The first TAG event I attended was regarding internal controls in an IT company. As our guest speakers from PKM told us, SOX 404 requires public companies to implement a system of internal controls to help ensure financial statements are accurately and fairly presented. The first speaker at the event, from Accretive Solutions, spoke about internal controls as they relate to IT, SOX 404, and how to get the most out of your compliance investment.
The second speaker, from KPMG, spoke about a SOX survey they conducted on electronics and software companies. Some of their key findings were that the average number of controls needing to be tested has actually dropped in the past few years as a result of more efficient financial and IT processes. Over half of the companies surveyed had upgraded their ERP system in the past four years. In addition, there is a new ERP system out called GRC (Governance, Risk, Compliance), which is designed to integrate systems and compliance. This system can monitor processes to ensure controls are followed and compliance requirements are met, resulting in less required testing by auditors because it takes the human error and manual nature out of processes. There is no proven value yet with GRC because it is so new and expensive. In the current economic climate, companies aren't "pulling the trigger" just yet to implement this system.
Finally, a speaker from Lexis Nexis spoke about the benefits of controls and how they are not as much of a hindrance as perceived. Controls can make ERP systems much more effective by reducing duplication, eliminating manual processes, and defining, improving and standardizing processes.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment