Monday, November 27th, 2006
Pelosi, Kleiner Perkins Push for Overhaul of Sarbanes-Oxley Law - “Pelosi has stated several times that there needs to be changes to Sarbanes-Oxley, particularly for smaller, emerging- growth companies,” said Mark Heesen, president of the National Venture Capital Association in Arlington, Virginia.
Dodd’s Balancing Act to Get Tougher - As Enron and WorldCom fade from the news, some of his constituents are seeking to water down the Sarbanes-Oxley Act, passed in 2002 to strengthen the role of corporate gatekeepers in response to a wave of scandals.
Sarbanes-Oxley compliance to be less costly - The U.S. Securities and Exchange Commission and the board that regulates accountants will revise the Sarbanes-Oxley corporate governance law to lower compliance costs for public companies based on their market values, the SEC’s chairman, Christopher Cox, said Thursday.
Posted in General | No Comments »
Tuesday, November 21st, 2006
Supporting Corporate Compliance Roundtable Series
What every IT Professional Needs to Know: What are your Rights in an Audit?
It is my hope that you found value at our latest Compliance Management Roundtable session. Thank you for the increased attendance, comments and participation. If you were unable to attend, we will be resuming our sessions next year. It is our goal to facilitate these ITA sessions to discover the common Compliance Management issues, problems, solutions and related news for the membership.
Our interactive Roundtable format is always a great way for you to participate by sharing your ideas and being able to ask the experts! Please see the meeting notes below, and feel free to add your comments to our blog.
- LF Gibson
Special thanks to our featured speaker, Van Rownd, for leading our discussion on knowing your audit rights. We hope he was able to answer your questions on:
Q1: What rights the IT Department has regarding the SOX audit procedures?
· IT Pros need to work with the auditor to see what happens on a daily basis in their own department.
· It is a good idea to facilitate a 30 – 45 minute daily wrap-up with your auditor, to mitigate problems and concerns – plus aid in their discovery work.
· Know whom the Auditor answers to in Management.
· Query your IT Department daily and/or weekly to know what they discussed with the auditor, to aid in your communication.
· Additional ideas from the group were mentioned and shared…
Q2: What IT Controls do you have in place, and how can they work in your favor during the audit?
· Auditing Standard 2 has suggested Controls that are an excellent check-point for Automation of your internal IT Controls.
· Utilize Frameworks and IT Methodologies to automate your processes, and mitigate those ‘manual mistakes’.
· Put ownership on employees to understand WHY they are doing their job, and how it affects the company, the importance of their duties to the Compliance Audit, and understand this job function from start to finish.
Q3: Defining the Scope of the Audit, and how to align IT Controls to Finance Concerns?
· Use a matrix to show strengths and weaknesses to help define the scope of the audit.
· Show the Board of Directors what IT sees as fixables, what the cost is NOT to fix, what’s a DAY 1 doable – and work on defining the “Real Risks” in the Matrix- in prep. for the auditor.
· Plan, Budget, and then Define a Scope. Negotiate with the auditor to set the lower priorities on a 2 – 3 years ‘fixable’ timeline.
Q4: How to make the Auditor your Ally?
· Take a knowledgeable Advocate with you into Compliance Management, Don’t go alone in the beginning, or try to reinvent the “auditing-wheel”.
· Nothing is perfect on a report, when an exception is found, document the incident and steps taken to resolve, and keep this with the reports. Auditors will LOVE you for this organizational task.
· Build a report with your Auditors… Know your 3rd Party contracts and vendors – get them in-line before introducing them to the auditor.
OTHER NOTES:
· SAS 70 Audits where discussed
· When the SOX Act was written, no one took into account Corporate World of IT… The SOX Act ends up on “IT’s Shoulders”.
· There is a known inability to communicate between IT and the Auditors
· Future Regulations are coming as a surprise to those whom are already Sox Compliant.
· Reporting needs to be utilized by ALL levels of Management.
· Can you define what a Real Time Disclosure is for your Company?
· What are the 4 main Compliance Issues for SMBs?
o Internal Theft that is publicly admitted drops stock and affects Real time Disclosure.
o Have you Discussed Business Continuity and Disaster Recovery?
o Do you have a Risk Assessment Plan?
o IS Strategic Planning in Place?
Posted in Compliance Management, Regulatory Reform, Sarbanes Oxley | No Comments »
Friday, November 17th, 2006
SEC chief to unveil company rule change - SEC Chairman Christopher Cox, in a speech, alluded to revisions the agency has been planning to make in response to business complaints that a key requirement of a 2002 anti-fraud law enacted after the wave of corporate scandals was overly burdensome and expensive.
- PCAOB Chairman Mark W. Olson’s speech to the Financial Executives International Current Financial Reporting Issues Conference
- PCAOB News Release announcing the Board’s forum in Chicago on Auditing in the Small Business Environment
U.S. regulators nearer Sarbanes-Oxley audit revamp - U.S. regulators moved closer to agreement on Sunday over auditing the internal financial controls of small companies under a revision of post-Enron Sarbanes-Oxley (SOX) accounting reforms.
Sarbanes-Oxley foes find hope - For Silicon Valley venture capitalists eager to weaken the Sarbanes-Oxley corporate governance law, Nancy Pelosi may prove to be a useful ally.
Business may get Sarbanes-Oxley relief - The Wall Street Journal reported Friday that federal regulators have said they will propose guidance next month to help companies and auditors interpret one section of the law, passed in the wake of the Enron accounting scandal, in a way likely to save them time and money.
Posted in General | No Comments »
