Many companies are looking for solutions to help them comply with the Sarbanes-Oxley Act (SOX). Building automation may be one consideration for organizations looking to streamline visibility, control, and processes.
According to Christian Smith, VP sales & marketing, at eProject, “Year one of SOX was all about compliance at ‘any cost.’ As a result, most companies had an ‘open checkbook’ policy. Consultants were hired (and fired) at random. And many companies experienced a sense of chaos as they sought to comply with unfamiliar processes and controls.”
Smith continues, “Year two (post-SOX) has been all about automating to reduce costs. Many businesses acknowledge that SOX compliance costs too much, and throwing money at a problem doesn’t solve it.” In addition, some companies are reporting “control deficiencies” at a record pace, according to proxy advisory firm Glass Lewis & Co. (Wall Street Journal, 9/2/05, pg. C3).
“Until now, SOX compliance has been treated as a separate project – independent of the rest of the organization,” Smith explains, “now SOX needs to be integrated into the day-to-day operations of the enterprise.”
He encourages the need to shift responsibilities for testing and documentation to process owners to reduce costs and decentralize. But he acknowledges that it’s difficult for owners to transfer responsibility due to lack of visibility into schedules, status, and issues. *Change control process is manual, which makes it difficult to synchronize documentation, controls, and processes,” Smith notes.
“Technology is key for organizations looking to sustain long-term SOX compliance at lower costs,” he says. The solution may be in “generic” Web-based project and/or portfolio management systems with pre-built templates for SOX 404 compliance. A product of this kind serves as a central repository of all documents with role-based access for stakeholders. It is also accessible to team members across the globe, so changes can be indicated and implemented on all documents and everything–tests, evaluations, results–can be kept in sync.
Smith concludes, “By streamlining, process owners have more time to focus on the business, resulting in increased efficiency/increased revenue.”
