Operational Risk - Technology Quandary for Sarbanes-Oxley Compliance

Operational Risk - Technology Quandary for Sarbanes-Oxley Compliance:

Author: Ellen J. Silverman

The Sarbanes-Oxley Act of 2002, designed for identifying and mitigating corporate governance-related risk, is being implemented in corporations over the next several years.  Companies scrambling to upgrade their financial processes and find appropriate software.  Boston-based AMR Research estimates that Fortune 1000 companies will spend a total of $5.5 billion in 2004 on Sarbanes-Oxley compliance initiatives.

Similar to Year 2000 remediation, companies are being bombarded by software vendors offering specialized Sarbanes-Oxley software.  It is recommended that only 20% of a company's Sarbanes-Oxley budget go to software since compliance won't always require software upgrades.

And while technology can help with certain tasks, the first step to Sarbanes-Oxley compliance is getting business processes standardized.  Many companies have diverse or geographically dispersed units that handle financial reporting differently.  Because the process isn't done in a uniform way, auditors and officers must gather financial data from various sources.

The wave of Sarbanes-Oxley software vendors can be a red herring for corporate executives striving for compliance.  However, the right software can bring long-term value when it's used to standardize and automate business tasks.  The average cost for Sarbanes-Oxley compliance, including software, manpower and consulting, has been estimated at $1 million per $1 billion of a company's revenue.  "