Website logo

Compliance burdens and costs of oxley sarbanes



       

 

 


  
Compliance burdens and costs of oxley sarbanes

 


Home >Sarbanes Oxley >



The cost of compliance of Sarbanes Oxley



Few legislators understand the realities of running companies and as such produce law which is cumbesome and expensive to implement. Sarbanes Oxley is often referred to in this way.

As such, Sarbanes Oxley compliance is at or often near the top of the list of corporate IT concerns and companies are spending millions on Sarbanes Oxley compliance. Companies sometimes believe that this may make them uncompetitive in the world marketplace due to the compliance cost. However many private firms are using some of Sarbanes Oxley act to improve their procedures Private firms are implementing Sarbanes Oxley.

There has been little detailed discussion of the implications of Sarbanes Oxley for law firms and it may be that may be that Sarbanes Oxley will not apply to law firms.

SEC Chairman William Donaldson said "simply complying with the rules is not enough. They should, as I have said before, make this approach part of their companies' DNA. For companies that take this approach, most of the major concerns about compliance disappear. Moreover, if companies view the new laws as opportunities -- opportunities to improve internal controls, improve the performance of the board, and improve their public reporting -- they will ultimately be better run, more transparent, and therefore more attractive to investors."

Section 404 compliance is important and it is likely companies will establish a project office and a control environment. IT is very important in this and all changes of processes and applications and security must go through a comprehensive change control process.

Not all areas in the company will have to be 404 compliant. An Organization's scope analysis will determine which should be included for information technology.

There are six major areas where IT controls should be in place.

Information Systems Operations Monitoring, including process monitoring and access to production. Network Monitoring, including security monitoring, policies and procedures. Information Security, including enterprise security program and review procedures. System Software Monitoring, including desktop security, policies and procedures. Application Systems, including implementation, maintenance, security and change control procedures. Database Monitoring, including security and change control procedures.

Sarbanes Oxley is mainly about accountability of executives - remember Enron.

Treasury Secretary John W. Snow is well aware of difficulties that Washington policymakers can cause for Corporate America.

CEO's complain about the costs of complying with the Sarbanes Oxley corporate reform laws.

 

  

 

 

 

      
       
Go back to the ..
Sarbanes Oxley
section page.		      
       

- -
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-

To return to the main index press home at the bottom of the page.

-

Home Page Back to top