Deadline Looms but Companies Not Ready

With a little more than six months to go before companies are required to meet compliance with Section 404 of the Sarbanes-Oxley Act (SOX) regarding internal audit procedures, a joint research study by Ziff Davis’ CIO Insight magazine and Gartner Executive Programs (EXP), finds 36% of companies have a long way to go to comply with Sec. 404.

Still 86% of respondents believe their companies will be fully compliant in time to meet the deadline. But there will be a price to pay in meeting regulations. Close to a third of CIOs (30%) say the cost of compliance will have a significant negative impact on their companies’ profitability during the next two years.

“There’s no doubt that compliance with Sarbanes-Oxley will place a burden on corporations, especially smaller ones, in the short-term,” said Ellen Pearlman, vice president and editor-in-chief of CIO Insight. “However, some companies recognize this is an opportunity to clean up their processes and systems and use it to their business advantage.”

Large companies are the most confident resources are available to make compliance efforts go more smoothly.

Medium-size businesses are spending the smallest percentage of overall IT budget on compliance, yet this group is the most likely to invest in financial reporting software to meet the deadline and the most likely to reap significant business benefits from compliance efforts.

Meanwhile, small companies are most likely to not to meet the compliance deadline; citing an inadequate budget as the major obstacle to compliance.

Two-thirds of IT executives surveyed said they’re investing in financial technologies to help with SOX compliance efforts. Companies are most likely to spend money on document management and financial reporting and transaction software. Large and small companies are focusing on document management, while mid-size businesses are most likely to use financial management software.

CIOs cite problems with data structures, difficulties ensuring adequate security and business continuity, and variations in infrastructure between business units as three of the top four obstacles to compliance.

This is “the result of years of building information systems one-by-one in complex organizations, where data definitions, business rules and operating procedures are set department by department,” said Marcus Blosch, vice president of Gartner EXP.

About the Survey

The 2004 Sarbanes-Oxley Survey was co-designed by the editors of CIO Insight and research staff of Gartner EXP, Gartner’s membership program for CIOs, in conjunction with Equation Research, a supplier of custom research services.

IT executives gathered from Ziff Davis Media publication subscriber lists and Gartner’s client lists were invited to participate in the study by e-mail. The questions were posted on a password-protected website and 198 qualified respondents replied from February 26 to March 15, 2004. Of the respondents, 51.5% were CIOs or CTOs, 4% were IT compliance directors, and the rest held titles of vice president of IT or higher.

This article was compiled and edited by CIO Update staff. Please direct any
questions regarding its content to Allen Bernard, Managing Editor.