Operational Risk - Technology Quandary for Sarbanes-Oxley Compliance:
Author: Ellen J. Silverman
The Sarbanes-Oxley Act of 2002, designed for identifying and mitigating corporate governance-related risk, is being implemented in corporations over the next several years. Companies scrambling to upgrade their financial processes and find appropriate software. Boston-based AMR Research estimates that Fortune 1000 companies will spend a total of $5.5 billion in 2004 on Sarbanes-Oxley compliance initiatives.
Similar to Year 2000 remediation, companies are being bombarded by software vendors offering specialized Sarbanes-Oxley software. It is recommended that only 20% of a company's Sarbanes-Oxley budget go to software since compliance won't always require software upgrades.
And while technology can help with certain tasks, the first step to Sarbanes-Oxley compliance is getting business processes standardized. Many companies have diverse or geographically dispersed units that handle financial reporting differently. Because the process isn't done in a uniform way, auditors and officers must gather financial data from various sources.
The wave of Sarbanes-Oxley software vendors can be a red herring for corporate executives striving for compliance. However, the right software can bring long-term value when it's used to standardize and automate business tasks. The average cost for Sarbanes-Oxley compliance, including software, manpower and consulting, has been estimated at $1 million per $1 billion of a company's revenue. "