Tweet
wtf is Sarbanes-Oxley compliance?
:S
Is it one of those American ideas?
Is it one of those American ideas?
-
______________________________
Nothing is impossible, some things are just unlikely. -
It's an absolute f***ker. If you really really want the details then I can post at great length... Or have you more specific concerns?DM says: Crunch with Matrox Users@ClimatePrediction.net -
It's just this rather weighty document entitled "Corporate Security Policy and Procedures" appeared on my desk. And i'm trying to work my way through it. And I had never heard of that act.
Seems like alot of hassle for my branch office. 11 pc's and a simple file server. Looks like i will have a sharp leaning curve ahead.______________________________
Nothing is impossible, some things are just unlikely.Comment
-
OK, briefly copying-and-pasting with some edits from the most concise internal guidelines I could find here:
Overview:- Enterprise priority - not ‘nice to have’
- Failure means major reputation damage and more business distraction
- One material weakness by any business => failure for the Group
- Business leaders accountable for compliance
- Resource intensive – must have priority over discretionary activity
- SOX404 is here to stay – controls must stay SOX compliant year after year
What is it?- Sarbanes-Oxley Act (SOX) passed in 2002, following Enron & Worldcom failures, intended to protect investors by improving reliability of corporate disclosures.
- New requirements for companies listed in USA
- S.404 deals with Internal Control over Financial Reporting
Would does it mean for your company?- Principal executive & financial officers to provide a written assessment on effectiveness of internal control over financial reporting as of 31/12/2005, and annually thereafter.
- External auditors to provide independent opinion
What will you have to do?- Evaluate effectiveness of control over financial reporting
- Support evaluation with evidence, including DOCUMENTATION
- Ensure effectiveness of design and operation through TESTING.
- Applies to whole system of control - including “tone from the topâ€
How are we doing it at my company?- A central, directive Programme team – incorporating implementation managers in each business
- A single Group-wide methodology and approach, consistently implemented by the businesses.
- The Programme is Finance led but Business driven.
If that comes across as gobbledegook, I can probably translate...
DM says: Crunch with Matrox Users@ClimatePrediction.netComment
Comment