SOx compliance shouldn't rest solely with CFO, says report
As pressure to comply with Sarbanes-Oxley regulations mounts, a new report by AberdeenGroup demonstrates that companies that involve much of the organization in their SOx review process are experiencing lower costs and increased profits. By contrast, companies who limit SOx reviews to a small group of senior management have the worst performance records.
"The Automating SOx Compliance Benchmark Report" found that companies can achieve greater results from their SOx review process by using a combination of business process analysis, project management, and changes to technology to go beyond the minimum requirements imposed by SOx to significantly improve operating results while introducing continuous business improvements.
"Firms where the CEO, CFO, and the board are directly involved in the day-to-day tasks of SOx compliance are operating as laggards," said Jim Hurley Aberdeen's vice president of risk, security and compliance and author of the report. "By contrast, performance leaders have already pushed responsibility for SOx compliance down in the organization."
According to the report, firms placing responsibility for SOx compliance onto a chief risk or chief compliance officer are well ahead of other organizations in reducing deficiencies. What's more companies are combining SOx with business process improvement programs to deliver better results.