Robert Edwards, chief information officer for The Rouse Co., a real estate development and management company, has looked for software that will help Rouse comply with the internal controls monitoring and reporting required by Section 404 of the Sarbanes-Oxley Act. So far, he hasn't found what he's looking for. "There just weren't a lot of companies out there that had the level of control and depth that the law requires," Edwards says.

He wants a single solution that includes a template for the control structure, a repository for documentation and a testing control center. "My firm belief is that 12 months from now, and maybe sooner, we will have many choices of integrated Sarbanes-Oxley packages," Edwards says. "Right now, it's difficult."

That's okay. At this point, there probably isn't enough time to test and implement new software programs anyway. Companies find themselves scrambling to meet the first 404 deadline–even with the Securities and Exchange Commission's decision to push the compliance date out five months to Nov. 15. The initial step in compliance, documenting their controls, has proved to be much more work than companies expected, and many have decided to stick with systems and controls they already have in place rather than attempt major automation or consolidation at the eleventh hour.

Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.

  • Critical Treasury & Risk information including in-depth analysis of treasury and finance best practices, case studies with corporate innovators, informative newsletters, educational webcasts and videos, and resources from industry leaders.
  • Exclusive discounts on ALM and Treasury & Risk events.
  • Access to other award-winning ALM websites including and

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.