« More Pressure on SOX from Abroad | Main | XML, Britney, and God »
January 28, 2005
SOX: Like Throwing a Party?
Every few months my wife and I have a party. Apart from the goodness of seeing friends, it also forces us to get the house cleaned up. A good thing all around.
It is in this same spirit that Stephen Ashton, director of Global IT business management at the investment bank Dresdner Kleinwort Wasserstein says that Sarbanes-Oxley is good for IT. (See the article, "Sarbanes-Oxley 'Good for IT'", by Andrew Donahue published yesterday by ZDNet UK.) Despite having 10% to 15% of the banks total headcount currently committed to compliance ( !! ), Ashton feels that the gain is greater than the pain. "We have just completed a data center review. The thing that came out of it was that we have tons of information but very little knowledge. There is a lot of partial and inaccurate data in our systems." Ashton also talked of now having to invest in bringing together disconnected "silos" of information that had just developed over time, without planning. Dresdner Kleinwort Wasserstein is now investing in cataloging and integrating this information to make it useful.
We don't really decide to have parties to get the house cleaned up. But it is a nice side-effect. Are readers finding good side-effects of Sarbanes-Oxley compliance?
Share or tag this post on:
Digg | del.icio.us | Google | Yahoo My Web | Reddit | Newsvine
Posted by Bill Zoellick at January 28, 2005 4:55 PM
Trackback Pings
TrackBack URL for this entry:
http://gilbane.com/blog/mt-tb.cgi/27
Comments
The connection between compliance and performance is strong. There is an article in the February 05 edition of DMReview entitled Transforming Compliance Burdens into Better Business Returns By Steven Lindseth which, I feel, provides a good context around this issue and speaks to some of the unique characteristics of SOX that make the connection between performance and compliance particularly strong. The article is online at http://www.dmreview.com/article_sub.cfm?articleId=1018110
Posted by: Sebastian Holst at February 4, 2005 12:55 PM
The forgotten stepchild of the Sarbanes Oxley compliance act - EXCEL SPREADSHEET RISKS, FRAUD AND ERRORS.
The agile but fragile Excel Spreadsheet is weakest part of the financial information delivery and chain. It is the obvious place to tweak the financial figures as it leaves no audit trail and user access records.
The Enron, Paramalat and WorldCom scandals all had spreadsheet fraud.
Take the following formula +c4+d4+e4+f4+5045.10. As the figure 5045.10 is hardwired in to the formula it will be Right this month and wrong for all eternity by the hardwired amount of $5045.10.
Because this financial reporting weakness was not getting serious attention I starting blogging the issue.
The blog is titled: The Fragile Last Mile of BI: Spreadsheet Risk & Fraud Analysis
at http://blogs.ittoolbox.com/bi/spreadsheet/archives//000613.asp
Hope it can be of some help to you and your blog readers.
Donavan McDonough
Posted by: Donavan McDonough at April 9, 2005 9:05 AM
You said that the main problem for spreadsheets was a lack of an audit trail. If you visit Lyquidity's website (www.lyquidity.com) you will be able to download a trial of ComplyXL. This software was designed to ensure the integrity of information within Excel. ComplyXL is able to detect ANY changes to Excel, whether macros, volatile functions, figures etc. A full version history is stored within Excel, but is invisible to the user. This ensures that the version history always 'travels' with the spreadsheet. Unlike a lot of similar systems, the user doesn't have to decide in advance which spreadsheets are critical - ALL spreadsheets can monitored. Hope this helps!
Posted by: sarahseddon at June 19, 2006 10:07 AM
Post a comment
Thanks for signing in, . Now you can comment. (sign out)
(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)