While Sarbanes Oxley (or SarbOx or SOX, depending on your preference) can seem, well, so 2004, an article in CIO Insight called “SarbOx Complications Overwhelm Preparations” does a great job of illustrating how the devil is in the details. This article gives a verry practical look at the real world consequences of SarbOx compliance. Interestingly, I didn’t see anything in there about lawyers helping out in the process.
The money quote:
Compounding the catch-up costs is the fact that the Securities and Exchange Commission has provided little leadership over exactly what the scope of SOX should be, and as a result, “the audit firms have jumped in and decided what they want,” says Tillman of ARMA. “The CEO doesn’t want to go to jail, so he says, ‘Pay the auditor.’ It’s a recipe for disaster.” Because internal and external audit teams have different definitions of compliance—and methodologies for achieving it—a costly and time-consuming tug-of-war ensues. “Auditor A does it one way, auditor B does it another, and they will never admit the other is right, because then the billable hours go down,” says Blue Rhino’s Travatello.
I guarantee that this article will give you a lot to think about, as SarbOx consequences often do.
[Originaily published on DennisKennedy.Blog (https://www.denniskennedy.com/blog/)]
This post brought to you by Dennis Kennedy’s consulting services, featuring RSS and advanced blogging consulting and technology committee coaching packages for law firms, corporate legal departments and other professional services providers.