Most organizations, even small ones, recognize that SOX compliance is a project in and of itself. In the near term, defining tasks like risk assessment, gap analysis, policy and procedure writing, design changes, external consulting, and audits may appear to be one-time tasks. However, as the COSO and COBIT processes suggest, internal control is a continuous process that requires complete integration into the fabric of the organization.
Organizations must establish communications and tracking mechanisms that allow business and technical representatives to understand how each others' processes affect financial reporting accuracy and the state of the controls in each space. There are compliance tracking software packages designed to provide these capabilities. At the very least, a shared information exchange portal (e.g., SharePoint) can be used to great advantage by providing a common place to communicate the progress of compliance activities.
In Compliance School, guest instructor Richard Mackey shows you exactly what you need to do to meet regulations' ongoing demands and arms you with actionable items to ensure your business remains continuously compliant. Best of all you can attend any of the following on-demand lessons when it's most convenient for you:
Ensuring compliance across the extended enterprise
Compliance improvement: Get better as you go forward
Gauging your SOX progress
SOX compliance basics: Taking Action
Step 1: Understanding compliance -- Financial and technical standards
Step 2: Scope of compliance
Step 3: Establishing an IT Control Framework
Step 4: Detailed objectives and policies
Step 5: Measuring compliance
Step 6: Managing and tracking compliance
Step 7: The changing nature of compliance
Dig Deeper on Sarbanes-Oxley Act