Breaking will be offline for scheduled maintenance Saturday July 24 5 AM US EST to 8:30 AM EST. We apologize for the inconvenience.


Thank you for sharing!

Your article was successfully shared with the contacts you provided.

Connie Whitecotton, chief risk and compliance officer at $815 million Alfa Corp., remembers well the first year she took responsibility for the company’s Sarbanes-Oxley 404 audit. It was 2005, and the exercise ended up costing $1.3 million in audit fees–more than three times the auditor’s initial $400,000 estimate, and almost double what the job had cost in 2004. “I was outraged!” she recalls. Only a year later, however, she got the same job done for $825,000, and this year, she expects auditing hours to be slashed by 60%, bringing total 404 compliance costs for Alfa way down. Her secret was to shift from simply achieving compliance on 404 to a 404 audit based on the enterprise risk management (ERM) program she was implementing. In 2006, Whitecotton read an early draft of Auditing Standard 5 (AS5)–the corporate SOX-relief package from federal regulators–and she realized that the key to fending off pesky auditors was to have a buttoned-up approach to quantifying and prioritizing risks. “How can I argue to an auditor which risks are material unless I have something to back up the statements?” she says.

Enter LogicManager, with a platform that company CEO Steve Minsky says not only identifies risks, but also assesses whether each risk is material, evaluates which risks require action, determines how to mitigate risk and then monitors the process of mitigation. Ironically, Whitecotton was already using LogicManager for her ERM work, but she had thought that to automate her 404 work, she would have to look in the compliance space for a tool. “I knew I was going to have to eat some crow,” she laughs. “I had just sold my CFO and COO on the fact that I would need one system for my ERM and another for my SOX and here I was bringing in a whole new system to do both. It was worth it. How could I not roll my SOX into this?”

“Now, we can prioritize risk factors,” says Whitecotton, “and then it becomes a matter of negotiating with auditors.” With management pointing the way to key material risks–all documented by LogicManager–the incentive is for the auditor to focus on those areas and keep costs down. Alfa’s system is working so well that Whitecotton managed to negotiate a fixed-fee contract with her auditors.

Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.

Your access to unlimited Treasury & Risk content isn’t changing.
Once you are an ALM digital member, you’ll receive:

  • Critical Treasury & Risk information including in-depth analysis of treasury and finance best practices, case studies with corporate innovators, informative newsletters, educational webcasts and videos, and resources from industry leaders.
  • Exclusive discounts on ALM and Treasury & Risk events.
  • Access to other award-winning ALM websites including and

Already have an account?

Treasury & Risk

Join Treasury & Risk

Don’t miss crucial treasury and finance news along with in-depth analysis and insights you need to make informed treasury decisions. Join Treasury & Risk now!

  • Free unlimited access to Treasury & Risk including case studies with corporate innovators, informative newsletters, educational webcasts, and resources from industry leaders.
  • Exclusive discounts on ALM and Treasury & Risk events.
  • Access to other award-winning ALM publications including and

Already have an account? Sign In Now
Join Treasury & Risk

Copyright © 2021 ALM Media Properties, LLC. All Rights Reserved.