Improved timeliness, automated detection controls and enforcement of review and approval procedures will reduce control risk and help companies comply with Section 404.
Financial consolidation and reporting also provides controls over completeness, accuracy and integrity in the preparation of quarterly and annual financial statements for submission to the SEC, shareholders, etc.
When considering a SOX compliance BPM solutions companies should consider the following:
No Silver Bullets
It is important to remember that while there are many products available for addressing some of the SOX requirements, no one company provides a complete package to satisfy all of the requirements. Companies should also look to their partners and a variety of vendors to help create a complete solution compliance analyzers, dashboards, and collaborative content management capabilities focused on internal controls (COSO) are needed.
From a single dashboard, financial managers throughout the organization will not only see the financial results for any period, and the percent complete as regards the close process, they can also gain insight to control compliance and risk. Financial results and control evaluations should be brought together in one dashboard to help financial managers feel comfortable certifying the results as required by SOX section 302 and 404. This will also assist with SOX Section 409, real-time reporting, if/when this becomes mandatory.
A time dimension could be used with these metrics, such that if control remediation was not expected to occur in the current period, remediation could be forecasted to the future and actuals could be tracked against this.
Finally, XBRL (Extensible Business Reporting Language) can play a large role as well. XBRL will allow customers to improve investor and regulatory management. It will allow for a “single version of the truth” for better control, eliminate re-keying and potential for error, and improve transparency and investor relations. In addition, investors, analysts, and external users can download XBRL docs from company Web sites directly to their spreadsheets or data warehouses.
Furthermore, the SEC is more interested in XBRL to help with their audits — increasing since SOX — because they havent been allowed to hire additional staffing. And, if the SEC is happy, chances are you’ll be happy too.
Michael Malwitz is senior product marketing manager for Hyperion’s Financial Consolidation and Reporting products. Prior to joining Hyperion, he was director of financial information systems at a Fortune 500 company and also held management positions in internal audit, contracts, financial planning and analysis for the same company.