Everyone knew that compliance with Section 404 of the Sarbanes-Oxley Act was never meant to be a one-time event. But as hard as it was making it through the first review of internal controls, the painful truth for many companies is that success in year one does not make getting through year two and beyond a slam dunk. In fact, for most companies, it will require embracing technology and a different focus on process and policy.

Many of the ways companies got by in 2004 just won't cut it for the long haul. It was common practice to "borrow" resources (the human kind) from one department to fill holes in companywide compliance efforts, a situation that led to confusing lines of responsibility and uneven workloads. It was also true that some companies, driven by the need to get a passing grade on controls, documented and tested far more processes than was necessary. For others, decisions on whether to buy the latest data collection tools were put off until first-year deadlines were met. So now is the time for a critical reassessment, with the goal of paving the way for a more sustainable program that can reveal where the real efficiencies lie. To help clarify the way toward longer-term compliance efforts, here are some of the most important issues that separate year-two compliance efforts from what came before.


Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.

  • Critical Treasury & Risk information including in-depth analysis of treasury and finance best practices, case studies with corporate innovators, informative newsletters, educational webcasts and videos, and resources from industry leaders.
  • Exclusive discounts on ALM and Treasury & Risk events.
  • Access to other award-winning ALM websites including PropertyCasualty360.com and Law.com.

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.