also gives corporate whistle-blowers more protection than any previous federal law has extended to insiders who report wrongdoing.

Senators Charles Grassley, an Iowa Republican, and Patrick Leahy, Democrat of Vermont, who wrote the whistle-blower section, said they wanted to change a corporate culture that ''valued profit over honesty."

SEC urged to enforce Sarbanes Oxley whistle-blower law

Tell us what you think. (0) comments.
Send to a friend:   

Sunday, November 14, 2004

Sarbox 404 Goes into Effect Tomorrow

Although many companies are reportedly not ready for it, the era of internal-controls compliance begins in earnest tomorrow. That's when Section 404 of the Sarbanes-Oxley Act goes into effect for all companies whose fiscal year ends after today.

There will be nothing to file on Tuesday. But by early next year, the vast majority of companies that report on a calendar-year will have to assess the effectiveness of their internal controls over financial reporting and state in their annual reports whether the controls are operating effectively. The companies' outside auditors also must evaluate the in-house assessment and render an independent report on it.

Even though the Securities and Exchange Commission delayed the provision's implementation date twice, a large number of companies are apparently not ready for prime-time compliance with 404. Last week, PricewaterhouseCoopers chairman Dennis Nally told a packed house of largely board audit committee members in New York City that the vast majority of public companies are nowhere near ready to meet the new law's deadlines, according to BusinessWeek. "There's a lot of risk out there," Nally reportedly said.

Sarbox 404 Goes into Effect Tomorrow

Tell us what you think. (0) comments.
Send to a friend:   

Users brace for SOX deadline

As Monday approaches and with it the deadline for compliance with the Sarbanes-Oxley Act (SOX) of 2002, IT departments are crossing the finish line with lighter wallets, still unsure whether they've got it right or how the first round of audits will turn out.

Beginning next week, companies that have publicly owned shares of more than $75 million and that have fiscal years ending on or after Nov. 15 must comply with internal control reporting and disclosure requirements of Section 404 of SOX. Companies with less than $75 million in public shares have until July 15 to comply.

To support Section 404, companies must ensure that they have the proper documentation, retention and retrieval processes in place for the financial records of their company. They must also ensure that they have a solid audit trail to account for all decisions.

Keeping up with all this has been an expensive endeavor, with companies shelling out millions of dollars for auditing fees, extra man hours and for new software and hardware that help archive and retain records.

Users brace for SOX deadline

Tell us what you think. (0) comments.
Send to a friend:   

US starts to count cost of corporate clean up

As Sarbanes-Oxley nears full implementation the implications are clearer. As corporate America completes the final stage of a three-year marathon to reform its governance standards, attention will inevitably turn to the question of whether it has all been worth it.

This Monday marks the trigger point for the last, and most expensive, part of the Sarbanes-Oxley legislation that lies at the centre of this response to scandals at Enron and WorldCom. It also comes amid an unprecedented backlash in the business community, as many executives warn that other measures being pursued by the Securities and Exchange Commissions, the Financial

The question of whether proposed restrictions on their freedom outweigh the desired improvements in company behaviour may ultimately prove impossible to measure. But the concluding chapter of Sarbanes-Oxley is now allowing some assessment of its costs, and the long-feared section on updating and documenting internal management controls may not be quite as bad as some initially feared. The dreaded Section 404 is actually quite short.

US starts to count cost of corporate clean up

Tell us what you think. (0) comments.
Send to a friend:   

Firms struggle with Sarbanes-Oxley

The clock starts ticking on Nov. 15. Companies have only 75 days following any financial year-end after that date to comply with the key Section 404 of the Sarbanes-Oxley reforms -- and accountants say many may soon be admitting they can't. There will also likely be disclosures from companies who discovered problems while probing their bookkeeping methods.

The key for investors will be to decipher which are systemic problems signaling a high risk of a corporate blow-up and which are minor technical issues making little impact on companies' business. If companies aren't transparent about the reasons for delays in complying, it could heighten concern.

PricewaterhouseCoopers Chairman and Senior Partner Dennis Nally said on Thursday about 10 percent of companies, based on information from 700 of the accounting firm's partners, are at "severe risk" of not finishing assessments in time for it to render an opinion on the controls.

The law requires a company's auditor to verify that management has adequate controls to ensure reliable financial reports and comply with a series of related rules.

Firms struggle with Sarbanes-Oxley

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes Oxley Audit Compliance Deadline Proves Costly to Companies

Some of the nation's biggest companies face a deadline today for completing reviews of their internal financial controls required by the Sarbanes-Oxley Act, a labor-intensive, costly effort that has created intense friction between corporate managers and auditors.

Top regulatory officials repeatedly have warned that a significant minority of companies, from a few hundred to a thousand, may report serious weaknesses in their fiscal checks and balances, which could have repercussions in the price of stock shares.
Controls are the backbone of a company's finance system. They include such things as whether multiple officials are required to sign off on company checks and whether employee expense reports are scrutinized by managers.

Corporate scandals of the past several years prompted Congress to require the reviews in hopes of preventing future fraud.

Major companies with fiscal years ending today are supposed to have completed their reviews, imposed under the 2002 Sarbanes-Oxley Act, by now -- the first in a series of deadlines. Other large firms will face deadlines as their fiscal years come to an end, rolling through the next 12 months. Smaller and foreign companies are required to finish documenting controls by July 15.

Sarbanes Oxley Audit Compliance Deadline Proves Costly to Companies (Free registration required)

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley: Burden of compliance

For 18 months, Office Depot executives have delved into the minutiae of the retailer's financial controls, scrutinizing how it accounts for the goods it buys and testing to see, for example, that daily sales match daily deposits. The effort has engulfed a team of roughly 50 people, most of whom are outside accountants, and consumed 45,000 hours.

Like other public companies nationwide, the Delray Beach office supply retailer is doing this to comply with the Nov. 15 deadline for the last major provision of the Sarbanes-Oxley corporate governance law, which was enacted after a wave of accounting scandals that included Enron and WorldCom.

Sarbanes-Oxley's last major provision, known as section 404, requires public companies to document their internal controls, test them, and have both processes audited by an outside accounting firm. Auditors will be required to issue an opinion on the soundness of the controls in a statement that will accompany a firm's annual report, which is filed with federal regulators.

But South Florida executives say that complying with section 404 -- and Sarbanes-Oxley in general -- is consuming countless hours, costing millions of dollars and leading to accounting firms doing essentially the same work twice. They also say the time and money spent to satisfy corporate governance rules could be better used to improve customer service and sales.

Sarbanes-Oxley: Burden of compliance

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley: The Struggle to Catch Up

Auditors and finance executives are in the midst of coping with the biggest rule change in their professional careers, and a deadline is approaching. In hopes of some insight into the challenges of the Sarbanes-Oxley Act and its requirement that auditors attest to the state of their clients' internal financial controls, a capacity crowd jammed the rooftop ballroom of the St. Regis hotel in Manhattan on Nov. 12. Largely composed of board members on audit committees, the audience sat beneath the trompe l'oeil ceiling painted with clouds and blue sky, focusing worried glances on Dennis Nally, chairman of audit giant PricewaterhouseCoopers.

What they heard from Nally couldn't have come as welcome news. For the first time, the auditors of most public companies will have to attest to these controls as part of their 2004 annual reports to shareholders, most of which will be filed in February and March. A recent assessment by more than 700 PwC audit teams found that only 20% of clients are on schedule to complete their internal control reviews, according to Nally

Sarbanes-Oxley: The Struggle to Catch Up

Tell us what you think. (0) comments.
Send to a friend:   

Many Struggle to Comply with Sarbanes Oxley Rules

A flurry of companies may miss the deadline to comply with new regulations brought in after the corporate scandals of 2002, but the key for investors will be to judge how serious the underlying problems really are.

The clock starts ticking on Nov. 15. Companies have only 75 days following any financial year-end after that date to comply with the key Section 404 of the Sarbanes-Oxley reforms -- and accountants say many may soon be admitting they can't.

There will also likely be disclosures from companies who discovered problems while probing their bookkeeping methods.

The key for investors will be to decipher which are systemic problems signaling a high risk of a corporate blow-up and which are minor technical issues making little impact on companies' business. If companies aren't transparent about the reasons for delays in complying, it could heighten concern.

PricewaterhouseCoopers Chairman and Senior Partner Dennis Nally said on Thursday about 10 percent of companies, based on information from 700 of the accounting firm's partners, are at "severe risk" of not finishing assessments in time for it to render an opinion on the controls.

Many Struggle to Comply with Sarbanes Oxley Rules

Tell us what you think. (0) comments.
Send to a friend:   

Saturday, November 13, 2004

SOX Deadline Arrives

After months of preparation and trepidation, Sarbanes-Oxley arrives Monday for U.S. publicly traded companies. The result has been a boon for some IT vendors and a headache for regulated companies, but storage vendors say there may be a silver lining for end users in the form of better business practices.

Monday is the day that Section 404 of Sarbanes-Oxley, "Management Assessment of Internal Controls," comes into effect for U.S.-based companies with market capitalization greater than $75 million. It's the section of the act that potentially has the greatest impact on the storage industry, and while it's been the cause of anxiety for many, vendors say it's been an important driver for IT best practices.

Section 404 demands that companies put in place an adequate internal control structure and procedures for financial reporting, and holds corporate management accountable for inadequate controls. To ensure compliance with Section 404, enterprises must have data retention and retrieval processes in place, as well as solid documentation of all financial records.

"There is definitely some firefighting going on today in terms of meeting upcoming deadlines," Paula Lair, product manager of EMC Centera Compliance Edition, told Enterprise Storage Forum. "But Sarbanes-Oxley is not an event. Fulfilling the intent of the law will be an ongoing process."

SOX Deadline Arrives

Tell us what you think. (0) comments.
Send to a friend:   

SOX deadline set to hit

On Monday morning the world will be a more compliant place if Sarbanes-Oxley legislation is effective in forcing US-listed businesses to get their houses in order.

For months the talk has been of audit trails, transparency and liability but come Monday 15 November businesses will be forced to practice what has been preached with section 404 of the Act coming into effect.

Section 404 refers to the retention and archiving of data in an auditable format - attempting to rule out the possibility of creative accounting or deals being completed 'on the QT' - by communication methods such as email or instant messenger.

The corporate scandals at Enron and WorldCom rocked the world markets and from the moment the shredders first whirred into action legislators were hammering out regulation to help prevent such scandals in the future.

SOX deadline set to hit

Tell us what you think. (0) comments.
Send to a friend:   

Companies that miss accounting deadline may see shares drop

Some U.S. companies that miss Monday's deadline for certifying the effectiveness of their financial controls probably will see their share prices fall, according to a Bear Stearns Cos. study.

The U.S. Sarbanes-Oxley Act's Section 404 requires an evaluation by independent auditors of companies' controls, systems that verify financial transactions and reporting. Any "material weakness" that causes a certification delay must be identified.

The Sarbanes-Oxley Act was passed in 2002 to improve audits after improper accounting at companies such as Enron Corp. and WorldCom Inc. caused bankruptcies and shareholder losses. Ten percent of companies may miss the controls deadline, said Chris Senyek, an author of the study. Companies such as UTStarcom Inc. and Interpublic Group already have alerted shareholders they may not meet the deadline.

"We believe investors in companies that are unable to comply with Section 404 are likely to demand higher-risk premiums," the study said.

Companies that miss accounting deadline may see shares drop

Tell us what you think. (0) comments.
Send to a friend:   

Electrical firm troubled by Sarbanes-Oxley Act

Since the middle of August, Integrated Electrical Services has been unable to report the most basic facts to shareholders about how it's doing. The problems started when Integrated Electrical revealed that it had found some revenue reporting problems at a couple of subsidiaries. It wasn't a lot of money — a $5.7 million adjustment in operating income for a company with revenue of nearly $1.5 billion a year.

As a result of the disclosure, Ernst & Young decided the problems meant the company was unable to comply with the Sarbanes-Oxley Act — a new law setting tough standards for financial controls and holding top executives personally responsible. The questions delayed Integrated's filing of the fiscal third quarter until it could be filed with the year-end results. That is scheduled for Dec. 14.

Things got worse. The chief financial officer resigned in September, and its chief operating officer took a different position in the company.

Finally on Thursday, Standard & Poor's pulled its bond rating entirely when the electrical construction company said the cost of obtaining surety bonds, which ensure it will complete big jobs, had gotten so costly it was going to reduce its business to minimize the rising cost.

That same day the powerful ratings agency said "there is insufficient information available to support a ratings opinion at this time." Integrated's shares dropped by more than 40 percent to close at $2.99 a share — its low for the year for a stock that was once as high as $11.90 a share.

Electrical firm troubled by Sarbanes-Oxley Act

Tell us what you think. (0) comments.
Send to a friend:   

Friday, November 12, 2004

LaBranche finds Sarbanes Oxley reporting problems

LaBranche & Co., the biggest market maker on the New York Stock Exchange, said Thursday it found possibly significant problems in its compliance with the Sarbanes-Oxley Act of 2002 governing financial reporting. Shares of LaBranche gained about 1.4 percent in midday trading on the New York Stock Exchange.

In its quarterly report filed this week with the U.S. Securities and Exchange Commission, New York-based LaBranche said the "potential significant deficiencies" involved its reliance on information provided by third-party vendors.

The company said it is implementing internal controls to independently verify and reconcile the trading reports.

LaBranche finds Sarbanes Oxley reporting problems

Tell us what you think. (0) comments.
Send to a friend:   

Is Your Company Open, Transparent & Compliant?

Even if a business is not a subsidiary of a US company and therefore subject to the requirements of US legislation, such as Sarbanes-Oxley, it will be affected by the changing and ever more stringent laws here in the UK. In an age where information and information security (IS) is central to business strategy, compliance is a critical component that feeds into the requirement for good corporate governance and IS is an essential component of delivering that requirement.

Whether a financial sector business dealing with Basel II operational risk issues, a listed company subject to Sarbanes-Oxley and the Turnbull report or any company affected by the Data Protection Act or Companies Bill, issues of corporate governance must be at the top of the corporate and IS agendas – both of which should be closely linked.

These changes are primarily intended to impose tighter regulation of internal controls over financial reporting and disclosure. They are also designed to strengthen existing privacy laws and compel businesses to develop policies for the monitoring, reporting and archiving of business transactions, which includes email and instant messaging. The legislation basically means that nothing should be happening within an organisation that it is unaware of, unable to find and unable to act upon. With the vast majority of information now generated in digital format and a significant proportion of that stored in a company’s email system, compliance will only be possible by ensuring that the requisite IS infrastructure and technology is in place.

Is Your Company Open, Transparent & Compliant?

Tell us what you think. (0) comments.
Send to a friend:   

Sarbanes-Oxley: The Struggle to Catch Up

Auditors and finance executives are in the midst of coping with the biggest rule change in their professional careers, and a deadline is approaching. In hopes of some insight into the challenges of the Sarbanes-Oxley Act and its requirement that auditors attest to the state of their clients' internal financial controls, a capacity crowd jammed the rooftop ballroom of the St. Regis hotel in Manhattan on Nov. 12. Largely composed of board members on audit committees, the audience sat beneath the trompe l'oeil ceiling painted with clouds and blue sky, focusing worried glances on Dennis Nally, chairman of audit giant PricewaterhouseCoopers.

What they heard from Nally couldn't have come as welcome news. For the first time, the auditors of most public companies will have to attest to these controls as part of their 2004 annual reports to shareholders, most of which will be filed in February and March. A recent assessment by more than 700 PwC audit teams found that only 20% of clients are on schedule to complete their internal control reviews, according to Nally.

Sarbanes-Oxley: The Struggle to Catch Up

Related: Are you ready?

Tell us what you think. (0) comments.
Send to a friend:   

Thursday, November 11, 2004

PharmaLive: Cougar V1.0 Answers Sarbanes-Oxley Compliance Demands

ICM Corporation announced today the first major complementary product to its LeopardTM platform, the industry’s most elegant and affordable solution for FDA compliance management. Cougar v1.0 helps pharmaceutical and other FDA-regulated companies to manage the extensive work required to comply with sections 302 and 404 of the Sarbanes-Oxley Act.

Cougar v1.0 addresses companies’ requirements to respond to periodic statutory financial reports and inclusion in their annual reports of descriptive information regarding the scope and adequacy of internal control structures and procedures for financial reporting of sections 302 and 404 of the Act.

PharmaLive: Cougar V1.0 Answers Sarbanes-Oxley Compliance Demands

Tell us what you think. (0) comments.
Send to a friend:   

30 Percent Of Companies May Miss Sarbox Deadline

Monday Nov. 15 is the day every public company has been waiting for with bated breath. That’s when Section 404 of the Sarbanes-Oxley Act, which mandates strict internal controls over financial reporting, takes effect.

And what should we expect? Nothing, for a little while at least.

That’s because the rule kicks in only after the end of a company’s next fiscal year. For 80 percent of companies covered by the rule, that isn’t until December 31. "It’s not like something is going to happen on Nov 16," says John Hagerty, an analyst with AMR Research. "But now the clock is running."

And for many companies, the clock is running out. Auditing firms — which have to certify companies’ internal controls — say that anywhere between 15 and 30 percent of companies will fail the internal controls audit. As many as 15,000 companies are covered by the law. That equals a lot of companies that won’t be able to meet the deadline. The SEC thinks the number is high enough that it has already proposed dropping its 60-day deadline for companies to file their 10Ks that is required by Sarbanes-Oxley and keeping the current 75-day deadline in place another year.

30 Percent Of Companies May Miss Sarbox Deadline

Tell us what you think. (1) comments.
Send to a friend:   

Execs May Be Confused on What Can and Can't Be Discussed with Auditors

Sarbanes-Oxley regulations have left many public company executives confused about what can and cannot be discussed with their auditors, according to Marjorie Bailey, an officer of San Francisco-based CPA firm Stonefield Josephson.

"The communication between auditors and the executives of public companies has increased due to the Sarbanes-Oxley Act, but the topics under discussion are more restricted than in the past," says Bailey. "If you have stopped asking your auditor's advice, you are missing an important opportunity."

"Auditors are increasingly concerned about maintaining their independence as a result of SOX. This has left many auditors gun-shy about providing information that can be valuable to the executives of public companies," says Bailey. "Nevertheless, public company executives and their auditors must make an effort to communicate to produce an environment that is conducive to sharing ideas and information."

Execs May Be Confused on What Can and Can't Be Discussed with Auditors

Tell us what you think. (0) comments.
Send to a friend:   

Softrax Webcast on Day of Sarbanes-Oxley 404 Deadline Will Feature PWC Expert Presenting Key Lessons Learned

For many companies faced with SOx Section 404 compliance, the waiting is over. What are the realities for those companies? How has it affected their processes, controls, and ultimately their business? How prepared are we as an industry, and what will the report card look like?

Join us on “the day,” November 15th, at 1:00 p.m. Eastern Time, as we present Stephen DeMarco, one of PricewaterhouseCoopers’ leading 404 experts, as he guides us through the challenges, the realities, and the future of Sarbanes-Oxley Section 404.

Softrax Webcast on Day of Sarbanes-Oxley 404 Deadline Will Feature PWC Expert Presenting Key Lessons Learned

Tell us what you think. (0) comments.
Send to a friend:   

Wednesday, November 10, 2004

Go, Sox

Sarbanes-Oxley, or Sox, is the legislation passed by Congress in response to the spate of accounting scandals that everybody loves to hate. Since its inception, the law has received few words of praise. It first appeared to be just another knee jerk on the part of Congress to show how tough it was getting with miscreants. Sox was clearly negative in its concepts and its message. As a result, everybody felt threatened and nobody was happy.

The Sox legislation has also replaced the Public Oversight Board with the far tougher Public Company Accounting Oversight Board or “PCAOB.” Having visited with the PCAOB, I believe that the auditing profession has cause for concern. The PCAOB’s strategy is to review completed audit engagements for evidence of failure and then confront the firms with the directive to fix it, whatever “it” is — “or else.” Considering the power of the PCAOB to invoke a death sentence to a firm, auditors' concern is well founded.

Go, Sox

Tell us what you think. (0) comments.
Send to a friend:   

Decision Matrix: Auditing Framework for Evaluating Process/Transaction-Level Exceptions and Deficiencies

This paper outlines a suggested framework for evaluating manual and automated process/transaction-level exceptions and deficiencies resulting from the evaluation of a company’s internal control over financial reporting. This paper should be read in conjunction with Auditing Standard No. 2, An Audit of Internal Control Over Financial Reporting Performed in Conjunction With an Audit of Financial Statements (AS2), especially the definitions in paragraphs 8 through 10, the section on evaluating deficiencies in paragraphs 130 through 141, the examples of significant deficiencies and material weaknesses in Appendix D, and the Background and Basis for Conclusions in Appendix E. The framework is not a substitute for AS2 and other relevant professional literature.

Issuers and auditors may find this framework useful. It is not intended to, and should not, be utilized when evaluating control deficiencies in IT general controls and other types of exceptions and deficiencies.

The framework was developed by representatives of the following nine firms:

• BDO Seidman LLP
• Crowe Chizek and Company LLC
• Deloitte & Touche LLP
• Ernst & Young LLP
• Grant Thornton LLP
• Harbinger PLC
• KPMG LLP
• McGladrey & Pullen LLP
• PricewaterhouseCoopers LLP

In addition, William F. Messier, Jr., Professor, Georgia State University, also contributed to the development of the framework.

Decision Matrix: Auditing Framework for Evaluating Process/Transaction-Level Exceptions and Deficiencies (PDF)

Tell us what you think. (0) comments.
Send to a friend:   

Five Thoughts About... Sarbanes-Oxley Preparedness

Ben Bradley, contributing writer for Darwin, recently sat down to discuss the impact of Sarbanes-Oxley on IT processes and the unanticipated benefit of Sarbanes-Oxley on IT budgets at Rayovac. Joining him were Rick Dempsey, CIO for Rayovac; Mike Gutknecht, Network Engineer; and Brent Leland, Director of Business Information Technology.

Rayovac Corporation is a global consumer products company with a diverse portfolio of world-class brands, including Rayovac and Varta batteries as well as Remington shavers. The company markets its products in more than 100 countries and trades on the New York Stock Exchange under the ROV symbol.

Five Thoughts About... Sarbanes-Oxley Preparedness

Tell us what you think. (0) comments.
Send to a friend:   

SOX auditor talks CIO accountability, red flags

We've heard CIOs voice their concerns and fears about Sarbanes-Oxley compliance, but what's going through the minds of auditors as they prepare to invade the IT department? Lawrence Baye, a management advisory services principal with Grant Thornton LLP and a SOX expert, talks about some common mistakes CIOs are making and what situations send the red flags flying on an auditor's checklist.

CIOs were brought to the table late. SOX was viewed to be a financial accounting project. In many cases, CIOs thought it was another Y2k initiative, and they didn't have to worry about it after Jan. 1. I think SOX is more like Y2k every day This is a permanent issue, and most organizations aren't set up to deal with that. One of the toughest questions is 'what do you do from a compliance standpoint next year and thereafter?'

SOX auditor talks CIO accountability, red flags

Tell us what you think. (0) comments.
Send to a friend:   

Compliance tops IT priority list

Regulatory compliance is the biggest issue facing IT professionals, according to a major global survey. Data privacy legislation was highlighted as the top compliance concern of the 758 IT decision-makers questioned by the Economist Intelligence Unit (EIU), on behalf of software supplier Mercury.

Anti-money laundering was the second biggest issue globally, followed by the US Sarbanes-Oxley accounting directive and the Basel II credit risk regulations.

But 31 per cent of UK respondents identified International Accounting Standards as the top priority, compared to a 16 per cent response from the rest of the world.

Compliance tops IT priority list

Tell us what you think. (0) comments.
Send to a friend:   

Is Poor Project Management a Crime?

Is poor project management a crime? The answer could be 'yes' now that the Sarbanes-Oxley Act makes senior executives criminally liable for misrepresenting financial information. After several corporate accounting scandals became public, Congress passed a law, referred to as the Sarbanes-Oxley Act of 2002 (SOX), which holds CEOs and CFOs of publicly traded companies criminally liable for relating fraud to shareholders. Companies are aggressively taking action to meet the requirements dictated by the Sarbanes-Oxley Act. In fact, it has been reported that nearly 77% of companies will spend more on IT, business process change, corporate governance, and/or consulting this year as a direct result of SOX compliance.

If your company manages projects, then financial mismanagement of those projects could leave your senior management legally exposed. Consider the many stories in the press about large projects with huge cost overruns. If this kind of cost overrun is not foreseen and anticipated in the financial forecasts of the company, the effects could seriously impact the projected profit for a given period.

Is Poor Project Management a Crime?

Tell us what you think. (0) comments.
Send to a friend:   

Accounting's Beautiful Losers

Accounting firms were doing their darnedest two years ago to keep Sarbarnes-Oxley from becoming law. Luckily for them, they lost: The measure is turning out to be a boon for bean counters.

Thousands of companies are now racing to comply by yearend with Section 404 of the Sarbanes-Oxley Act. The provision requires publicly traded corporations to vouch for internal controls over their financial transactions at every step of the way -- like terms of a product sale and when payments are recorded and by whom -- and flag any shortcomings.

Accounting's Beautiful Losers

Tell us what you think. (0) comments.
Send to a friend:   

SOX Takes Toll on Client Ratings of Accounting Firm Performance

The study, which measures audit firm performance in the wake of the Sarbanes-Oxley Act of 2002, is based on interviews with 1,007 audit committee chairs and 944 chief financial officers.

The study finds a significant amount of angst among audit committee chairs and CFOs in the industry. Top management is concerned about the costs of implementing the extensive requirements associated with Sarbanes-Oxley compliance. Some auditors feel they are being stretched too thin because of additional audit requirements, which are impacting service levels. Also, audit committee chairs are feeling the pressure of increased accountability of the required financial reporting process. The results of this are low accounting firm performance levels compared to other business-to-business studies, and a decline in the confidence level of the accounting profession.

Furthermore, almost nine out of 10 CFOs say the costs of implementing the new rules and procedural requirements of Sarbanes-Oxley are greater than the benefits of those changes. Confidence is also particularly low among CFOs, with just 44 percent expressing high levels of confidence in the accounting industry.

SOX Takes Toll on Client Ratings of Accounting Firm Performance

Tell us what you think. (0) comments.
Send to a friend:   

Sarbox Support Groups

Sometimes you need a sympathetic shoulder to cry on. As companies struggle to comply with Section 404 of Sarbanes-Oxley, which requires them to document and obtain audits of their internal controls, some finance executives are organizing peer groups to share experiences, compare notes on their auditors, and vent frustrations.

One such group, in Silicon Valley, includes finance executives from about 30 technology companies who meet in informal sessions every other month. As Ed Pitts, director of internal audit at Foundry Networks and co-founder of the group, explains, "There is no precedence for [the regulation], so there is a lot of confusion about what is required."

Sarbox Support Groups

Tell us what you think. (0) comments.
Send to a friend:   

CPA oversight spurned

So far, the board is seeing nothing short of outright rejection from private companies toward implementing any portion the federal Sarbanes-Oxley Act, the 2002 law aimed at increasing the accuracy of financial information released by publicly traded companies.

Sarbanes-Oxley was signed by President Bush in July 2002 as a way to prevent future corporate accounting scandals like the ones that engulfed Enron and WorldCom.

But the law only provided oversight for publicly traded companies through the Securities and Exchange Commission.

In 2003, the state Legislature introduced House Bill 495 which would have incorporated parts of Sarbanes-Oxley for private companies. Specifically, it would have prohibited an accounting firm that provides, for example, tax work for a company from providing it other accounting services for at least three years, said Patricia Soukup, executive director for the state Public Accountancy Board.

CPA oversight spurned

Tell us what you think. (0) comments.
Send to a friend:   

Tuesday, November 09, 2004

inside Sarbanes Oxley poll: Are you ready?

With the November 15 Sarbanes-Oxley deadline rapidly approaching, many companies continue to sweat through the details, making sure the appropriate controls are in place to guarantee their compliance with Sarbanes-Oxley. How is your company doing? Take this anonymous poll to voice your opinion on your company's chances for passing the test.

inside Sarbanes Oxley poll: Are you ready?

Tell us what you think. (1) comments.
Send to a friend:   

J.D. Power and Associates Reports: Sarbanes-Oxley Takes Toll on Industry Confidence and Client Ratings of Accounting Firm Performance

The stress of meeting the requirements for corporate financial accountability is taking a toll on confidence and client ratings within the accounting industry, according to the J.D. Power and Associates 2004 Audit Firm Performance Study(SM) released today.

The study, which measures audit firm performance in the wake of the Sarbanes-Oxley Act of 2002, is based on interviews with 1,007 audit committee chairs and 944 chief financial officers.

The study finds a significant amount of angst among audit committee chairs and CFOs in the industry. Top management is concerned about the costs of implementing the extensive requirements associated with Sarbanes-Oxley compliance. Some auditors feel they are being stretched too thin because of additional audit requirements, which are impacting service levels. Also, audit committee chairs are feeling the pressure of increased accountability of the required financial reporting process. The results of this are low accounting firm performance levels compared to other business-to-business studies, and a decline in the confidence level of the accounting profession.

Furthermore, almost 9 out of 10 CFOs say the costs of implementing the new rules and procedural requirements of Sarbanes-Oxley are greater than the benefits of those changes. Confidence is also particularly low among CFOs, with just 44 percent expressing high levels of confidence in the accounting industry.

J.D. Power and Associates Reports: Sarbanes-Oxley Takes Toll on Industry Confidence and Client Ratings of Accounting Firm Performance

Tell us what you think. (0) comments.
Send to a friend:   

SAP Helps Customers Comply With Sarbanes-Oxley Act

SAP AG (NYSE: SAP) today announced that SAP® software is helping companies meet Sarbanes-Oxley Section 404 financial reporting deadlines. Globally operating energy-service provider E.ON and California-based video game maker THQ, Inc. are among international companies using SAP's financial reporting and compliance management applications to help them comply with the latest Sarbanes-Oxley Act mandate, which compels certain public companies to meet Section 404 requirements by November 15, 2004. The announcement was made at the Association of Financial Professionals (AFP) Conference, being held in San Diego, California, November 7 - 9.

SAP® software for managing compliance with the Sarbanes-Oxley Act works with the data analysis, reporting, financial consolidation and risk management capabilities in mySAP(TM) ERP to provide a complete, integrated solution for ongoing Sarbanes-Oxley-compliant accounting, reporting and compliance process management. SAP customers are using these key components of mySAP ERP to help them manage internal controls in order to facilitate their compliance with Section 404, a major provision of the Sarbanes-Oxley Act, requiring that management report annually on the effectiveness of internal controls for financial reporting and that external auditors confirm management's assessment.

SAP Helps Customers Comply With Sarbanes-Oxley Act

Tell us what you think. (0) comments.
Send to a friend:   

MedCath Corporation Selects OpenPages SOX Express for Sarbanes-Oxley Compliance

OpenPages, a leading provider of enterprise governance, risk and compliance management solutions, today announced that MedCath Corporation (NASDAQ: MDTH), has selected OpenPages Sarbanes-Oxley Express (SOX Express) for its Section 302 and 404 compliance initiatives.

MedCath Corporation, headquartered in Charlotte, N.C., is a healthcare provider focused on the diagnosis and treatment of cardiovascular disease. While each of its majority-owned hospitals is licensed as a general acute care hospital, MedCath focuses on serving the unique needs of patients suffering from cardiovascular disease. Together with its physician partners who own equity interests in them, MedCath currently owns and operates thirteen hospitals with a total of 759 licensed beds, located in Arizona, Arkansas, California, Louisiana, New Mexico, Ohio, South Dakota, Texas and Wisconsin. In addition to its hospitals, MedCath provides cardiovascular care services in diagnostic and therapeutic facilities located in various states and through mobile cardiac catheterization laboratories. MedCath also provides consulting and management services tailored to cardiologists and cardiovascular surgeons.

MedCath will deploy SOX Express to streamline its internal control documentation. It will enable the collection of information regarding ongoing business controls deployment and monitoring, resulting in a reduction of compliance costs. By combining a strong document repository with powerful compliance automation capabilities, SOX Express will facilitate both project management and compliance, using web-based tools to get users up to speed quickly.

MedCath Corporation Selects OpenPages SOX Express for Sarbanes-Oxley Compliance

Tell us what you think. (0) comments.
Send to a friend:   

Monday, November 08, 2004

Top Execs Slow to See Need to Manage IT Assets

Mounting regulatory requirements such as the Sarbanes-Oxley Act of 2002 have helped convince some corporate executives to at least pay attention to the need for IT asset management practices. Nevertheless, several attendees at a recent IT asset management conference said that attaining executive buy-in and funding for asset management programs remains a big challenge.
"We have not even attempted to sell senior management as of yet. Senior management does not even have a good idea as to what IT asset management means," said Steve Whelan, manager of asset management at PG&E Corp. in San Francisco, parent of Pacific Gas and Electric Co.

Before Roger Gray recently stepped down as CIO for the utility, said Whelan, "he was beginning to understand" the importance of IT asset management. "But to my knowledge, he had not carried the message any higher" into PG&E's executive ranks, Whelan added.

Top Execs Slow to See Need to Manage IT Assets

Tell us what you think. (0) comments.
Send to a friend:   

GAO debates new auditing rules

After Congress enacted the 2002 Sarbanes-Oxley Act, the Government Accountability Office was left with a question: Should it change the standards for government auditors? GAO's Advisory Council on Government Auditing Standards, a group of auditing experts from the public and private sectors, met Monday to debate that proposition. GAO sets governmentwide auditing standards through the Yellow Book, which was last updated in 2003, and is considering changes for its next revision.

"It started to look like there was a risk of everyone going off in their own direction and that would not have been good at all for the profession," said Jeanette Franzel, director of Financial Management and Assurance at GAO. Audits, she said, should follow certain standards, regardless of whether the auditor is examining a publicly traded company, not-for-profit, or government entity.

GAO debates new auditing rules

Tell us what you think. (0) comments.
Send to a friend:   

Companies Scrambling to Meet Dec. 31 Internal Controls Deadline

With time running out for company's to prove that their internal controls are sound, financial staffers and outside accounting firms are maxed out as the year-end deadline looms, the Washington Post reported. The new rule, brought about by the Sarbanes-Oxley Act of 2002, has thousands of public companies and their external auditors scrambling to certify the strength of internal controls.

Controls are the backbone of a company's financial systems, the Post reported. Through requirements such as special approvals on checks, they help ensure that employees do not siphon money for themselves or collude with suppliers.

Companies Scrambling to Meet Dec. 31 Internal Controls Deadline

Tell us what you think. (0) comments.
Send to a friend:   

NeighborCare Selects Axentis for Sarbanes-Oxley Compliance

Axentis, the leading application provider of governance, risk and compliance management solutions, today announced that NeighborCare, Inc., one of the largest providers of institutional pharmacy services to the long term care marketplace, has selected Axentis Enterprise as its Sarbanes-Oxley solution.

"Following a comprehensive search, we selected Axentis Enterprise to help manage our first year Sarbanes-Oxley requirements," said Rich Hunt, Chief Financial Officer of NeighborCare. "Looking ahead, we are also interested in exploring how Axentis' adaptable framework can be leveraged to manage some of the healthcare regulations we face as a provider of pharmacy services."

NeighborCare Selects Axentis for Sarbanes-Oxley Compliance

Tell us what you think. (0) comments.
Send to a friend:   

Friday, November 05, 2004

Sarbanes Oxley Controls: Does Your Ethics Program Meet the New Federal Requirements?

The Sarbanes-Oxley Act of 2002 directed the Federal Sentencing Commission to reassess the portion of the Federal Sentencing Guidelines that applies to organizations, with the focus of preventing and punishing criminal conduct.

Whenever an employee commits a criminal act within the scope of his or her employment, the organization as a whole can be held liable for the act of that individual employee. Companies can face hefty fines, probation for a period of up to 5 years, can be forced to restore victims to their positions prior to the offense or the positions they would have been in had the offense never occurred, apologize to the victims, post public notices of the conviction, and face forfeiture statutes. According to "An Overview of the Organizational Guidelines" published by the Federal Sentencing Commission, an organization that has an effective compliance and ethics program can reduce its fines for a criminal conviction by as much as 90 percent.

Under the amended Federal Sentencing Guidelines, effective November 1, 2004, employers must provide their employees at every level within the company, as well as agents of the company, with compliance and ethics training in order to demonstrate an effective compliance and ethics program. Before November 1, 2004, training was not a required element of an effective compliance and ethics program. These new amendments have rigorously toughened the requirements for companies to reduce their fines if even one of their employees is guilty of criminal misconduct.

Sarbanes Oxley Controls: Does Your Ethics Program Meet the New Federal Requirements?

Tell us what you think. (0) comments.
Send to a friend:   

Intelligent Enterprise Magazine: R U Compliant?

By definition, Sarbanes-Oxley Act compliance requires that disparate parts of an enterprise pull together in a collaborative governance effort. When it comes to compliance information flow, time is of the essence: a requirement that's drawing real-time technology into the solution.

Making Sarbanes-Oxley Act (SOX) compliance happen in a large, geographically dispersed enterprise is not a trivial matter. In fact it's probably the biggest unsolicited project to hit businesses and IT departments since Y2K and the introduction of the Euro. However, unlike Y2K and the Euro there's no simple technology fix. You can't just change some code or go and buy a new ERP system. SOX compliance reaches deep into the bowels of an organization, affecting large numbers of people and processes.

In a large enterprise, a SOX project can involve hundreds of stakeholders directly and thousands indirectly. Viewed as a cultural change management project, SOX compliance involves the whole organization. A lot of people are touched by it: both internal employees and external business partners in the form of consultants, auditors, and IT suppliers. A SOX project can also draw attention to hundreds of business processes and potentially thousands of individual activities within those processes.

Intelligent Enterprise Magazine: R U Compliant?

Tell us what you think. (0) comments.
Send to a friend:   

Thursday, November 04, 2004

Sarbanes-Oxley Becomes `Open Checkbook' for KPMG, Ernst & Young

Micros Systems Inc. is awash in accountants. Eleven auditors from PricewaterhouseCoopers LLP are scouring its books and 10 consultants from Deloitte & Touche LLP are examining its financial controls as the company tries to meet new federal rules by a Nov. 15 deadline.

The Columbia, Maryland-based maker of restaurant computer networks will spend as much as $4 million over two years to comply with the Sarbanes-Oxley Act of 2002. That's almost triple Micros Systems' original estimate and equal to 12 percent of its fiscal 2004 profit, says controller Cindy Russo.

Congress passed Sarbanes-Oxley to tighten financial reporting at public companies and police outside auditors after accounting fraud caused the collapse of Enron Corp. in 2001 and WorldCom Inc. in 2002. The law has become a windfall for accounting firms that failed to stop the fraud and that fought passage of the bill. Audit bills have risen 50 percent in two years, according to the newsletter Public Accounting Report.

"It's an open checkbook," says Russo, 34. "It's a tremendous hit to our bottom line."

Sarbanes-Oxley Becomes `Open Checkbook' for KPMG, Ernst & Young

Tell us what you think. (0) comments.
Send to a friend:   

It's Not Too Late for Small- and Mid-Sized Public Accounting Firms to Capitalize on SOX 404 Opportunities

While the deadline for SOX 404 compliance for most large-cap filers ends Dec. 31, 2004, there is still abundant consulting opportunities for small- and mid-sized CPA firms, and ample opportunity to make the most of the continuing demand for SOX 404 services. In addition to the nearly 1,400 small-cap (those with market capital of less than $75 million) companies with SOX 404 compliance deadlines that run through 2006, larger companies will turn to finalizing compliance processes, including IT control interfaces that may have been ignored.

The Alliance for SOX 404 Compliance unites CPA firms and provides an infrastructure that allows them to scale resources quickly and easily, as well as tap into a vast experience base, including recognized SOX 404 industry experts, SOX 404 IT specialists and associated SOX 404 internal audit technology. This progressive, international network of independently owned and operated CPA firms shares the desire to provide the highest caliber of SOX 404 professional and automation services to public companies.

It's Not Too Late for Small- and Mid-Sized Public Accounting Firms to Capitalize on SOX 404 Opportunities

Tell us what you think. (0) comments.
Send to a friend:   

Create Value with Good Corporate Governance

To a layman good corporate governance and auditing may speak of accounting practices. The US Sarbanes-Oxley Act (2002), which may eventually become a model of how to create good governance and better standards around the world, goes even further. The Act established a framework whereby you need to create internal and external value for all of your company’s stakeholders, with sales and marketing playing a key long-term strategic role to deliver the right offerings to people that really counts: the customer. It also provides greater transparency for the benefit of all of the stakeholders and customers alike.

Andrew Dugdale, the founder and director of Intellectual Capital Development Ltd (ICDL), provides us with a more in-depth explanation:

“Sarbanes-Oxley is a new set of legal standards for corporate governance, and an altogether far more significant issue. Once this is clear, it is obvious how this relates to sales and marketing. Accounting is ‘historic governance’, strategy and execution of stakeholder value development is ‘forward looking governance’. The impact on stakeholders and companies is clear: you can attain more business, created in a structured way, aligned to the business mission and vision, and delivered within the risk parameters defined by the executive team and shareholders… and a self contained audit trail to prove that maximum shareholder and stakeholder value was and is being delivered.”

Terry Kendrick, a consultant and lecturer on the MBA program at the University of East Anglia says: “US moves towards stronger frameworks for corporate governance have, despite highlighting a number of scandals, been criticized for adding significant cost to audit. There is a need to show how good corporate governance creates value, not just cost, for the organization – it would be a much easier sell to the board then! Given the modern consumer’s interest in ethical business it should be possible to draw a link between effective corporate governance and value creation.”

So while marketers don’t currently play a key role in many of the world’s boardrooms, the message is that they could and should. Sarbanes Oxley Enterprise Risk Management (SOX ERM) tools can not only help them to comply with the legislation, assisting in the creating of evidential audit trails, but they can also improve their own value and position within the corporate landscape. What is their significance otherwise? Well firstly, most marketers hate the idea of being accountable for what they do; secondly, sales people often see themselves as a separate entity to the marketing function and so the twain don’t meet. Thirdly, too many marketers think that marketing is just about marketing communications. The truth is that a new and joined-up approach should now be adopted to maximise the potential for more sales.

Create Value with Good Corporate Governance

Tell us what you think. (0) comments.
Send to a friend:   

Wednesday, November 03, 2004

Meta offers advice on Sarbanes-Oxley compliance

If you're still looking for guidance on how to buy products that create a secure Windows infrastructure that is compliant with new regulatory restrictions, you're probably losing valuable time.
As most experts will tell you, preparing for something like the Sarbanes-Oxley Act is just as much, if not more, about changing your internal corporate processes as it is in buying a new intrusion-detection system or firewall.

For the rest of this year, and all of next year, enterprises will be working to meet compliance deadlines for Sarbanes-Oxley, the post-Enron legislation that is intended to improve the accuracy and reliability of corporate-accounting disclosures.

Meta offers advice on Sarbanes-Oxley compliance

Tell us what you think. (0) comments.
Send to a friend:   

Survey: SOX Still Having an Impact in the Boardroom

Two years after the introduction of Sarbanes-Oxley, corporate reforms are still impacting corporate directors, according to a study by Corporate Board Member magazine and PricewaterhouseCoopers LLP.

Of course, that doesn't mean they're happy about it. Twenty percent of directors surveyed said that SOX has created an environment where management is so distracted that company performance will be affected, up from 13.9 percent in 2003, according to the third annual "What Directors Think" study, conducted by Corporate Board Member and sponsored by PwC. And 77 percent of directors surveyed think that the Sarbanes-Oxley Act should be revisited by Congress to correct some of the unintended consequences. Of the 1,279 directors and chief executives of top publicly traded companies who responded, 84 percent answered as outside directors.

As the Section 404 deadline looms, directors' confidence is increasing -- 82 percent believe that their company is prepared to implement Section 404 on internal control reporting. However, only half think that the 404 requirements will make a difference in the quality of their company's financial statements, and only 44 percent think that Section 302 certification of financial statements by the CEO and CFO will make a difference.

Survey: SOX Still Having an Impact in the Boardroom

Tell us what you think. (0) comments.
Send to a friend:   

Tools and Resources for the Electronic Accountant

Two years after the introduction of Sarbanes-Oxley, corporate reforms are still impacting corporate directors, according to a study by Corporate Board Member magazine and PricewaterhouseCoopers LLP.

Of course, that doesn't mean they're happy about it. Twenty percent of directors surveyed said that SOX has created an environment where management is so distracted that company performance will be affected, up from 13.9 percent in 2003, according to the third annual "What Directors Think" study, conducted by Corporate Board Member and sponsored by PwC. And 77 percent of directors surveyed think that the Sarbanes-Oxley Act should be revisited by Congress to correct some of the unintended consequences. Of the 1,279 directors and chief executives of top publicly traded companies who responded, 84 percent answered as outside directors.

As the Section 404 deadline looms, directors' confidence is increasing -- 82 percent believe that their company is prepared to implement Section 404 on internal control reporting. However, only half think that the 404 requirements will make a difference in the quality of their company's financial statements, and only 44 percent think that Section 302 certification of financial statements by the CEO and CFO will make a difference.

Tools and Resources for the Electronic Accountant

Tell us what you think. (0) comments.
Send to a friend:   

Tuesday, November 02, 2004

Laggards Warned on Sarbox 404 Compliance

There's also the feeling that investors will punish those businesses that aren't in full compliance with that provision of Sarbanes-Oxley, according to a newly released report.

This summer, CFO.com reported that many companies were falling behind in their preparations for Section 404 of the Sarbanes-Oxley Act. (See "No Vacation from Section 404 Prep Work.") Section 404 — which will guide how auditors report on companies' assessments of their internal controls — becomes effective with companies' first fiscal year ending after November 15.

Less than two weeks before that date, however, many companies are apparently still unprepared. PricewaterhouseCoopers and Ernst & Young recently warned a number of clients that they remain behind schedule and might be required to report control weaknesses at the end of this year, according to The Washington Post.

Laggards Warned on Sarbox 404 Compliance

Tell us what you think. (0) comments.
Send to a friend:   

Building a Compliance Architecture

As a CIO, you’re hit with increasing resource demands and shrinking budgets. The business comes to you with deadlines and enhancements for Sarbanes-Oxley, International Financial Reporting Standards (IFRS), Health Insurance Portability and Accountability Act (HIPAA), Patriot Act, Basel II Capital Accords. How do you satisfy all these compliance demands?

It’s time to apply some new thinking to your IT strategy. Try running IT like a business with a renewed focus on customer service, operations, and financial control. Prioritize IT projects using a project portfolio management methodology to improve project focus, tracking, and business communication.

For most companies, Sarbanes-Oxley starts in the finance department where software for documenting internal controls is often considered a better investment rather than increasing headcount. However, as compliance shifts from a short-term tactical response to a long-term initiative, the IT department becomes critical to the compliance process. In a recent Gartner study of nearly 200 IT executives, 44 percent of respondents indicated that their companies will require CIOs to also sign on the dotted line.

Building a Compliance Architecture

Tell us what you think. (0) comments.
Send to a friend:   

White Paper: Protecting Financial Information: Sarbanes-Oxley by Cyber-Ark Software, Ltd.

Undoubtedly, The Public Company Accounting Reform and Investor Protection Act of 2002, also known as the Sarbanes-Oxley Act, is having a major impact on corporate culture and various operational aspects of companies subject to Sarbanes-Oxley. Sarbanes-Oxley legislates a far reaching framework to be used as the basis for ensuring the integrity and accuracy of public company financial statements. Boards of directors and executive management, the actual sponsors of a company's Sarbanes-Oxley initiatives, now have a vested interest in the integrity and transparency of the financial process leading to financial statement accuracy due to stiff civil and criminal penalties for non-compliance to Sarbanes-Oxley. In the end, public companies and the accounting profession will now have to answer to the higher demand of accuracy, reliability and fairness in the financial statements that provide the basis for trust in the financial markets.

As a result, companies subject to Sarbanes-Oxley face unprecedented challenges to compliance. Compliance with Sarbanes-Oxley involves more than implementing technology. This paper, "Protecting Financial Information: Sarbanes-Oxley," is an independently authored white paper that addresses some of the challenges companies face in protecting critical Sarbanes Oxley related information and suggests some internal assessment frameworks to consider on the road to compliance with Sarbanes-Oxley. It also introduces Cyber-Ark Software's Network Vault as a solution that fits well into these frameworks and that can assist in protecting Sarbanes-Oxley related information.

White Paper: Protecting Financial Information: Sarbanes-Oxley by Cyber-Ark Software, Ltd.

Tell us what you think. (0) comments.
Send to a friend:   

First Marblehead Selects OpenPages SOX Express for Sarbanes-Oxley Compliance

OpenPages, a leading provider of enterprise governance, risk and compliance management solutions, today announced that First Marblehead has selected OpenPages Sarbanes-Oxley Express (SOX Express) for its Section 302 and 404 compliance initiatives.

Founded in 1991 and headquartered in Boston, Massachusetts, First Marblehead is meeting the growing demand for private education loans by providing an integrated suite of services for student loan programs. The company's 700 employees provide loan services to 15 of the 20 largest originators of federally guaranteed student loans.

First Marblehead will deploy SOX Express to streamline its internal control documentation process enterprise-wide. It will enable the collection of information regarding ongoing business controls deployment and monitoring.

First Marblehead Selects OpenPages SOX Express for Sarbanes-Oxley Compliance

Tell us what you think. (0) comments.
Send to a friend:   

Monday, November 01, 2004

2004 Conference Summary: Sarbanes Oxley Compliance & New Product Features

Compliance with Sarbanes Oxley was a featured topic at the Datamatics' TC-1™ Workforce Management Solution 2004 User Conference, held at the Seaview Marriott Resort and Spa near Atlantic City. Mini-courses on TC-1's newest features and advanced skill training were offered as well.

"This is truly the highlight of our year," explained Norman C. Heinle, Jr., Datamatics' president, who welcomed the packed audience at the opening of the general session. "Everything we do in our product development, training, implementation, and service operations, is undertaken with you in mind. We want to make your work tasks easier, and we want to make you and your company more successful."

Heinle and many of Datamatics' senior managers, application specialists, and sales reps were on hand to personally greet attending staffs from a slew of major corporate clients, including such companies as Alcoa Fujikura, Allied Beverage, Arlington Press, Congoleum, J.M Huber, Johnson & Johnson- LifeScan, QVC, Vought Aircraft Industries, and Zions Bancorporation.

After Heinle's opening, the program turned to key legal issues and developments having a direct bearing on workforce management.

2004 Conference Summary: Sarbanes Oxley Compliance & New Product Features

Tell us what you think. (0) comments.
Send to a friend:   

Lack of Control Becomes Nightmare

We could spend some time interpreting it, but I think it's pretty clear that this dream represents how I feel about managing information security. I'm driving, but I don't have control; we haven't gone off a cliff, and I'm not going to be happy if we do. I have a company's information assets to protect, and I don't want to have to notify our customers that their personal information has been exposed or deliver the news that our network just got "owned." To keep the bad dreams at bay, I'm going to have to make some changes.

For starters, I had it out with my boss the other day and told her that I wanted complete control over all network security operations, including firewall, virtual private network (VPN), router and domain access administration. Those things are currently managed by IT operations, not security operations. I need additional head count. I need tools. And I want an organizational change. I don't care about policy. I don't care about process and procedure (Sarbanes-Oxley be damned). I care about doing what it takes to secure my company's information assets.

Lack of Control Becomes Nightmare

Tell us what you think. (0) comments.
Send to a friend:   

The Carrots and Sticks of Compliance

Recent proposals by the SEC mandating more robust and formalized compliance policies and procedures at some investment managers and hedge funds promise to keep the issue of compliance capabilities alive at many buy-side firms still coming to grips with anti-money laundering (AML) provisions of the USA Patriot Act and the Sarbanes-Oxley Act (SarBox).

Mason Snyder, senior manager at Deloitte's investment management services division, sees three primary pressures driving hedge fund and investment managers' compliance needs: new and pending SEC regulations, market pressure in the form of institutional investor demands, and in some cases, unexpected effects of SarBox.

"Although Sarbanes-Oxley was meant to address only publicly traded securities, the problem arises when you get into pension funds of publicly traded companies with investment liabilities representing material amounts of their balance sheets. Then all the transparency and financial flow data issues creep into whatever investments the pension has," Snyder says.

The Carrots and Sticks of Compliance

Tell us what you think. (0) comments.
Send to a friend:   

Active Reasoning Helps IT Organizations Meet Sarbanes-Oxley Requirements Through Increased Visibility into Change Activity

Active Reasoning, a leading developer of policy-based data center management software, today announced the availability of new IT compliance auditing capabilities for its Compliance and Change Management solutions. The enhanced solutions provide companies with an audit trail by monitoring and reporting internal changes to critical IT components such as database and messaging applications that support financial flows and transactions. By increasing visibility and control, IT organizations are prepared to demonstrate compliance and are better equipped to meet evolving compliance issues. Additionally, IT organizations will lower costs and reduce time associated with meeting compliance requirements.

According to John Van Decker, senior vice president at META Group, a leading provider of IT research, advisory services and strategic consulting, "Sarbanes-Oxley should be top of mind for every IT organization. Companies need to prepare for Sarbanes-Oxley requirements now and have the appropriate tools in place as they prepare to meet the regulatory standards and prevent issues such as fraud, errors and profit erosion. Automated monitoring of key IT control points will play a key role in successfully deploying a Sarbanes-Oxley strategy will measure up to the required standard."

Active Reasoning Helps IT Organizations Meet Sarbanes-Oxley Requirements Through Increased Visibility into Change Activity

Tell us what you think. (0) comments.
Send to a friend: