Compliance; Poll: most won't find 404 burdens easing.The burden of Sarbanes-Oxley Section 404 compliance hit companies hard in year one, but a recent survey confirms what many in the market have been saying--year two will not provide the efficiencies organizations had hoped for. The survey by ACL See access control list. 1. ACL - Access Control List. 2. ACL - Association for Computational Linguistics. 3. ACL - A Coroutine Language. A Pascal-based implementation of coroutines. ["Coroutines", C.D. Services Ltd. and the Center for Continuous Auditing (CCA (1) (Common Cryptographic Architecture) Cryptography software from IBM for MVS and DOS applications. (2) (Compatible Communications A ) reports that only 40 percent of these organizations already have, or plan to, automate the testing of their controls this year; that leaves nearly 60 percent of the companies to continue the struggle to find the skilled resources necessary to test the myriad of internal controls present in any large organization. More than 95 percent of companies polled in the survey report that a "reduction of staff time and associated costs to test internal controls" are central to maintaining effective Section 404 compliance. The poll of 247 senior audit professionals at corporations with more than $1 billion in annual revenues looked at the serious challenges organizations face in making their Sarbanes-Oxley compliance efforts sustainable. An overwhelming 92 percent of respondents In the context of marketing research, a representative sample drawn from a larger population of people from whom information is collected and used to develop or confirm marketing strategy. identified the importance of enabling timely and effective management insight into controls deficiencies, giving further credence to the fact that sustaining Section 404 compliance is a top-of-mind concern for audit and financial management. In addition, more than 80 percent of the audit executives cited the need for faster, more effective identification and correction of inappropriate transactions, and deemed increased investments in technology solutions designed to continuously monitor controls to be important. "The results of this survey mirror much of what we heard last year," says Harald Will, president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of ACL, a Vancouver, B.C.-based provider of business assurance analytics technology for audit and controls professionals. "Many companies still maintain a short-term mindset mind·set or mind-set n. 1. A fixed mental attitude or disposition that predetermines a person's responses to and interpretations of situations. 2. An inclination or a habit. when addressing the ongoing requirements set forth in Sarbanes-Oxley, despite recognition of the benefits of ongoing and continuous monitoring of transactions for the purposes of assuring internal controls," he adds. "And while internal auditors Internal auditor An employee of a company who analyzes the company's accounting records to that the company is following and complying with all regulations. are overwhelmingly in favor of adopting the technology and best practices of continuous monitoring and auditing, organizations frequently don't seem ready or willing to back them up." "Continuous monitoring of controls is a management function and part of the organization's control structure in accordance Accordance is Bible Study Software for Macintosh developed by OakTree Software, Inc.[] As well as a standalone program, it is the base software packaged by Zondervan in their Bible Study suites for Macintosh. with COSO COSO Committee of Sponsoring Organizations of the Treadway Commission COSO Church of Spiral Oak COSO Corporate South COSO Class of Service Override COSO Combat Oriented Supply Operations (USAF) (Committee of Sponsoring Organizations) best practices. Auditors, on the other hand, use continuous auditing processes to test transactions and identify anomalies and to test the continuous monitoring processes of management," says J. Donald Warren Jr., director of the CCA. "The combination of these continuous processes provides management with timely information to take corrective action A corrective action is a change implemented to address a weakness identified in a management system. Normally corrective actions are instigated in response to a customer complaint, abnormal levels if internal nonconformity, nonconformities identified during an internal audit or when a control deficiency is identified, as well as providing assurance to management on the effectiveness of the company's internal control environment." |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion