SlideShare ist ein Scribd-Unternehmen logo

Thinking outside the box (SOX)

Vladimir Matviychuk
Vladimir Matviychuk
BusinessWirtschaft & Finanzen
1 von 20
Downloaden Sie, um offline zu lesen
Thinking outside the SOX box Transforming your compliance function for competitive advantage
What if? What if you could: • Reduce your SOX compliance costs? You can … by making a bold move and • Be capable of quicker, more on-point changing how you think about and decision-making across your entire execute your SOX function. enterprise? • Free up existing resources for strategic initiatives? 3
Table of contents Page 1 Executive summary: Significant opportunity exists to transform your SOX function Our survey reveals four actions companies can take now to empower their SOX functions to create fundamental advantages in their sectors. Page 2 1. Automating your controls Replacing manual detect controls with embedded automated controls will make a significant difference in the hours burned on SOX each year, resulting in an immediate impact on your cost-containment efforts. Page 4 2. Offshoring for lower-cost resources The SOX function procedures are now well codified — it’s time to realize cost efficiencies from globalizing your resources. Page 6 3. Leveraging your IT investment The benefits of going beyond simple automation and more comprehensively leveraging all of your IT resources also applies to your SOX function. Page 8 4. Innovating strategically Strategic innovation around SOX execution can enhance your competitive advantage. Page 13 Conclusion: Thinking differently about your SOX function SOX compliance is an opportunity to bring innovative approaches to help you drive more value into your operations. Page 14 Appendices: • Background • Industry breakdown
Executive summary Significant opportunity exists to transform your SOX function In April 2011, Ernst & Young conducted a face-to-face survey A small proportion of the interviewees, however, have evolved their with 225 global executives about their SOX compliance functions. thinking. Their companies have come to look at SOX the way they For the most part, we found organizations are still treating SOX look at many of their operations: as an opportunity to innovate, to compliance the same way most of them originally looked at it: as a automate and to gain competitive advantage. These are companies compliance exercise. that have seen the correlation between certain SOX compliance practices and the ability of the SOX function to add value to the business — which 56% of the executives considered a key challenge “Adding value to the business” identified for their SOX function. as a key challenge of SOX functions Thinking outside the SOX box reveals four actions companies can take now to empower their SOX functions to create fundamental advantages in their sectors: What are the key challenges faced by your SOX function? 1. Automate controls The majority of respondents consider adding value to their business a key 2. Offshore for lower-cost resources challenge of the SOX function. 3. Leverage IT investment 4. Innovate strategically Cost/Level of effort and innovation in control 58% testing strategies The Who’s Who of this report Adding value 56% The executives who took part in the survey were all in positions to the business that gave them a close-up view of SOX activities at their Integration with companies — and they told us that the SOX function is definitely other risk and 44% on the C-suite radar: 78% of the survey participants report to compliance functions the CFO, CAE or the Controller. Providing learning and career opportunities 37% for SOX personnel We aimed for broad-based representation across industries, with 21 sectors involved, ranging from aerospace and defense to Technology- 32% telecommunications. The greatest number of respondents were related challenges in banking and capital markets and insurance, with 11% each of the total participants, followed by technology (9%), and power Controls monitoring 32% and utilities and consumer products (8%). See Appendices for full industry breakdown. Effectiveness 25% While we talked with executives at companies ranging in size from of resources less than US$1 billion in annual revenues to more than US$50 Dealing with mergers billion, the bulk of the participants (65%) were in the middle of the or acquisitions of 16% range, companies between US$1 billion and US$25 billion in size. private or non-SOX- compliant entities Other 15% 1% None of the above 0% 10% 20% 30% 40% 50% 60% Multiple responses allowed 1
1. Automating your controls When we asked the survey executives about the number of controls • 35% of our participants indicate that they have more than 1,000 tested by their SOX function, we got a good picture of just how controls, more than 60% of which are key controls. massive an undertaking SOX compliance is: Then factor in that, for 62% of the companies, the testing of key controls alone took at least five hours … per control. Add test of design, walk-through and all the controls that aren’t designated as Companies that reduce their total number key − which could be 20%–40% of the total number of controls − and of controls tend to focus on key controls the time in the field to actually perform all the manual controls. In short, SOX is a tremendous drain on resources that could be deployed on other, more value-added tasks. What is your company’s total number of It’s a diverse drain on resources, as well: survey participants SOX-related controls? revealed they were experiencing SOX deficiencies in more than 10 different areas of SOX testing, from derivatives to inventory, with Total number of SOX-related controls 51% saying that IT general controls were giving them the most The majority of respondents have fewer than 1,000 controls. problems (financial statement close process was the second-highest area of deficiencies at 9%). Less than 250 19% Testing is the most time-consuming 250–499 24% of the three key SOX activities On average, how many hours do you spend on each 500–999 22% key control? Design and walk-throughs versus testing controls Between 22% • Most respondents spend less than five hours on design and walk-through 1,000–2,499 of each control. • By comparison, the majority of respondents spend 5 hours or more on 2,500 or more 13% testing per control. 0% 10% 20% 30% Design 80% 13% 6% 1% What percentage of your controls are key controls? Controls Percentage Walk-through 72% 25% 3% Less than 250 79% 250–499 78% 500–999 72% Testing 39% 39% 15% 8% Between 1,000–2,499 66% 2,500 or more 62% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Key controls as a percentage of total controls Less than 5 hours 5 to 10 hours Average key control percentages are provided for the corresponding 11 to 20 hours over 20 hours categories on left. The fewer total controls, the higher the percentage of focus on key controls. Companies that reduce their total number of controls Percentages may not total 100 due to rounding. tend to focus on key controls. 2
Budget/Spend for SOX compliance Few key controls fully automated What is the company’s annual budget/spend for What is the percentage of fully automated controls SOX compliance? (vs. manual or IT-dependent controls) that make up your total key controls? Less than $0.5 million 18% Fully automated key controls • Most respondents say that less than 25% of their key controls are fully automated. $0.5–$0.9 million 18% And yet, only 3% of the executives have fully automated more than half of their key controls — and 78% have fully automated less than a quarter $1–$1.9 million 27% of their key controls. $2–$2.9 million 15% No key controls 1% are fully automated $3–$4.9 million 8% Less than 10% of key controls are 36% fully automated $5 million 14% 10% to 25% of key or more controls are 41% 0% 5% 10% 15% 20% 25% 30% fully automated 26% to 50% of key controls are 19% Average Median fully automated US$2,766,742 US$1,200,000 51% to 75% of key controls are 3% fully automated You can easily see why 39% of participants consider cost More than 75% of key to be one of their key challenges. The SOX spend data confirms controls are 0% fully automated that this can be a major budget item: 0% 10% 20% 30% 40% 50% • 37% spend at least US$2 million annually. • 14% spend at least US$5 million. Takeaway There is widespread recognition that automation frees up Increasing use of automated controls can reduce your resources to be put to better use elsewhere. By increasing costs in other ways too. We saw 55% of survey participants your use of preventative automated controls and “turning indicate that their external auditors relied on 51% or more on” key switches in IT systems, you can drive down the of the walk-throughs and testing work performed in-house. number of manual touch points and labor-intensive detect So, if you automate controls and do SOX right, you may also controls. Similarly, using automated tools in the SOX be able to increase reliance by your auditor. This may help controls-testing process will have an immediate impact on reduce the time spent by your SOX-function employees SOX costs. handling the inquiries and testing by the external auditors. 3
2. Offshoring for lower-cost resources Cosourcing is already being used extensively in the SOX arena: 50% • 81% of our survey executives said that Internal Audit was of survey participants said that they used outside service providers involved with their SOX program. for some part of their SOX-compliance work, with 66% using outside • 40% indicated that their Internal Audit department devoted at resources for testing. And yet: least a quarter of its budget or more to SOX activities. The majority of respondents use outside providers — most often for testing Do you use an outside service provider for If yes, how do you use them? SOX activities? Outside service provider usage Outside service provider used for SOX activities Testing is the key activity performed by outside service providers. Just over half the respondents have an outside provider for one or more SOX activities. Testing 74% Scoping/ 18% risk assessment No Yes PMO 7% 48% 52% All of the above 16% Other 14% 0% 10% 20% 30% 40% 50% 60% 70% 80% Multiple responses allowed. 4
Most IA departments are involved in the SOX program Is Internal Audit involved in the SOX program? If IA is used in the SOX program, what percent of IA budget/capacity is spent on SOX testing? Internal Audit involvement in SOX program For the majority of respondents, the Internal Audit department is involved Internal Audit resources on SOX testing with the SOX program. Most respondents whose Internal Audit department is involved in the SOX program say that less than 25% of its budget and capacity is spent on SOX. testing. Less than 25% 59% No 19% 26%–50% 29% 51%–75% 10% Yes 81% Over 75% 1% Don't know/ 1% unsure 0% 10% 20% 30% 40% 50% 60% 70% The outsourcing of activities that aren’t fundamental to meeting SOX work performance breakdown strategic business objectives has been a leading business practice for many years now. There is no question that it reduces costs and What percentage of SOX work is performed by the allows in-house resources to be applied to more strategic, core- business matters. The off-shoring of such less-strategic operations following: not only helps companies reduce costs, but it also allows them to practice “follow the sun” operations, which provide another means Total 100% for increasing the productivity of in-house and (or) domestically Resources at corporate headquarters 60% located resources. Yet only 3% of our survey participants were using offshore resources for their SOX function. Regional resources at other company locations 26% Domestic third-party resources 9% Takeaway Other 2% The basic procedures involved in the SOX function have Offshore third-party resources 2% been in practice for several years and are fairly well Offshore resources not at company locations 1% codified. Now is the time to realize the cost efficiencies that can be derived from globalizing your resources. 5
3. Leveraging your IT investment Let’s be clear: leveraging your IT investment goes far beyond turning on various automated controls in the systems and automating testing. There is a real opportunity to use technology Ernst & Young more strategically. Yet, we found only small percentages using more innovative technology-based techniques: Controls Review Tool • Only 21% employ data analytics regularly. Ernst & Young’s proprietary Controls • 88% never use predictive modeling. Review Tool (CRT) enables our teams • 65% do not use continuous controls monitoring. to quickly assess their clients’ current We found that 90% of survey participants still use Excel® controls strategy and assist in the for their scoping exercise, when there are other third-party identification of potential opportunities tools that can slice and dice risks and controls in order to optimize scoping. for improving the strategy for testing controls and improving controls-related documentation. Testing process: data analytics or The CRT presents internal controls predictive modeling? data in a user-friendly format, including How often do you use the following as part of your a summary of control statistics, a testing process? detailed breakdown of controls by processes and related applications, Tools used in the testing process and different views of the relationships Most respondents either never or sometimes use advanced analytical techniques as part of their control testing process. between controls and risks. The CRT Among those who use them often or always, data analytics is the most can also help provide visibility into popular technique. opportunities for rationalizing or optimizing controls, including better leveraging of automated controls. Data 37% 42% 15% 6% analytics Automated testing 39% 44% 14% 3% methods 1% Predictive 88% 9% 2% modeling 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Never Sometimes Often Always 6
Continuous controls monitoring Excel® favored for scoping exercises not widely used What tools/software do you use as part of your For what percent of SOX controls do you perform scoping exercise? continuous controls monitoring (e.g., leveraging Blackline to monitor account reconciliations)? Continuous controls monitoring Excel® 90% • Almost all respondents say that they either do not perform continuous controls monitoring at all, or do so for less than 25% of all SOX controls. Third-party 19% vendor/software Do not perform continuous 65% controls In-house – monitoring developed tool/ 14% software Less than 25% 28% None 4% 26%–50% 3% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% 51%–75% 1% Multiple responses allowed. More than 75% 2% 0% 10% 20% 30% 40% 50% 60% 70% Percentages may not total 100 due to rounding. Takeaway Strategic use of your IT investment is a critical driver of competitive advantage. Our survey results suggest that this holds true for applying it to your SOX functions as well. 7
4. Innovating strategically Our survey explored the opportunities for applying innovative Specific innovative practices we asked about included: practices to the SOX function and found this to be a relatively • Use of control self-assessment (58% do not use at all) untapped option. • Peer reviews (63% do not use at all) For instance, when asked when the last time a controls rationalization/optimization or other innovative exercise had • Incorporating the SOX function into ERM program (48% do not) been conducted − only 52% of respondents said it had been • Creating more entity-level controls (94% had fewer than a quarter during the current fiscal year. of their key controls as entity-level controls) Incorporating the SOX function into Few key controls are entity-level controls Enterprise Risk Management What is the percentage of entity-level controls that Is SOX incorporated into your Enterprise Risk make up your total key controls? Management (ERM) program? Entity-level controls as percentage of total Relationship between SOX and ERM key controls Almost half of respondents do not incorporate SOX into their ERM programs. Less than 10% of key controls are 54% entity-level controls 10%–25% of key controls are 40% entity-level controls 26%–50% of key controls are entity- 5% No Yes level controls 48% 52% 51%–75% of key controls are entity- 1% level controls More than 75% of key controls are entity 1% level controls 0% 10% 20% 30% 40% 50% 60% Percentages may not total 100 due to rounding. The use of entity-level controls is a particularly under-utilized opportunity. Since one really effective entity-level monitoring control may eliminate the need to do many transaction-level controls, companies can significantly reduce the testing workload by properly designing robust and effective entity level controls. 8
Rationalization/optimization exercises have been performed When was the last time a rationalization/optimization If a rationalization/optimization or other or some other innovative exercise was conducted? innovative exercise was conducted, what techniques were used? Innovative exercises Only 52% performed rationalization/ optimization or other innovative Key techniques exercises this fiscal year. Most respondents utilized rationalization of in-scope controls. Current 52% Rationalization of 91% s a year in-scope controls Increased reliance on higher-level quarterly/monthly 55% ast s a year 19% controls and less on transactional controls Automation/ Two or more Optimization of 42% 24% SOX controls years ago Global standardization of control set (if 41% Not performed 4% multiple countries/ locations) Use of technology 22% 0% 10% 20% 30% 40% 50% 60% for testing Percentages may not total 100 due to rounding. Implementation of continuous controls 20% monitoring Other 7% None of the above 2% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Multiple responses allowed. 9
Control self-assessment not widely used Peer reviews not widely used For what percent of controls does the company use For what percent of controls does the company use control self-assessment (CSA)? peer reviews? CSA Peer reviews • The majority of respondents do not use CSA. • The majority of respondents do not use peer reviews. Do not use Do not use 63% control 58% peer reviews self-assessment 17% Less than 25% 16% Less than 25% 26%–50% 5% 26%–50% 4% 3% 51%–75% 4% 51%–75% More than 75% 12% More than 75% 16% 0% 10% 20% 30% 40% 50% 60% 70% 0% 10% 20% 30% 40% 50% 60% 70% Percentages may not total 100 due to rounding. Percentages may not total 100 due to rounding. 10
There appears to be good reason to explore such innovative The leveraging of SOX information and testing with other practices: they help deliver additional value for the business. departments that could put it to valuable use was also fairly For instance, of those survey participants who had incorporated minimal: their SOX function into their ERM program, 79% were satisfied or • Only 9% of participants indicate they “significantly” leverage extremely satisfied with the ability of their SOX function to add their SOX testing results with their regulatory and compliance value, while only 54% of those who hadn’t folded SOX into ERM functions. programs were similarly satisfied. Similar results were noted when we asked about continuous controls monitoring. • Only 3% of participants do the same with their legal department. Leveraging SOX information and testing across other functions/ departments within a company will decrease the burden felt by the SOX incorporated into ERM program and business units. Another point here is that there are opportunities to get a leg up on the competition by building the SOX function into satisfaction with value the regular ebb and flow of business operations — by using self assessments or peer reviews. Once you change the mindset at Is SOX incorporated into your ERM program? the business-unit level, the SOX function can move beyond compliance and into helping manage and monitor the business How satisfied are you with the ability of your SOX on a continuous basis. function to add value? Internal Audit most often leverages SOX testing results How much do you leverage your SOX testing results with other departments in the company or other No 45% 43% 11% compliance/reporting functions? o Leveraging SOX testing results o Respondents leverage SOX testing results most with the Internal Audit department. e Yes o o 21% 65% 14% IA 7% 13% 26% 54% 0% 20% 40% 60% 80% 100% ess s s e s e e e s s e Regulatory/ 33% 39% 19% 9% Percentages may not total 100 due to rounding. Compliance There are also opportunities to get ahead of the competition by exploring and developing innovative ways to generate more usable Legal 51% 35% 11% 3% SOX information and (or) put SOX testing/data to more diversified use. When we asked about the frequency of controls testing, we 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% found only 4% test continuously through the year. This is roughly the same percentage that has fully automated most controls Not at all Very little Moderately (which is probably required to make it economically feasible to do continuous testing). 11
Does this lack of innovation matter? Our survey participants seem Frequency of testing and roll-forward to think so. The participants whose companies refrain from using the most progressive testing and scoping practices are less satisfied approach with the ability of their SOX function to add value. What is the frequency of your testing and your roll- forward approach? Use of continuous controls monitoring, Key techniques CSA and peer reviews coincides with Frequency results for testing and rollforward are fairly evenly distributed fewer respondents being less than over the year among the respondents. satisfied with value of SOX function A greater percentage of respondents who were “less Controls tested continuously throughout 4% than satisfied” with the ability of their SOX function the year to add value do not use the most progressive or Majority of controls tested in innovative practices: Q1 or Q2 and then roll-forward 23% procedures/testing re-performed in Q4 Majority of controls tested in 25% Q1 or Q2 and limited 25% CSA roll-forward procedures 37% performed in Q4 Majority of controls tested later in the year (late Q3/Q4), 29% no rollforward performed 22% Peer review 38% Controls testing spread 20% evenly throughout the year 0% 10% 20% 30% 40% Continuous 19% control Percentages may not total 100 due to rounding. 39% monitoring 0% 5% 10% 15% 20% 25% 30% 35% 40% Use technique Do not use technique Takeaway In the global economy of the 21st century, innovation often plays a vital role in differentiating a company and bringing it to a position of industry leadership. Strategic innovation around SOX execution can lead to better strategic use of your existing resources. 12
Conclusion Thinking differently about your SOX function Thinking outside the SOX box shows that SOX compliance is an opportunity to bring innovative approaches to a subject area that has become somewhat stale and routine. Innovative practices and approaches improve the chances that a company will build more value into its operations, including: • Reductions in spend from a substantial line-item cost • More strategic allocations of financial-control resources • Greater consistency and efficiency of controls across locations through automation • Reduced stress and burden on in-house resources through a powerful combination of automation, outsourcing, and leveraging SOX work across the company • Using automated techniques (e.g., data analytics) — Expanded and more comprehensive risk coverage without increasing the budget When this shift in perspective occurs, there is ample opportunity to bring strategic innovation to the seemingly mundane SOX issues of scoping processes and testing strategies and execution. There are sophisticated tools to explore. Different approaches to acquiring and analyzing data can make the data more valuable, not only for compliance tasks, but for other previously unexplored purposes. 13
Appendices: Background Company revenues Internal Audit department and Internal Control department both own the SOX Annual revenue: administration and testing Annual revenue categories and responses The majority of the respondents fall into the category of US$1 billion to Who owns administration and testing components of US$25 billion in terms of their annual revenues. the SOX compliance function? Ownership of the SOX compliance function The Internal Audit department and the Internal Controls department are the Less than 7% $1 billion main divisions controlling the administration and testing components of SOX compliance for the current respondents. $1–$10 billion 42% Internal Audit 34% department 56% SOX/Internal $11–$25 billion 23% 52% Controls 29% department Finance and 14% accounting 10% $26–$50 billion 13% Business/Process 6% owners 17% More than 14% External service 2% $50 billion provider 14% Compliance/Risk 4% 0% 10% 20% 30% 40% 50% management 5% 2% Percentages may not total 100 due to rounding. Other 4% 0% 10% 20% 30% 40% 50% 60% Administration Testing Multiple responses allowed. 14
Industry breakdown SOX compliance function reports most Response by industry often to the CFO Industry categories To whom does the SOX compliance function report? The two industries with the maximum number of completed surveys were Banking and Capital Markets and Insurance. Reporting relationship of the SOX compliance function Insurance 11% Most respondents report to either the CFO, CAE or the Controller. Banking and capital markets 11% Technology 9% Consumer products 8% Power and utilities 8% CFO 45% Oil and gas 7% Automotive 7% Life sciences 7% CAE 20% iversi ed industrial products 6% Media and entertainment 6% Retail and wholesale 6% Controller 13% Telecommunications 5% Aerospace and defense 2% Asset management 2% 2% Legal counsel Chemicals 2% Mining and metals 2% Real Estate 2% 2% Chief ris of cer 2% Transportation Provider care 1% Chief compliance Airlines 1% 2% of cer Pro essional rms and services 1% Government and 0% public sector SOX steering t r r t 0% committee 2% Private equity 0% 0% 5% 10% 15% 15% Other 0% 10% 20% 30% 40% 50% Percentages may not total 100 due to rounding. 15
Contacts Is your SOX function geared for this transformation? Ernst & Young can help you explore this opportunity. Robert F. Cullen III Sapna Ahuja Partner, Advisory Services Senior Manager, Advisory Services +1 612 343 1000 +1 212 773 5928 robert.cullen@ey.com sapna.ahuja@ey.com For a copy of the complete SOX survey, please contact the above or your Ernst & Young engagement team. For related thought leadership from Ernst & Young, please visit: ey.com
Ernst & Young Assurance | Tax | Transactions | Advisory About Ernst & Young Ernst & Young is a global leader in assurance, tax, transaction and advisory services. Worldwide, our 141,000 people are united by our shared values and an unwavering commitment to quality. We make a difference by helping our people, our clients and our wider communities achieve their potential. Ernst & Young refers to the global organization of member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit www.ey.com. Ernst & Young LLP is a client-serving member firm of Ernst & Young Global Limited operating in the US. © 2011 EYGM Limited All Rights Reserved. EYG No. BT0117 This publication contains information in summary form and is therefore intended for general guidance only. It is not intended to be a substitute for detailed research or the exercise of professional judgment. Neither EYGM Limited nor any other member of the global Ernst & Young organization can accept any responsibility for loss occasioned to any person acting or refraining from action as a result of any material in this publication. On any specific matter, reference should be made to the appropriate advisor.

Empfohlen

Thinking outside the box survey questions
Thinking outside the box survey questions Thinking outside the box survey questions
Thinking outside the box survey questions Vladimir Matviychuk
 
Upgrade Your Customer Experience
Upgrade Your Customer ExperienceUpgrade Your Customer Experience
Upgrade Your Customer ExperienceG3 Communications
 
Four Keys to Ensuring PLM Adoption
Four Keys to Ensuring PLM AdoptionFour Keys to Ensuring PLM Adoption
Four Keys to Ensuring PLM AdoptionPTC
 
Business in the Community Ireland CEO Survey October 2012
Business in the Community Ireland CEO Survey October 2012Business in the Community Ireland CEO Survey October 2012
Business in the Community Ireland CEO Survey October 2012Amarach Research
 
CEO Responsible Ireland survey 2012
CEO Responsible Ireland survey 2012CEO Responsible Ireland survey 2012
CEO Responsible Ireland survey 2012Business in the Community Ireland
 
Protractor end-to-end testing framework for angular js
Protractor end-to-end testing framework for angular jsProtractor end-to-end testing framework for angular js
Protractor end-to-end testing framework for angular jscodeandyou forums
 
Testing Backbone applications with Jasmine
Testing Backbone applications with JasmineTesting Backbone applications with Jasmine
Testing Backbone applications with JasmineLeon van der Grient
 
Jasmine framework
Jasmine frameworkJasmine framework
Jasmine frameworkVishwanath KC
 

Empfohlen

Thinking outside the box survey questions
Thinking outside the box survey questions Thinking outside the box survey questions
Thinking outside the box survey questions Vladimir Matviychuk
 
Upgrade Your Customer Experience
Upgrade Your Customer ExperienceUpgrade Your Customer Experience
Upgrade Your Customer ExperienceG3 Communications
 
Four Keys to Ensuring PLM Adoption
Four Keys to Ensuring PLM AdoptionFour Keys to Ensuring PLM Adoption
Four Keys to Ensuring PLM AdoptionPTC
 
Business in the Community Ireland CEO Survey October 2012
Business in the Community Ireland CEO Survey October 2012Business in the Community Ireland CEO Survey October 2012
Business in the Community Ireland CEO Survey October 2012Amarach Research
 
CEO Responsible Ireland survey 2012
CEO Responsible Ireland survey 2012CEO Responsible Ireland survey 2012
CEO Responsible Ireland survey 2012Business in the Community Ireland
 
Protractor end-to-end testing framework for angular js
Protractor end-to-end testing framework for angular jsProtractor end-to-end testing framework for angular js
Protractor end-to-end testing framework for angular jscodeandyou forums
 
Testing Backbone applications with Jasmine
Testing Backbone applications with JasmineTesting Backbone applications with Jasmine
Testing Backbone applications with JasmineLeon van der Grient
 
Jasmine framework
Jasmine frameworkJasmine framework
Jasmine frameworkVishwanath KC
 
20150128 angular js_headless_testing
20150128 angular js_headless_testing20150128 angular js_headless_testing
20150128 angular js_headless_testingBenjamin Neu
 
интернет в социологии важнейшие информационные сайты дадададад)))
интернет в социологии важнейшие информационные сайты дадададад)))интернет в социологии важнейшие информационные сайты дадададад)))
интернет в социологии важнейшие информационные сайты дадададад)))faqMEN
 
Testing Angular 2 Applications - HTML5 Denver 2016
Testing Angular 2 Applications - HTML5 Denver 2016Testing Angular 2 Applications - HTML5 Denver 2016
Testing Angular 2 Applications - HTML5 Denver 2016Matt Raible
 
Advanced Jasmine
Advanced JasmineAdvanced Jasmine
Advanced Jasminejbellsey
 
The sweet smell of jasmine for testing JavaScript
The sweet smell of jasmine for testing JavaScriptThe sweet smell of jasmine for testing JavaScript
The sweet smell of jasmine for testing JavaScriptEmma Armstrong
 
Automated Acceptance Testing Example
Automated Acceptance Testing ExampleAutomated Acceptance Testing Example
Automated Acceptance Testing ExampleHani Massoud
 
Angular Testing
Angular TestingAngular Testing
Angular TestingPriscila Negreiros
 
Carmen Popoviciu - Protractor styleguide | Codemotion Milan 2015
Carmen Popoviciu - Protractor styleguide | Codemotion Milan 2015Carmen Popoviciu - Protractor styleguide | Codemotion Milan 2015
Carmen Popoviciu - Protractor styleguide | Codemotion Milan 2015Codemotion
 
Better End-to-End Testing with Page Objects Model using Protractor
Better End-to-End Testing with Page Objects Model using ProtractorBetter End-to-End Testing with Page Objects Model using Protractor
Better End-to-End Testing with Page Objects Model using ProtractorKasun Kodagoda
 
Protractor overview
Protractor overviewProtractor overview
Protractor overviewAbhishek Yadav
 
Protractor training
Protractor trainingProtractor training
Protractor trainingSergiy Stotskiy
 
Protractor for angularJS
Protractor for angularJSProtractor for angularJS
Protractor for angularJSKrishna Kumar
 
Advanced Jasmine - Front-End JavaScript Unit Testing
Advanced Jasmine - Front-End JavaScript Unit TestingAdvanced Jasmine - Front-End JavaScript Unit Testing
Advanced Jasmine - Front-End JavaScript Unit TestingLars Thorup
 
Protractor: Tips & Tricks
Protractor: Tips & TricksProtractor: Tips & Tricks
Protractor: Tips & TricksSergey Bolshchikov
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOXMahesh Patwardhan
 
Slideshare.Com Powerpoint
Slideshare.Com PowerpointSlideshare.Com Powerpoint
Slideshare.Com Powerpointguested929b
 
Rational collaborative-lifecycle-management-2012
Rational collaborative-lifecycle-management-2012Rational collaborative-lifecycle-management-2012
Rational collaborative-lifecycle-management-2012Strongback Consulting
 
Financial Planning Best Practices and IBM Cognos TM1 Demonstration
Financial Planning Best Practices and IBM Cognos TM1 DemonstrationFinancial Planning Best Practices and IBM Cognos TM1 Demonstration
Financial Planning Best Practices and IBM Cognos TM1 DemonstrationSenturus
 
Improving software economics - Top 10 principles of achieving agility at scale
Improving software economics - Top 10 principles of achieving agility at scaleImproving software economics - Top 10 principles of achieving agility at scale
Improving software economics - Top 10 principles of achieving agility at scaleIBM Rational software
 
Strategies of Top Performing Organizations in Deploying AIOps - key findings
Strategies of Top Performing Organizations in Deploying AIOps - key findingsStrategies of Top Performing Organizations in Deploying AIOps - key findings
Strategies of Top Performing Organizations in Deploying AIOps - key findingsDigital Enterprise Journal
 
Ems11 Programme
Ems11 ProgrammeEms11 Programme
Ems11 ProgrammeMandy_Long
 
Strategies of Top Performing Organizations in Deploying AIOps - key findings
Strategies of Top Performing Organizations in Deploying AIOps - key findingsStrategies of Top Performing Organizations in Deploying AIOps - key findings
Strategies of Top Performing Organizations in Deploying AIOps - key findingsDigital Enterprise Journal
 

Weitere ähnliche Inhalte

Andere mochten auch

20150128 angular js_headless_testing
20150128 angular js_headless_testing20150128 angular js_headless_testing
20150128 angular js_headless_testingBenjamin Neu
 
интернет в социологии важнейшие информационные сайты дадададад)))
интернет в социологии важнейшие информационные сайты дадададад)))интернет в социологии важнейшие информационные сайты дадададад)))
интернет в социологии важнейшие информационные сайты дадададад)))faqMEN
 
Testing Angular 2 Applications - HTML5 Denver 2016
Testing Angular 2 Applications - HTML5 Denver 2016Testing Angular 2 Applications - HTML5 Denver 2016
Testing Angular 2 Applications - HTML5 Denver 2016Matt Raible
 
Advanced Jasmine
Advanced JasmineAdvanced Jasmine
Advanced Jasminejbellsey
 
The sweet smell of jasmine for testing JavaScript
The sweet smell of jasmine for testing JavaScriptThe sweet smell of jasmine for testing JavaScript
The sweet smell of jasmine for testing JavaScriptEmma Armstrong
 
Automated Acceptance Testing Example
Automated Acceptance Testing ExampleAutomated Acceptance Testing Example
Automated Acceptance Testing ExampleHani Massoud
 
Carmen Popoviciu - Protractor styleguide | Codemotion Milan 2015
Carmen Popoviciu - Protractor styleguide | Codemotion Milan 2015Carmen Popoviciu - Protractor styleguide | Codemotion Milan 2015
Carmen Popoviciu - Protractor styleguide | Codemotion Milan 2015Codemotion
 
Better End-to-End Testing with Page Objects Model using Protractor
Better End-to-End Testing with Page Objects Model using ProtractorBetter End-to-End Testing with Page Objects Model using Protractor
Better End-to-End Testing with Page Objects Model using ProtractorKasun Kodagoda
 
Protractor for angularJS
Protractor for angularJSProtractor for angularJS
Protractor for angularJSKrishna Kumar
 
Advanced Jasmine - Front-End JavaScript Unit Testing
Advanced Jasmine - Front-End JavaScript Unit TestingAdvanced Jasmine - Front-End JavaScript Unit Testing
Advanced Jasmine - Front-End JavaScript Unit TestingLars Thorup
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOXMahesh Patwardhan
 
Slideshare.Com Powerpoint
Slideshare.Com PowerpointSlideshare.Com Powerpoint
Slideshare.Com Powerpointguested929b
 

Andere mochten auch (16)

20150128 angular js_headless_testing
20150128 angular js_headless_testing20150128 angular js_headless_testing
20150128 angular js_headless_testing
 
интернет в социологии важнейшие информационные сайты дадададад)))
интернет в социологии важнейшие информационные сайты дадададад)))интернет в социологии важнейшие информационные сайты дадададад)))
интернет в социологии важнейшие информационные сайты дадададад)))
 
Testing Angular 2 Applications - HTML5 Denver 2016
Testing Angular 2 Applications - HTML5 Denver 2016Testing Angular 2 Applications - HTML5 Denver 2016
Testing Angular 2 Applications - HTML5 Denver 2016
 
Advanced Jasmine
Advanced JasmineAdvanced Jasmine
Advanced Jasmine
 
The sweet smell of jasmine for testing JavaScript
The sweet smell of jasmine for testing JavaScriptThe sweet smell of jasmine for testing JavaScript
The sweet smell of jasmine for testing JavaScript
 
Automated Acceptance Testing Example
Automated Acceptance Testing ExampleAutomated Acceptance Testing Example
Automated Acceptance Testing Example
 
Angular Testing
Angular TestingAngular Testing
Angular Testing
 
Carmen Popoviciu - Protractor styleguide | Codemotion Milan 2015
Carmen Popoviciu - Protractor styleguide | Codemotion Milan 2015Carmen Popoviciu - Protractor styleguide | Codemotion Milan 2015
Carmen Popoviciu - Protractor styleguide | Codemotion Milan 2015
 
Better End-to-End Testing with Page Objects Model using Protractor
Better End-to-End Testing with Page Objects Model using ProtractorBetter End-to-End Testing with Page Objects Model using Protractor
Better End-to-End Testing with Page Objects Model using Protractor
 
Protractor overview
Protractor overviewProtractor overview
Protractor overview
 
Protractor training
Protractor trainingProtractor training
Protractor training
 
Protractor for angularJS
Protractor for angularJSProtractor for angularJS
Protractor for angularJS
 
Advanced Jasmine - Front-End JavaScript Unit Testing
Advanced Jasmine - Front-End JavaScript Unit TestingAdvanced Jasmine - Front-End JavaScript Unit Testing
Advanced Jasmine - Front-End JavaScript Unit Testing
 
Protractor: Tips & Tricks
Protractor: Tips & TricksProtractor: Tips & Tricks
Protractor: Tips & Tricks
 
IT Control Objectives for SOX
IT Control Objectives for SOXIT Control Objectives for SOX
IT Control Objectives for SOX
 
Slideshare.Com Powerpoint
Slideshare.Com PowerpointSlideshare.Com Powerpoint
Slideshare.Com Powerpoint
 

Ähnlich wie Thinking outside the box (SOX)

Rational collaborative-lifecycle-management-2012
Rational collaborative-lifecycle-management-2012Rational collaborative-lifecycle-management-2012
Rational collaborative-lifecycle-management-2012Strongback Consulting
 
Financial Planning Best Practices and IBM Cognos TM1 Demonstration
Financial Planning Best Practices and IBM Cognos TM1 DemonstrationFinancial Planning Best Practices and IBM Cognos TM1 Demonstration
Financial Planning Best Practices and IBM Cognos TM1 DemonstrationSenturus
 
Improving software economics - Top 10 principles of achieving agility at scale
Improving software economics - Top 10 principles of achieving agility at scaleImproving software economics - Top 10 principles of achieving agility at scale
Improving software economics - Top 10 principles of achieving agility at scaleIBM Rational software
 
Strategies of Top Performing Organizations in Deploying AIOps - key findings
Strategies of Top Performing Organizations in Deploying AIOps - key findingsStrategies of Top Performing Organizations in Deploying AIOps - key findings
Strategies of Top Performing Organizations in Deploying AIOps - key findingsDigital Enterprise Journal
 
Ems11 Programme
Ems11 ProgrammeEms11 Programme
Ems11 ProgrammeMandy_Long
 
Strategies of Top Performing Organizations in Deploying AIOps - key findings
Strategies of Top Performing Organizations in Deploying AIOps - key findingsStrategies of Top Performing Organizations in Deploying AIOps - key findings
Strategies of Top Performing Organizations in Deploying AIOps - key findingsDigital Enterprise Journal
 
HCLT Whitepaper: Legacy Modernization
HCLT Whitepaper: Legacy Modernization HCLT Whitepaper: Legacy Modernization
HCLT Whitepaper: Legacy Modernization HCL Technologies
 
Continuous Auditing D.French
Continuous Auditing D.FrenchContinuous Auditing D.French
Continuous Auditing D.FrenchDan French
 
SOX modernization: Optimizing compliance while extracting value
SOX modernization: Optimizing compliance while extracting valueSOX modernization: Optimizing compliance while extracting value
SOX modernization: Optimizing compliance while extracting valueDeloitte United States
 
Trends in Collaboration Technology and Open Source Software 2011-2012
Trends in Collaboration Technology and Open Source Software 2011-2012Trends in Collaboration Technology and Open Source Software 2011-2012
Trends in Collaboration Technology and Open Source Software 2011-2012Mithi Software Technologies Pvt Ltd
 
AN IT EXECUTIVE'S OVERVIEW
AN IT EXECUTIVE'S OVERVIEWAN IT EXECUTIVE'S OVERVIEW
AN IT EXECUTIVE'S OVERVIEWRugby7277
 
Ephor Group FAO Brief (financial administration outsourcing)
Ephor Group FAO Brief (financial administration outsourcing)Ephor Group FAO Brief (financial administration outsourcing)
Ephor Group FAO Brief (financial administration outsourcing)Charles Bedard
 
High Efficiency in Manufacturing Operations
High Efficiency in Manufacturing OperationsHigh Efficiency in Manufacturing Operations
High Efficiency in Manufacturing OperationsFindWhitePapers
 
Adjust your audioThis is a narrated slide show. Please adjust
Adjust your audioThis is a narrated slide show. Please adjust Adjust your audioThis is a narrated slide show. Please adjust
Adjust your audioThis is a narrated slide show. Please adjust saundersabelard
 
Unlocking Your Organization\'s Warranty Management Potential
Unlocking Your Organization\'s Warranty Management PotentialUnlocking Your Organization\'s Warranty Management Potential
Unlocking Your Organization\'s Warranty Management PotentialImranMasood
 
Managing and Using Information Systems A Strategic Approach –.docx
Managing and Using Information Systems A Strategic Approach –.docxManaging and Using Information Systems A Strategic Approach –.docx
Managing and Using Information Systems A Strategic Approach –.docxtienboileau
 
Techno Arms Dealers and High Frequency Traders
Techno Arms Dealers and High Frequency TradersTechno Arms Dealers and High Frequency Traders
Techno Arms Dealers and High Frequency TradersCloudCheckr
 
Adjust your audioThis is a narrated slide show. Please adjust .docx
Adjust your audioThis is a narrated slide show. Please adjust .docxAdjust your audioThis is a narrated slide show. Please adjust .docx
Adjust your audioThis is a narrated slide show. Please adjust .docxMARK547399
 

Ähnlich wie Thinking outside the box (SOX) (20)

Rational collaborative-lifecycle-management-2012
Rational collaborative-lifecycle-management-2012Rational collaborative-lifecycle-management-2012
Rational collaborative-lifecycle-management-2012
 
Financial Planning Best Practices and IBM Cognos TM1 Demonstration
Financial Planning Best Practices and IBM Cognos TM1 DemonstrationFinancial Planning Best Practices and IBM Cognos TM1 Demonstration
Financial Planning Best Practices and IBM Cognos TM1 Demonstration
 
Improving software economics - Top 10 principles of achieving agility at scale
Improving software economics - Top 10 principles of achieving agility at scaleImproving software economics - Top 10 principles of achieving agility at scale
Improving software economics - Top 10 principles of achieving agility at scale
 
Strategies of Top Performing Organizations in Deploying AIOps - key findings
Strategies of Top Performing Organizations in Deploying AIOps - key findingsStrategies of Top Performing Organizations in Deploying AIOps - key findings
Strategies of Top Performing Organizations in Deploying AIOps - key findings
 
Ems11 Programme
Ems11 ProgrammeEms11 Programme
Ems11 Programme
 
Strategies of Top Performing Organizations in Deploying AIOps - key findings
Strategies of Top Performing Organizations in Deploying AIOps - key findingsStrategies of Top Performing Organizations in Deploying AIOps - key findings
Strategies of Top Performing Organizations in Deploying AIOps - key findings
 
HCLT Whitepaper: Legacy Modernization
HCLT Whitepaper: Legacy Modernization HCLT Whitepaper: Legacy Modernization
HCLT Whitepaper: Legacy Modernization
 
Khazi Sox A
Khazi Sox AKhazi Sox A
Khazi Sox A
 
Continuous Auditing D.French
Continuous Auditing D.FrenchContinuous Auditing D.French
Continuous Auditing D.French
 
SOX modernization: Optimizing compliance while extracting value
SOX modernization: Optimizing compliance while extracting valueSOX modernization: Optimizing compliance while extracting value
SOX modernization: Optimizing compliance while extracting value
 
Trends in Collaboration Technology and Open Source Software 2011-2012
Trends in Collaboration Technology and Open Source Software 2011-2012Trends in Collaboration Technology and Open Source Software 2011-2012
Trends in Collaboration Technology and Open Source Software 2011-2012
 
AN IT EXECUTIVE'S OVERVIEW
AN IT EXECUTIVE'S OVERVIEWAN IT EXECUTIVE'S OVERVIEW
AN IT EXECUTIVE'S OVERVIEW
 
Enterprise software delivery
Enterprise software deliveryEnterprise software delivery
Enterprise software delivery
 
Ephor Group FAO Brief (financial administration outsourcing)
Ephor Group FAO Brief (financial administration outsourcing)Ephor Group FAO Brief (financial administration outsourcing)
Ephor Group FAO Brief (financial administration outsourcing)
 
High Efficiency in Manufacturing Operations
High Efficiency in Manufacturing OperationsHigh Efficiency in Manufacturing Operations
High Efficiency in Manufacturing Operations
 
Adjust your audioThis is a narrated slide show. Please adjust
Adjust your audioThis is a narrated slide show. Please adjust Adjust your audioThis is a narrated slide show. Please adjust
Adjust your audioThis is a narrated slide show. Please adjust
 
Unlocking Your Organization\'s Warranty Management Potential
Unlocking Your Organization\'s Warranty Management PotentialUnlocking Your Organization\'s Warranty Management Potential
Unlocking Your Organization\'s Warranty Management Potential
 
Managing and Using Information Systems A Strategic Approach –.docx
Managing and Using Information Systems A Strategic Approach –.docxManaging and Using Information Systems A Strategic Approach –.docx
Managing and Using Information Systems A Strategic Approach –.docx
 
Techno Arms Dealers and High Frequency Traders
Techno Arms Dealers and High Frequency TradersTechno Arms Dealers and High Frequency Traders
Techno Arms Dealers and High Frequency Traders
 
Adjust your audioThis is a narrated slide show. Please adjust .docx
Adjust your audioThis is a narrated slide show. Please adjust .docxAdjust your audioThis is a narrated slide show. Please adjust .docx
Adjust your audioThis is a narrated slide show. Please adjust .docx
 

Mehr von Vladimir Matviychuk

Insights on it risks evolving it landscape
Insights on it risks evolving it landscapeInsights on it risks evolving it landscape
Insights on it risks evolving it landscapeVladimir Matviychuk
 
Управление рисками - серебряная пуля или данность моды?
Управление рисками - серебряная пуля или данность моды?Управление рисками - серебряная пуля или данность моды?
Управление рисками - серебряная пуля или данность моды?Vladimir Matviychuk
 
Building control efficiency: Rationalization, optimization and redesign
Building control efficiency: Rationalization, optimization and redesign Building control efficiency: Rationalization, optimization and redesign
Building control efficiency: Rationalization, optimization and redesign Vladimir Matviychuk
 
Insights on it risks cyber attacks
Insights on it risks cyber attacksInsights on it risks cyber attacks
Insights on it risks cyber attacksVladimir Matviychuk
 
Роль ИТ в выявлении и предотвращении мошенничества на предприятии
Роль ИТ в выявлении и предотвращении мошенничества на предприятииРоль ИТ в выявлении и предотвращении мошенничества на предприятии
Роль ИТ в выявлении и предотвращении мошенничества на предприятииVladimir Matviychuk
 
2010 giss results_global and ua_2010
2010 giss results_global and ua_20102010 giss results_global and ua_2010
2010 giss results_global and ua_2010Vladimir Matviychuk
 
как составить грамотный Slа
как составить грамотный Slакак составить грамотный Slа
как составить грамотный SlаVladimir Matviychuk
 

Mehr von Vladimir Matviychuk (18)

дети в интернете
дети в интернетедети в интернете
дети в интернете
 
Insights on it risk bcm
Insights on it risk bcmInsights on it risk bcm
Insights on it risk bcm
 
Insights on it risks evolving it landscape
Insights on it risks evolving it landscapeInsights on it risks evolving it landscape
Insights on it risks evolving it landscape
 
Управление рисками - серебряная пуля или данность моды?
Управление рисками - серебряная пуля или данность моды?Управление рисками - серебряная пуля или данность моды?
Управление рисками - серебряная пуля или данность моды?
 
Building control efficiency: Rationalization, optimization and redesign
Building control efficiency: Rationalization, optimization and redesign Building control efficiency: Rationalization, optimization and redesign
Building control efficiency: Rationalization, optimization and redesign
 
Insights on it risks cyber attacks
Insights on it risks cyber attacksInsights on it risks cyber attacks
Insights on it risks cyber attacks
 
Роль ИТ в выявлении и предотвращении мошенничества на предприятии
Роль ИТ в выявлении и предотвращении мошенничества на предприятииРоль ИТ в выявлении и предотвращении мошенничества на предприятии
Роль ИТ в выявлении и предотвращении мошенничества на предприятии
 
Privacy trends 2011
Privacy trends 2011Privacy trends 2011
Privacy trends 2011
 
2010 giss results_global and ua_2010
2010 giss results_global and ua_20102010 giss results_global and ua_2010
2010 giss results_global and ua_2010
 
Effective risk management
Effective risk managementEffective risk management
Effective risk management
 
как составить грамотный Slа
как составить грамотный Slакак составить грамотный Slа
как составить грамотный Slа
 
BCP intro
BCP introBCP intro
BCP intro
 
2010 GISS EY
2010 GISS EY2010 GISS EY
2010 GISS EY
 
Continious auditing
Continious auditingContinious auditing
Continious auditing
 
Security certification overview
Security certification overviewSecurity certification overview
Security certification overview
 
Legalcamp 2.0
Legalcamp 2.0Legalcamp 2.0
Legalcamp 2.0
 
Security Innovation Forum
Security Innovation ForumSecurity Innovation Forum
Security Innovation Forum
 
Yalta_10 _ey-cio_forum
Yalta_10 _ey-cio_forumYalta_10 _ey-cio_forum
Yalta_10 _ey-cio_forum
 

Kürzlich hochgeladen

Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...amitlee9823
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwaitdaisycvs
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with CultureSeta Wicaksana
 
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLJAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLkapoorjyoti4444
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceDamini Dixit
 
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000dlhescort
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...lizamodels9
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876dlhescort
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...amitlee9823
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...amitlee9823
 
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...lizamodels9
 
Falcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to ProsperityFalcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to Prosperityhemanthkumar470700
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756dollysharma2066
 
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...Sheetaleventcompany
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptxnandhinijagan9867
 

Kürzlich hochgeladen (20)

Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai KuwaitThe Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
The Abortion pills for sale in Qatar@Doha [+27737758557] []Deira Dubai Kuwait
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
 
Falcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in indiaFalcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in india
 
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLJAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
JAYNAGAR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
 
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort ServiceMalegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
Malegaon Call Girls Service ☎ ️82500–77686 ☎️ Enjoy 24/7 Escort Service
 
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
Call Girls In Majnu Ka Tilla 959961~3876 Shot 2000 Night 8000
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
Russian Call Girls In Rajiv Chowk Gurgaon ❤️8448577510 ⊹Best Escorts Service ...
 
Falcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to ProsperityFalcon's Invoice Discounting: Your Path to Prosperity
Falcon's Invoice Discounting: Your Path to Prosperity
 
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Majnu Ka Tilla, Delhi Contact Us 8377877756
 
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
Call Girls Zirakpur👧 Book Now📱7837612180 📞👉Call Girl Service In Zirakpur No A...
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
(Anamika) VIP Call Girls Napur Call Now 8617697112 Napur Escorts 24x7
 

Thinking outside the box (SOX)

  • 1. Thinking outside the SOX box Transforming your compliance function for competitive advantage
  • 2. What if? What if you could: • Reduce your SOX compliance costs? You can … by making a bold move and • Be capable of quicker, more on-point changing how you think about and decision-making across your entire execute your SOX function. enterprise? • Free up existing resources for strategic initiatives? 3
  • 3. Table of contents Page 1 Executive summary: Significant opportunity exists to transform your SOX function Our survey reveals four actions companies can take now to empower their SOX functions to create fundamental advantages in their sectors. Page 2 1. Automating your controls Replacing manual detect controls with embedded automated controls will make a significant difference in the hours burned on SOX each year, resulting in an immediate impact on your cost-containment efforts. Page 4 2. Offshoring for lower-cost resources The SOX function procedures are now well codified — it’s time to realize cost efficiencies from globalizing your resources. Page 6 3. Leveraging your IT investment The benefits of going beyond simple automation and more comprehensively leveraging all of your IT resources also applies to your SOX function. Page 8 4. Innovating strategically Strategic innovation around SOX execution can enhance your competitive advantage. Page 13 Conclusion: Thinking differently about your SOX function SOX compliance is an opportunity to bring innovative approaches to help you drive more value into your operations. Page 14 Appendices: • Background • Industry breakdown
  • 4. Executive summary Significant opportunity exists to transform your SOX function In April 2011, Ernst & Young conducted a face-to-face survey A small proportion of the interviewees, however, have evolved their with 225 global executives about their SOX compliance functions. thinking. Their companies have come to look at SOX the way they For the most part, we found organizations are still treating SOX look at many of their operations: as an opportunity to innovate, to compliance the same way most of them originally looked at it: as a automate and to gain competitive advantage. These are companies compliance exercise. that have seen the correlation between certain SOX compliance practices and the ability of the SOX function to add value to the business — which 56% of the executives considered a key challenge “Adding value to the business” identified for their SOX function. as a key challenge of SOX functions Thinking outside the SOX box reveals four actions companies can take now to empower their SOX functions to create fundamental advantages in their sectors: What are the key challenges faced by your SOX function? 1. Automate controls The majority of respondents consider adding value to their business a key 2. Offshore for lower-cost resources challenge of the SOX function. 3. Leverage IT investment 4. Innovate strategically Cost/Level of effort and innovation in control 58% testing strategies The Who’s Who of this report Adding value 56% The executives who took part in the survey were all in positions to the business that gave them a close-up view of SOX activities at their Integration with companies — and they told us that the SOX function is definitely other risk and 44% on the C-suite radar: 78% of the survey participants report to compliance functions the CFO, CAE or the Controller. Providing learning and career opportunities 37% for SOX personnel We aimed for broad-based representation across industries, with 21 sectors involved, ranging from aerospace and defense to Technology- 32% telecommunications. The greatest number of respondents were related challenges in banking and capital markets and insurance, with 11% each of the total participants, followed by technology (9%), and power Controls monitoring 32% and utilities and consumer products (8%). See Appendices for full industry breakdown. Effectiveness 25% While we talked with executives at companies ranging in size from of resources less than US$1 billion in annual revenues to more than US$50 Dealing with mergers billion, the bulk of the participants (65%) were in the middle of the or acquisitions of 16% range, companies between US$1 billion and US$25 billion in size. private or non-SOX- compliant entities Other 15% 1% None of the above 0% 10% 20% 30% 40% 50% 60% Multiple responses allowed 1
  • 5. 1. Automating your controls When we asked the survey executives about the number of controls • 35% of our participants indicate that they have more than 1,000 tested by their SOX function, we got a good picture of just how controls, more than 60% of which are key controls. massive an undertaking SOX compliance is: Then factor in that, for 62% of the companies, the testing of key controls alone took at least five hours … per control. Add test of design, walk-through and all the controls that aren’t designated as Companies that reduce their total number key − which could be 20%–40% of the total number of controls − and of controls tend to focus on key controls the time in the field to actually perform all the manual controls. In short, SOX is a tremendous drain on resources that could be deployed on other, more value-added tasks. What is your company’s total number of It’s a diverse drain on resources, as well: survey participants SOX-related controls? revealed they were experiencing SOX deficiencies in more than 10 different areas of SOX testing, from derivatives to inventory, with Total number of SOX-related controls 51% saying that IT general controls were giving them the most The majority of respondents have fewer than 1,000 controls. problems (financial statement close process was the second-highest area of deficiencies at 9%). Less than 250 19% Testing is the most time-consuming 250–499 24% of the three key SOX activities On average, how many hours do you spend on each 500–999 22% key control? Design and walk-throughs versus testing controls Between 22% • Most respondents spend less than five hours on design and walk-through 1,000–2,499 of each control. • By comparison, the majority of respondents spend 5 hours or more on 2,500 or more 13% testing per control. 0% 10% 20% 30% Design 80% 13% 6% 1% What percentage of your controls are key controls? Controls Percentage Walk-through 72% 25% 3% Less than 250 79% 250–499 78% 500–999 72% Testing 39% 39% 15% 8% Between 1,000–2,499 66% 2,500 or more 62% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Key controls as a percentage of total controls Less than 5 hours 5 to 10 hours Average key control percentages are provided for the corresponding 11 to 20 hours over 20 hours categories on left. The fewer total controls, the higher the percentage of focus on key controls. Companies that reduce their total number of controls Percentages may not total 100 due to rounding. tend to focus on key controls. 2
  • 6. Budget/Spend for SOX compliance Few key controls fully automated What is the company’s annual budget/spend for What is the percentage of fully automated controls SOX compliance? (vs. manual or IT-dependent controls) that make up your total key controls? Less than $0.5 million 18% Fully automated key controls • Most respondents say that less than 25% of their key controls are fully automated. $0.5–$0.9 million 18% And yet, only 3% of the executives have fully automated more than half of their key controls — and 78% have fully automated less than a quarter $1–$1.9 million 27% of their key controls. $2–$2.9 million 15% No key controls 1% are fully automated $3–$4.9 million 8% Less than 10% of key controls are 36% fully automated $5 million 14% 10% to 25% of key or more controls are 41% 0% 5% 10% 15% 20% 25% 30% fully automated 26% to 50% of key controls are 19% Average Median fully automated US$2,766,742 US$1,200,000 51% to 75% of key controls are 3% fully automated You can easily see why 39% of participants consider cost More than 75% of key to be one of their key challenges. The SOX spend data confirms controls are 0% fully automated that this can be a major budget item: 0% 10% 20% 30% 40% 50% • 37% spend at least US$2 million annually. • 14% spend at least US$5 million. Takeaway There is widespread recognition that automation frees up Increasing use of automated controls can reduce your resources to be put to better use elsewhere. By increasing costs in other ways too. We saw 55% of survey participants your use of preventative automated controls and “turning indicate that their external auditors relied on 51% or more on” key switches in IT systems, you can drive down the of the walk-throughs and testing work performed in-house. number of manual touch points and labor-intensive detect So, if you automate controls and do SOX right, you may also controls. Similarly, using automated tools in the SOX be able to increase reliance by your auditor. This may help controls-testing process will have an immediate impact on reduce the time spent by your SOX-function employees SOX costs. handling the inquiries and testing by the external auditors. 3
  • 7. 2. Offshoring for lower-cost resources Cosourcing is already being used extensively in the SOX arena: 50% • 81% of our survey executives said that Internal Audit was of survey participants said that they used outside service providers involved with their SOX program. for some part of their SOX-compliance work, with 66% using outside • 40% indicated that their Internal Audit department devoted at resources for testing. And yet: least a quarter of its budget or more to SOX activities. The majority of respondents use outside providers — most often for testing Do you use an outside service provider for If yes, how do you use them? SOX activities? Outside service provider usage Outside service provider used for SOX activities Testing is the key activity performed by outside service providers. Just over half the respondents have an outside provider for one or more SOX activities. Testing 74% Scoping/ 18% risk assessment No Yes PMO 7% 48% 52% All of the above 16% Other 14% 0% 10% 20% 30% 40% 50% 60% 70% 80% Multiple responses allowed. 4
  • 8. Most IA departments are involved in the SOX program Is Internal Audit involved in the SOX program? If IA is used in the SOX program, what percent of IA budget/capacity is spent on SOX testing? Internal Audit involvement in SOX program For the majority of respondents, the Internal Audit department is involved Internal Audit resources on SOX testing with the SOX program. Most respondents whose Internal Audit department is involved in the SOX program say that less than 25% of its budget and capacity is spent on SOX. testing. Less than 25% 59% No 19% 26%–50% 29% 51%–75% 10% Yes 81% Over 75% 1% Don't know/ 1% unsure 0% 10% 20% 30% 40% 50% 60% 70% The outsourcing of activities that aren’t fundamental to meeting SOX work performance breakdown strategic business objectives has been a leading business practice for many years now. There is no question that it reduces costs and What percentage of SOX work is performed by the allows in-house resources to be applied to more strategic, core- business matters. The off-shoring of such less-strategic operations following: not only helps companies reduce costs, but it also allows them to practice “follow the sun” operations, which provide another means Total 100% for increasing the productivity of in-house and (or) domestically Resources at corporate headquarters 60% located resources. Yet only 3% of our survey participants were using offshore resources for their SOX function. Regional resources at other company locations 26% Domestic third-party resources 9% Takeaway Other 2% The basic procedures involved in the SOX function have Offshore third-party resources 2% been in practice for several years and are fairly well Offshore resources not at company locations 1% codified. Now is the time to realize the cost efficiencies that can be derived from globalizing your resources. 5
  • 9. 3. Leveraging your IT investment Let’s be clear: leveraging your IT investment goes far beyond turning on various automated controls in the systems and automating testing. There is a real opportunity to use technology Ernst & Young more strategically. Yet, we found only small percentages using more innovative technology-based techniques: Controls Review Tool • Only 21% employ data analytics regularly. Ernst & Young’s proprietary Controls • 88% never use predictive modeling. Review Tool (CRT) enables our teams • 65% do not use continuous controls monitoring. to quickly assess their clients’ current We found that 90% of survey participants still use Excel® controls strategy and assist in the for their scoping exercise, when there are other third-party identification of potential opportunities tools that can slice and dice risks and controls in order to optimize scoping. for improving the strategy for testing controls and improving controls-related documentation. Testing process: data analytics or The CRT presents internal controls predictive modeling? data in a user-friendly format, including How often do you use the following as part of your a summary of control statistics, a testing process? detailed breakdown of controls by processes and related applications, Tools used in the testing process and different views of the relationships Most respondents either never or sometimes use advanced analytical techniques as part of their control testing process. between controls and risks. The CRT Among those who use them often or always, data analytics is the most can also help provide visibility into popular technique. opportunities for rationalizing or optimizing controls, including better leveraging of automated controls. Data 37% 42% 15% 6% analytics Automated testing 39% 44% 14% 3% methods 1% Predictive 88% 9% 2% modeling 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Never Sometimes Often Always 6
  • 10. Continuous controls monitoring Excel® favored for scoping exercises not widely used What tools/software do you use as part of your For what percent of SOX controls do you perform scoping exercise? continuous controls monitoring (e.g., leveraging Blackline to monitor account reconciliations)? Continuous controls monitoring Excel® 90% • Almost all respondents say that they either do not perform continuous controls monitoring at all, or do so for less than 25% of all SOX controls. Third-party 19% vendor/software Do not perform continuous 65% controls In-house – monitoring developed tool/ 14% software Less than 25% 28% None 4% 26%–50% 3% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% 51%–75% 1% Multiple responses allowed. More than 75% 2% 0% 10% 20% 30% 40% 50% 60% 70% Percentages may not total 100 due to rounding. Takeaway Strategic use of your IT investment is a critical driver of competitive advantage. Our survey results suggest that this holds true for applying it to your SOX functions as well. 7
  • 11. 4. Innovating strategically Our survey explored the opportunities for applying innovative Specific innovative practices we asked about included: practices to the SOX function and found this to be a relatively • Use of control self-assessment (58% do not use at all) untapped option. • Peer reviews (63% do not use at all) For instance, when asked when the last time a controls rationalization/optimization or other innovative exercise had • Incorporating the SOX function into ERM program (48% do not) been conducted − only 52% of respondents said it had been • Creating more entity-level controls (94% had fewer than a quarter during the current fiscal year. of their key controls as entity-level controls) Incorporating the SOX function into Few key controls are entity-level controls Enterprise Risk Management What is the percentage of entity-level controls that Is SOX incorporated into your Enterprise Risk make up your total key controls? Management (ERM) program? Entity-level controls as percentage of total Relationship between SOX and ERM key controls Almost half of respondents do not incorporate SOX into their ERM programs. Less than 10% of key controls are 54% entity-level controls 10%–25% of key controls are 40% entity-level controls 26%–50% of key controls are entity- 5% No Yes level controls 48% 52% 51%–75% of key controls are entity- 1% level controls More than 75% of key controls are entity 1% level controls 0% 10% 20% 30% 40% 50% 60% Percentages may not total 100 due to rounding. The use of entity-level controls is a particularly under-utilized opportunity. Since one really effective entity-level monitoring control may eliminate the need to do many transaction-level controls, companies can significantly reduce the testing workload by properly designing robust and effective entity level controls. 8
  • 12. Rationalization/optimization exercises have been performed When was the last time a rationalization/optimization If a rationalization/optimization or other or some other innovative exercise was conducted? innovative exercise was conducted, what techniques were used? Innovative exercises Only 52% performed rationalization/ optimization or other innovative Key techniques exercises this fiscal year. Most respondents utilized rationalization of in-scope controls. Current 52% Rationalization of 91% s a year in-scope controls Increased reliance on higher-level quarterly/monthly 55% ast s a year 19% controls and less on transactional controls Automation/ Two or more Optimization of 42% 24% SOX controls years ago Global standardization of control set (if 41% Not performed 4% multiple countries/ locations) Use of technology 22% 0% 10% 20% 30% 40% 50% 60% for testing Percentages may not total 100 due to rounding. Implementation of continuous controls 20% monitoring Other 7% None of the above 2% 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% Multiple responses allowed. 9
  • 13. Control self-assessment not widely used Peer reviews not widely used For what percent of controls does the company use For what percent of controls does the company use control self-assessment (CSA)? peer reviews? CSA Peer reviews • The majority of respondents do not use CSA. • The majority of respondents do not use peer reviews. Do not use Do not use 63% control 58% peer reviews self-assessment 17% Less than 25% 16% Less than 25% 26%–50% 5% 26%–50% 4% 3% 51%–75% 4% 51%–75% More than 75% 12% More than 75% 16% 0% 10% 20% 30% 40% 50% 60% 70% 0% 10% 20% 30% 40% 50% 60% 70% Percentages may not total 100 due to rounding. Percentages may not total 100 due to rounding. 10
  • 14. There appears to be good reason to explore such innovative The leveraging of SOX information and testing with other practices: they help deliver additional value for the business. departments that could put it to valuable use was also fairly For instance, of those survey participants who had incorporated minimal: their SOX function into their ERM program, 79% were satisfied or • Only 9% of participants indicate they “significantly” leverage extremely satisfied with the ability of their SOX function to add their SOX testing results with their regulatory and compliance value, while only 54% of those who hadn’t folded SOX into ERM functions. programs were similarly satisfied. Similar results were noted when we asked about continuous controls monitoring. • Only 3% of participants do the same with their legal department. Leveraging SOX information and testing across other functions/ departments within a company will decrease the burden felt by the SOX incorporated into ERM program and business units. Another point here is that there are opportunities to get a leg up on the competition by building the SOX function into satisfaction with value the regular ebb and flow of business operations — by using self assessments or peer reviews. Once you change the mindset at Is SOX incorporated into your ERM program? the business-unit level, the SOX function can move beyond compliance and into helping manage and monitor the business How satisfied are you with the ability of your SOX on a continuous basis. function to add value? Internal Audit most often leverages SOX testing results How much do you leverage your SOX testing results with other departments in the company or other No 45% 43% 11% compliance/reporting functions? o Leveraging SOX testing results o Respondents leverage SOX testing results most with the Internal Audit department. e Yes o o 21% 65% 14% IA 7% 13% 26% 54% 0% 20% 40% 60% 80% 100% ess s s e s e e e s s e Regulatory/ 33% 39% 19% 9% Percentages may not total 100 due to rounding. Compliance There are also opportunities to get ahead of the competition by exploring and developing innovative ways to generate more usable Legal 51% 35% 11% 3% SOX information and (or) put SOX testing/data to more diversified use. When we asked about the frequency of controls testing, we 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100% found only 4% test continuously through the year. This is roughly the same percentage that has fully automated most controls Not at all Very little Moderately (which is probably required to make it economically feasible to do continuous testing). 11
  • 15. Does this lack of innovation matter? Our survey participants seem Frequency of testing and roll-forward to think so. The participants whose companies refrain from using the most progressive testing and scoping practices are less satisfied approach with the ability of their SOX function to add value. What is the frequency of your testing and your roll- forward approach? Use of continuous controls monitoring, Key techniques CSA and peer reviews coincides with Frequency results for testing and rollforward are fairly evenly distributed fewer respondents being less than over the year among the respondents. satisfied with value of SOX function A greater percentage of respondents who were “less Controls tested continuously throughout 4% than satisfied” with the ability of their SOX function the year to add value do not use the most progressive or Majority of controls tested in innovative practices: Q1 or Q2 and then roll-forward 23% procedures/testing re-performed in Q4 Majority of controls tested in 25% Q1 or Q2 and limited 25% CSA roll-forward procedures 37% performed in Q4 Majority of controls tested later in the year (late Q3/Q4), 29% no rollforward performed 22% Peer review 38% Controls testing spread 20% evenly throughout the year 0% 10% 20% 30% 40% Continuous 19% control Percentages may not total 100 due to rounding. 39% monitoring 0% 5% 10% 15% 20% 25% 30% 35% 40% Use technique Do not use technique Takeaway In the global economy of the 21st century, innovation often plays a vital role in differentiating a company and bringing it to a position of industry leadership. Strategic innovation around SOX execution can lead to better strategic use of your existing resources. 12
  • 16. Conclusion Thinking differently about your SOX function Thinking outside the SOX box shows that SOX compliance is an opportunity to bring innovative approaches to a subject area that has become somewhat stale and routine. Innovative practices and approaches improve the chances that a company will build more value into its operations, including: • Reductions in spend from a substantial line-item cost • More strategic allocations of financial-control resources • Greater consistency and efficiency of controls across locations through automation • Reduced stress and burden on in-house resources through a powerful combination of automation, outsourcing, and leveraging SOX work across the company • Using automated techniques (e.g., data analytics) — Expanded and more comprehensive risk coverage without increasing the budget When this shift in perspective occurs, there is ample opportunity to bring strategic innovation to the seemingly mundane SOX issues of scoping processes and testing strategies and execution. There are sophisticated tools to explore. Different approaches to acquiring and analyzing data can make the data more valuable, not only for compliance tasks, but for other previously unexplored purposes. 13
  • 17. Appendices: Background Company revenues Internal Audit department and Internal Control department both own the SOX Annual revenue: administration and testing Annual revenue categories and responses The majority of the respondents fall into the category of US$1 billion to Who owns administration and testing components of US$25 billion in terms of their annual revenues. the SOX compliance function? Ownership of the SOX compliance function The Internal Audit department and the Internal Controls department are the Less than 7% $1 billion main divisions controlling the administration and testing components of SOX compliance for the current respondents. $1–$10 billion 42% Internal Audit 34% department 56% SOX/Internal $11–$25 billion 23% 52% Controls 29% department Finance and 14% accounting 10% $26–$50 billion 13% Business/Process 6% owners 17% More than 14% External service 2% $50 billion provider 14% Compliance/Risk 4% 0% 10% 20% 30% 40% 50% management 5% 2% Percentages may not total 100 due to rounding. Other 4% 0% 10% 20% 30% 40% 50% 60% Administration Testing Multiple responses allowed. 14
  • 18. Industry breakdown SOX compliance function reports most Response by industry often to the CFO Industry categories To whom does the SOX compliance function report? The two industries with the maximum number of completed surveys were Banking and Capital Markets and Insurance. Reporting relationship of the SOX compliance function Insurance 11% Most respondents report to either the CFO, CAE or the Controller. Banking and capital markets 11% Technology 9% Consumer products 8% Power and utilities 8% CFO 45% Oil and gas 7% Automotive 7% Life sciences 7% CAE 20% iversi ed industrial products 6% Media and entertainment 6% Retail and wholesale 6% Controller 13% Telecommunications 5% Aerospace and defense 2% Asset management 2% 2% Legal counsel Chemicals 2% Mining and metals 2% Real Estate 2% 2% Chief ris of cer 2% Transportation Provider care 1% Chief compliance Airlines 1% 2% of cer Pro essional rms and services 1% Government and 0% public sector SOX steering t r r t 0% committee 2% Private equity 0% 0% 5% 10% 15% 15% Other 0% 10% 20% 30% 40% 50% Percentages may not total 100 due to rounding. 15
  • 19. Contacts Is your SOX function geared for this transformation? Ernst & Young can help you explore this opportunity. Robert F. Cullen III Sapna Ahuja Partner, Advisory Services Senior Manager, Advisory Services +1 612 343 1000 +1 212 773 5928 robert.cullen@ey.com sapna.ahuja@ey.com For a copy of the complete SOX survey, please contact the above or your Ernst & Young engagement team. For related thought leadership from Ernst & Young, please visit: ey.com
  • 20. Ernst & Young Assurance | Tax | Transactions | Advisory About Ernst & Young Ernst & Young is a global leader in assurance, tax, transaction and advisory services. Worldwide, our 141,000 people are united by our shared values and an unwavering commitment to quality. We make a difference by helping our people, our clients and our wider communities achieve their potential. Ernst & Young refers to the global organization of member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit www.ey.com. Ernst & Young LLP is a client-serving member firm of Ernst & Young Global Limited operating in the US. © 2011 EYGM Limited All Rights Reserved. EYG No. BT0117 This publication contains information in summary form and is therefore intended for general guidance only. It is not intended to be a substitute for detailed research or the exercise of professional judgment. Neither EYGM Limited nor any other member of the global Ernst & Young organization can accept any responsibility for loss occasioned to any person acting or refraining from action as a result of any material in this publication. On any specific matter, reference should be made to the appropriate advisor.