Big4Guy

Confessions, Thoughts, Observations and Musings of a Big4Guy

Big4Guy

Welcome to Big4Guy.com. Big4Guy is an online resource where I will share with you the latest news, insights, knowledge and some experiences as a Big 4 consultant. We will discuss some of the important issues which organisations are facing today in the areas of information security, security and controls in SAP R/3, Oracle Applications, J.D.Edwards, Peoplesoft and various other ERP's. You will also find information on latest complaince regulations like Sarbanes Oxley, Basel II and so on. Big4guy will also attempt to provide valuable resources for individuals interested in examinations the CISA, CISM, CISSP, PMP and various other security certifications considered essential for entry in any Big 4 accounting, auditing and consulting firms. You are invited to post your comments and viewpoints to posts here. I sincerely hope this online journal will be useful to everyone from a budding student to a professional in the accounting, auditing, management and consultancy professions.

Post details: What is Sustainable Sarbanes Oxley SOX Compliance - 5 Simple Answers

06/14/06

Permalink 06:57:57 am, Categories: Sarbanes Oxley, 337 words   English (US)

What is Sustainable Sarbanes Oxley SOX Compliance - 5 Simple Answers

Most companies in year three of their SOX compliance efforts are moving towards sustainable compliance. So what comprises sustainable compliance. In recent conferences and seminars I have attended the word "Sustainable SOX Compliance" is the buzzword. Lets not get into technical jargon maze. I have been asking people mainly, SOX directors, SOX project managers, SOX testers, and SOX IT auditors what according to them is sustainable Sarbanes Oxley Compliance. Here is a summary of the responses that I received.

1. Preventive - Compliance in order to be sustainable need to focus on preventive controls rather than detective controls. After the fact controls remediation is not a good sign of sustainability.

2. Automated - Sustainable Sarbanes Oxley compliance aims at automating controls. Doing away with cumbersome and unreliable manual controls has become the norm. In a way it can be said that the more a company is automated and tech savvy, it can reach the sustainablity goal earlier.

3. Cross Enterprise - Compliance for SOX is for the entire company. If different sister companies are on different platforms, ERPs etc, it becomes difficult to manage compliance. Point solutions lead to different test plans for different softwares. Conslidation is the key. It is always better that the entire enterprise is on one single solution such as SAP, Oracle Applications, JD Edwards etc.

4. Lower Cost - Going forward, companies should aim for lowering their SOX compliance costs. The more costly the complaince, chances are companies might not be able to sustain compliance. Costs will definetly
be involved for SOX compliance, but the overall motive should be to lower costs.

5. Process Improvement and Efficiency - All the persons that I talked to had one common thing to say, sustainable SOX complaince has to include process improvements. As we go along the compliance route, we can leverage sustainability only when process efficiencies and improvements are brought in, of course with proper controls built within processes.

Related Posts

Simple Spreadsheet Controls for SOX Compliance
Continous Auditing of Controls
How to Evaluate Internal Control Exceptions
Effect of Material Weakness on Financial Statements

Permalink 2 comments

Comments:

Comment from: Marian Crkon [Visitor] · http://itsafeature.com/
I love to see someone taking a real-life view on SOX. I have been involved in a couple of SOX implememntations and I can't help noticing the irony that the law that was supposed to protect companies from their auditors' mistakes became the auditors biggest cash cow.

Anyway, I love ths site and your insight on the covernance process.

PS: Do something about those spam comments. Most blogging packages have tools/pligins for that.

Marian
Permalink 06/14/06 @ 11:37
Comment from: Marian Crkon [Visitor] · http://itsafeature.com/
I love to see someone taking a real-life view on SOX. I have been involved in a couple of SOX implememntations and I can't help noticing the irony that the law that was supposed to protect companies from their auditors' mistakes became the auditors biggest cash cow.

Anyway, I love ths site and your insight on the covernance process.

PS: Do something about those spam comments. Most blogging packages have tools/pligins for that.

Marian
Permalink 06/14/06 @ 11:40

Official Websites

Categories


Archives

  • SAP GRC Virsa Rule Sets Updates
  • SAP MM Requirements for Setting up Plant
  • Lessons Learned Log for ASAP Implementation
  • SAP Solution Configuration Realization Phase
  • SAP MDM Master Data Import Manager Loading Data into SAP MDM
  • Compliance Calibrator SOD Conflicts Remediation Strategy
  • SAP Workload Analysis Monitor Tools ST03N
  • SAP BW Data Staging Basics Tutorial
  • How to Implement BW Infoobject Level Security
  • SAP BW Admnistrator Authorizations S_RS_ADMWB
  • BIW Reporting Auth Objects S_RS_COMP
  • SAP BW Security Authorization Objects for SAP BW
  • more...

    • Search

    Google

    Web Big4Guy.com

    September 2008
    Mon Tue Wed Thu Fri Sat Sun
    <<  <   >  >>
    1 2 3 4 5 6 7
    8 9 10 11 12 13 14
    15 16 17 18 19 20 21
    22 23 24 25 26 27 28
    29 30          

    Misc

    Syndicate this blog XML

    What is RSS?