Situation
The Sarbanes-Oxley Act is far-reaching federal legislation signed into law in July 2002. It requires higher accounting standards, improved trustworthiness in corporate reporting, and greater financial transparency. The Act affects all public companies, United States-based and international, whose stock is traded on United States exchanges. Failure to comply can result in high personal financial (up to U.S. $5 million) and criminal penalties (up to 20 years in prison) for CEO/CFO false certification. Two key sections of the law that have drawn the most attention are:
Section 302: Requires executives to personally certify the validity of financial statements.
Section 404: Requires complete documentation of financial controls and auditor attestation to management's evaluation.
Compliance with these sections presents some immediate challenges, including:
|
•
|
Extensive documentation requirements.
|
|
•
|
Inefficient and error-prone manual or semi-automatic process for tracking and auditing financial information.
|
|
•
|
Lack of visibility over financial process and control documentation.
|
|
•
|
Slow employee adoption of complex Sarbanes-Oxley processes and systems.
|
|
•
|
Potential loss of focus on the core organizational mission while scoping, managing, and completing compliance activities.
|
Solution
SOX solutions based on the Microsoft Office System help facilitate regulatory compliance and sustainable corporate governance by simplifying planning and enhancing visibility over financial processes and internal controls. SOX solutions built on the familiar Microsoft Office System address key areas of SOX compliance including:
Accuracy: Diagramming tools make it easier to map business processes and run visual reports on existing processes, risk and control information. Workflow automation and customizable templates help enforce business processes and reduce errors. Bar code labels facilitate management of paper-based records.
Accountability: Real-time dashboards, workflow status reports, and detailed audit trails enable executives to regularly monitor and measure the status of compliance processes and internal controls.
Security: Policies can be applied to individual documents or across an entire library to better control who can open, copy, print, or forward information. A records repository prevents direct tampering of documents and ensures the protection of original versions. Automatic holds can be applied to the repository to ensure that files cannot be deleted during a specified time or event.
Availability: An integrated search engine scales to tens of millions of items, works across disparate content sources, and helps ensure people only see the results they have permission to view.
Benefits
Using the Microsoft Office System to address Sarbanes-Oxley initiatives, organizations can:
|
•
|
Implement a solution quickly with minimal disruption.
|
|
•
|
Improve document management and control.
|
|
•
|
Improve visibility and accountability into financial processes.
|
|
•
|
Avoid additional compliance-related headcount.
|
|
•
|
Maximize the value of existing IT investments.
|
|
•
|
Maintain a consistent IT architecture.
|
|
•
|
Deploy an extensible solution to meet changing requirements.
|
|
•
|
Reduce training costs and empower process owners by using familiar technology.
|