|
|
|
You are Here: Home > Services > SOX Framework
|
|
Building a Compliance Framework Today, having wrestled the first Sarbanes-Oxley (SOX) compliance period to the ground through brute force, many companies are now grappling with the realization that his is a permanent change in their business. That’s why company leaders are turning to BPO Systems to implement best-practices frameworks such as ITIL, CMMi, and Six Sigma to automate their Sarbanes-Oxley compliance activities. Sarbanes-Oxley Process and Control Frameworks A structured, framework-based approach to implementing compliance solutions can help mitigate implementation issues and create an infrastructure that can be used in other areas of the business. Sarbanes-Oxley requires companies to adopt and declare a framework used to define and assess internal controls. Two control frameworks have emerged as foundational to the compliance efforts and have been adopted by a majority of companies:
In addition, IT process frameworks such as ITIL (IT Infrastructure Library) and CMMi (Capability Maturity Model Integrated) assist in achieving compliance by facilitating the adoption of mature, effective processes on which to impose the control framework. ITIL adoption is increasing rapidly, driven by compliance concerns. Sustainable compliance with Sarbanes-Oxley means the death of “ad-hoc” IT processes. The Sarbanes-Oxley Section 404 affirmation requirement spans all processes that affect the business cycle of the company and any software applications used to support those processes, directly or indirectly. It also requires that these processes be effectively controlled. Section 404 includes three control categories:
|
BPO Systems Factoid: Initial compliance costs are minimal compared to the ongoing compliance efforts, if a structured framework is not adopted
|
Copyright © 2000 - 2006 BPO Systems Inc. All rights reserved |
Privacy Policy |
