Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
November 9, 2005
2 Min Read
Retailers and consumer products manufacturers need to take a more risk-based, top-down approach to Sarbanes-Oxley compliance in order to increase efficiencies, eliminate unnecessary work and reduce costs, according to a recent white paper issued by PricewaterhouseCoopers.
The document, titled "Leading Strategies: Streamlining Sarbanes-Oxley Compliance for Retail & Consumer Companies" offers three strategies that retailers and consumer products companies can utilize to lessen the financial and personnel strain of Sarbanes-Oxley.The first strategy keys on strong leadership, accompanied by a comprehensive plan and focused communication. The next step, according to PWC, is to re-scope and reassess key controls and processes. And then companies need to look at redesigning and streamlining their testing processes.
It's important to take these steps now, according to PricewaterhouseCoopers. The first year of SOX compliance exhausted too much time and money with manual process, and those processes need to be improved before they become to ingrained, opined John Maxwell, partner and U.S. Retail & Consumer practice leader for PWC LLP. "The companies that build well-thought-out and sustainable Sarbanes-Oxley compliance programs will eliminate unnecessary work, resulting in significant cost savings and improved business processes," he said.
It all starts with the right messaging from the top and effective communication throughout the company, according to the white paper. Companies need to develop strong project management and a solidified organizational structure to ensure that the right people own responsibility for controls.
PWC points out that retail and consumer companies with an effective approach to SOX share several organizational characteristics:
Strong executive leadership that communicate Sarbanes-Oxley priorities clearly and consistently
A well-defined compliance office with clear responsibilities dedicated resources and a model that integrates the overall compliance process among the various functions involved
Strong project management that encompasses everything from scoping, documenting, testing, evaluating and reporting to establishing processes that align with Section 404 and Section 302 efforts and effectively remediate deficiencies
To gain efficiencies, companies should make sure that they are relying on the right controls and testing only those that achieve control objectives and relevant financial statement assertions, according to the report. By identifying the best mix of controls and using a risk-based approach, companies are mapping key controls to financial statement assertions related to the significant financial statement accounts.
Once the controls are re-scoped and the key controls are identified, it's time to work smarter, and companies should consider more upfront and ongoing coordination with external auditors, according to PWC. To further this effort, many companies are leveraging internal testing, prioritizing the testing of controls, aligning Section 404 and Section 302 documentation and testing efforts and standardizing testing plans and templates. This enables external auditors to rely upon as much of their internal work as possible.
If you are interested in this white paper on SOX compliance for retail & consumer companies, it can be downloaded from PWCs website.
You May Also Like
Data Center Firewall Toolkit
How a trading floor continues its operations during COVID-19 lockdown
*State of Accounting and Legal Services
Solution Brief: Fortinet FortiFlex Delivers Usage-Based Security Licensing That Moves at the Speed of Digital Accelerationâ€‹
Checklist: Top 6 Considerations to Optimize Your Digital Acceleration Security Spend