Not every management is throwing up its hands and assuming they will not see savings from AS5 this year. Alfa Corp. has installed a new ERM solution with which it will go to battle with any auditor who challenges Alfa's ability to quantify and prioritize risk
By Dave Lindorff|February 01, 2008 at 07:00 PM
Thank you for sharing!
Your article was successfully shared with the contacts you provided.
Connie Whitecotton, chief risk and compliance officer at $815 million Alfa Corp., remembers well the first year she took responsibility for the company’s Sarbanes-Oxley 404 audit. It was 2005, and the exercise ended up costing $1.3 million in audit fees–more than three times the auditor’s initial $400,000 estimate, and almost double what the job had cost in 2004. “I was outraged!” she recalls. Only a year later, however, she got the same job done for $825,000, and this year, she expects auditing hours to be slashed by 60%, bringing total 404 compliance costs for Alfa way down. Her secret was to shift from simply achieving compliance on 404 to a 404 audit based on the enterprise risk management (ERM) program she was implementing. In 2006, Whitecotton read an early draft of Auditing Standard 5 (AS5)–the corporate SOX-relief package from federal regulators–and she realized that the key to fending off pesky auditors was to have a buttoned-up approach to quantifying and prioritizing risks. “How can I argue to an auditor which risks are material unless I have something to back up the statements?” she says.
Enter LogicManager, with a platform that company CEO Steve Minsky says not only identifies risks, but also assesses whether each risk is material, evaluates which risks require action, determines how to mitigate risk and then monitors the process of mitigation. Ironically, Whitecotton was already using LogicManager for her ERM work, but she had thought that to automate her 404 work, she would have to look in the compliance space for a tool. “I knew I was going to have to eat some crow,” she laughs. “I had just sold my CFO and COO on the fact that I would need one system for my ERM and another for my SOX and here I was bringing in a whole new system to do both. It was worth it. How could I not roll my SOX into this?”
Complete your profile to continue reading and get FREE access to Treasury & Risk, part of your ALM digital membership.
Your access to unlimited Treasury & Risk content isn’t changing. Once you are an ALM digital member, you’ll receive:
Critical Treasury & Risk information including in-depth analysis of treasury and finance best practices,
case studies with corporate innovators, informative newsletters, educational webcasts and videos, and resources from industry leaders.
Exclusive discounts on ALM and Treasury & Risk events.
Access to other award-winning ALM websites including PropertyCasualty360.com and Law.com.
While the federal government has whittled down some of the final regulations from the initial proposals, there is still potential for trouble for foreign investors under the 31 pages of final rules governing national security reviews by CFIUS of foreign investments in U.S. real estate, which take effect on Feb. 13.