| ||
|
Roundtable
< Back What is the single most challenging Sarbanes-Oxley issue today?
Our research tells us that the biggest Sarbanes-Oxley challenge they currently face is how to implement and enforce internal controls for establishing and managing accountability, based on clear and intelligent business processes. By mapping compliance efforts to IT's ability to create operational efficiencies, organizations can fulfill section 404 and other Sarbanes-Oxley requirements in a cost-effective, secure manner by streamlining existing processes and workflows via automation. One of the first and most critical internal controls that must be met is the ability to determine who in the organization has access to what, and why a challenge that can be solved with enterprise provisioning. Enterprise provisioning systems are increasingly being deployed by publicly-traded organizations to ensure compliance with Sarbanes-Oxley due to their ability to automatically apply policies and rules governing who can access what systems, what privileges a user has within those systems, detect system users who are not properly authorized, and automatically manage and update user rights and privileges across the enterprise. By providing an automated platform to dynamically manage "who has access to what," enterprise provisioning aligns the agendas of the CFO and the CIO. By delivering the CFO with the necessary internal controls and audit infrastructure required for compliance, and the CIO with a policy-driven, automated platform that streamlines workflows and business processes for managing access, provisioning has emerged as one of the few compliance-driven IT investments that offer a clear, quantifiable Return on Investment that significantly reduces the initial and ongoing cost of audit and S-OX compliance. Additionally, provisioning systems provide information that has become particularly useful in determining compliance to section 404 because it provides a detailed "policy history" or audit trail of all authorized users, how and by whom they were authorized valuable information in determining if proper procedures are followed to reduce the risk of fraud and to ensure that sensitive data is not accessible without appropriate authorization. However, the challenge of compliance is not purely the ability to satisfy the compliance criteria, but to do so in a manner that is cost effective and beneficial to the firm. If the cost of compliance is too high, the firm actually takes a step back in its ability to effectively compete in the marketplace. Thor Technologies helps companies meet this challenge head on. Our solutions are designed to automate internal controls and to drive operational costs down. In order to expedite organizations' ability to execute on an IT-driven compliance strategy, we developed a product called Xellerate Audit and Compliance Manager that packages the key provisioning functionality necessary to align these two, seemingly unaligned goalswhich make S-OX compliance such a daunting assignment for management teams.
|
| |||
© 2019 Simplex Knowledge Company. All Rights Reserved. | TERMS OF USE | PRIVACY POLICY |