There is even a movement toward an Extensible Markup Language (XML) standard to promote a global GAAP. The Extensible Business Reporting Language (XBRL) is an attempt to create an internet-based global reporting language. XBRL would permit investors, analysts, and regulators to review and evaluate financial data more easily and efficiently. Because it is an XML standard, tagged data can be automatically searched and analyzed, greatly reducing the chance of errors. Users will need to learn XML-based data tagging concepts and related XML software tools. XBRL gives the promise to enhance the risk and internal controls analysis required in a Committee of Sponsoring Organizations (COSO) framework.
The spotty history of efforts to create industry-specific and process-specific XML standards would suggest that this will be a difficult and long-term effort. The problems have been based more on the inability to standardize business processes than any technical issues. Read the rest of this entry »
Popularity: 24% [?]
July 1st, 2008 | Posted in article, sarbanes oxley | No Comments
Latest survey from Georgia State and Clemson universities about Sarbanes Oxley. Said that While the chiefs of corporations across the United States view the 2002 federal accounting statute as reactionary and over-burdensome, they still cite “improper accounting practices” as the No. 1 ethical issue facing business today, according to a survey conducted by ethics centers at Georgia State and Clemson universities.
Respondent: 293 chief executives at both private and public companies in 48 states.
Result:
- 62 % of executives agreed that the Sarbanes-Oxley Act strengthened public and investor trust in corporate America
- 74 % said it had done nothing to improve ethical standards at their businesses.
- 68 % agreed that the act was an overreaction to the ethical failures of a handful of executives and has proven burdensome and unnecessary. Read the rest of this entry »
Popularity: 24% [?]
July 1st, 2008 | Posted in article, sarbanes oxley, survey | No Comments
The Corporate Fraud Task Force claims more than 1,300 corporate fraud convictions since its inception less than six years ago. That includes more than 200 CEOs and presidents, 50 CFOs, and 120 vice presidents. That’s a lot of fraud.
Just looking at technology-related companies, federal agencies have successfully brought fraud and related charges against executives of Adelphia, Amkor, Anicom, Apple, AremisSoft, Brocade, Cendant, Comverse, Computer Associates, Dynegy, Enron, Enterasys, Homestore, Imclone, Impath, Integrated Silicon Solution, Juniper, KLA-Tencor, Monster, Network Associates (McAfee), Prudential Securities, Qwest, Refco, Tyco, U.S. Wireless, and WorldCom. Read the rest of this entry »
Popularity: 24% [?]
July 1st, 2008 | Posted in article, fraud | No Comments
The increased demand on a variety of information systems that will come with IFRS conversion. gThe following operations need special consideration:
- Collection of data and notes
- Validation and adjustment of external and internal data
- Full reporting process mapping
- Detailed reports
- Filing processes (e.g., 20-F, 6-K)
- Low-level, ad hoc analysis
- Integrated reporting and controlling dialogue
There will also be greater demand for near real-time and prognostic reporting at a detailed level. gThe increasingly complex accounting and reporting of immaterial assets will deepen the reporting spectrum. All these factors will lead to a rapid increase in overall reporting and controlling complexity, which has to be considered when defining reporting strategies. The current state of Read the rest of this entry »
Popularity: 22% [?]
July 1st, 2008 | Posted in article, sarbanes oxley | No Comments
Did you know that the difficulty in scaling existing compliance such as Sarbanes Oxley, HIPPA, PCI DSS, and security management programs to meet new requirements is creating a resource crisis within many organizations. As a result, large enterprises are seeking ways to actively streamline their compliance activities, to operationalize their security management programs, and to gain value from automating and integrating both.
By creating scalability in your compliance efforts, you can reduce manual processes and gain efficiencies for future compliance. By examines trends in compliance and security management along Read the rest of this entry »
Popularity: 33% [?]
June 25th, 2008 | Posted in article, sarbanes oxley, security | No Comments
From a regulatory compliance perspective, IT teams have two responsibilities: support enterprise-wide compliance efforts and ensure that IT itself is compliant with internal and external regulations such as Sarbanes-Oxley (SOX), HIPAA, PCI DSS, FDA, etc. In other words, the IT and SAP teams support the compliance efforts across all departments in the company as well as ensure their own governance, risk, controls and systems are compliant.
This means IT is second only to the finance department when you assess the day to day impact of SOX. Most of the internal compliance effort is focused on the change management controls driven by section 404, which dictates management’s responsibility to implement/document internal controls, implement good segregation of duties, assess their effectiveness, and report on their ultimate compliance to the documented process.
For SAP teams, this translates into several Read the rest of this entry »
Popularity: 40% [?]
June 25th, 2008 | Posted in article, sarbanes oxley, security | No Comments
Security has been and will continue to be an overhead expense for all organizations, as are payroll and other administrative tasks that are required to keep an organization running. The question that seems to pop up every few months in the security industry is, What is the value of all the security work that takes place within an organization? Organizations want to see what the Return on Investment (ROI) is for the security budget that is currently used or expected to be used in the future. Establishing an RIO is a very difficult task. After all, if the security team is doing its job, the organization will likely not see a measurable impact from security problems.
Although several projects are under way to determine what the ROI on security is, none of them has effectively or simply defined what the ROI is for security. You can find more information on this subject by performing a simple Internet search on “Security ROI.” The best approach is not trying to determine the ROI for security, but rather to determine the benefit of cost avoidance provided by the security work accomplished, and what ROI that can provide. Read the rest of this entry »
Popularity: 34% [?]
June 24th, 2008 | Posted in article, sarbanes oxley, security | No Comments
