"IT Solutions for Sarbanes Oxley Act - Axentis"

Axentis — Governance & Compliance Management System

Axentis warn that while companies work furiously to ensure compliance with the SOA requirements, most are focused on ‘getting in compliance’ rather than staying in compliance. To ‘get in’ compliance companies tend to focus on cataloging accounts, objectives, risks and controls, evaluating their effectiveness, closing gaps and working with their auditors to complete section 404 attestations. However, companies need to think beyond simply getting in compliance, and develop a compliance strategy to ensure the ongoing performance of their control environment to meet section 302 requirements.

Ted Frank, chief executive officer of Axentis LLC, points out: “Companies, particularly CEOs and CFOs, face three major challenges in successfully meeting the Sarbanes-Oxley requirements,” said Frank, “They must (1) certify that they are responsible for establishing and maintaining a comprehensive and adaptable control environment; (2) be able to explicitly evaluate and report on the effectiveness of the control environment and; (3) ensure the control environment incorporates processes/performance with applicable laws and regulations while minimizing financial or business costs and maintain clear visibility for executive management.”

Axentis suggest that companies that can continuously improve their SOA and other compliance initiatives will have a key advantage that can have a positive impact on market capital, brand equity and liquidity. By implementing compliance procedures that meet the following government mandated seven steps, they will be ahead of the pack in the rush to compliance:

1.       Controls and procedures: Create guidelines and boundaries for identifying, designing and maintaining controls and procedures to assure that transactions are authorized, recorded and reported and assets are safeguarded against unauthorized use.

2.        High-level oversight: CXOs are required to establish and maintain internal disclosure controls and procedures and certify that financial reporting does not contain false statements or omissions of material facts.

3.       Decentralized administration and proper delegation: Delegate discretionary administrative authority to a “disclosure committee” that is responsible for considering the materiality of information and determining required disclosures to the public on a timely basis.

4.       Establish communication channels: Disclosure controls and procedures should be effectively communicated to and evaluated by people having a significant role in the control system.

5.       Audit, monitor and report: Establish consistent standards for auditing, monitoring and reporting the control environment to measure effectiveness and identify deficiencies and weaknesses in the system.

6.       Uniform enforcement: Controls and procedures must be enforced and when exceptions or weaknesses in the system are discovered, consistent corrective action must be applied.

7.       Prevent further offenses: Use evaluation information and performance reports to ensure the effectiveness of internal controls and procedures and prevent further similar incidents, in instances that deficiencies and weaknesses in the system are detected.

8.       “Organizations are struggling to develop an ongoing and consistent compliance strategy,” reports Frank. “Many companies respond to new requirements by forming a different chain of command, establishing a new set of policies and procedures and employing yet another temporary technology solution. It’s like fighting a fire with a bucket brigade – you may extinguish the fire, but nothing is put into place to prevent the next fire.”

Axentis claims to have the first closed loop seven-element Governance & Compliance Management System as determined by the United States Sentencing Commission and Office of Inspector General.

www.axentis.com

Go back to the Special Report on "IT Solutions for Sarbanes Oxley Act"