| ||
|
Roundtable
< Back What is the single most challenging Sarbanes-Oxley issue today?
The endgame we so often hear customers wanting to achieve is to get compliant, which to me sounds like they believe that once compliancy is met, theyre done. This aspiration is not accurate because compliancy is an ongoing process and therefore requires a means to institute a repeatable, measurable process. And, lets not forget that that process needs to evolve when new regulations come online. Manakoa delivers this capability and is a strategic differentiator in our approach to helping customers overcome their challenges and concerns. Best results are achieved by combining people, policy and technology to create an ecosystem that works together to achieve successful compliance. The first step is to understand the regulations themselves and to begin the development of best-practices-based policies and procedures. You will need to apply risk management processes as a foundation, including a complete assessment of the current state of compliance, identification of key IT assets, potential vulnerabilities and impact analysis. Furthermore, a comparison of the current state to the desired state as defined by the regulations will provide you with a basis for a compliance plan. From this point, application of needed controls for compliance mitigation is followed by auditing and reporting. As stated earlier, because compliance is a continuous activity, it is important that this effort is repeatable and measurable and can be accomplished through the use of technology integrated into existing business systems to monitor critical controls. For most organizations seeking to supplement people and policy with appropriate technologies the question of ROI invariably comes up. In many cases it is often too early in the compliance process to have demonstrative data pointing to ROI. To date, there has been a great deal of money thrown at point products and retaining armies of consultants to conduct a compliancy audit, which only provides a single snapshot. First signs of ROI will be evident when corporations demonstrate compliancy by establishing controls to ensure correct financial reporting and protect private personal information. These controls can then provide timely understanding of a corporations compliancy level and allow management to allocate resources more precisely to protect the most important assets. In other words, correctly aligning IT and accounting controls can directly affect an organizations ability to make informed decisions and provide return on investment for compliancy efforts. Real, tangible ROI will be realized when this process evolves to become repeatable and measurable at any time, thereby cutting exorbitant costs and elevating the strategic value of addressing regulatory compliance.
|
| |||
© 2019 Simplex Knowledge Company. All Rights Reserved. | TERMS OF USE | PRIVACY POLICY |