UK companies should not ease up on their IT projects to
comply with the evolving demands of the Sarbanes-Oxley Act, despite
a recent relaxation on the reporting requirements of the corporate
governance regulation, analyst firm Gartner has
warned.
The US financial markets regulator, the Securities and Exchange
Commission, last month said it would delay plans to require firms
to file their quarterly and annual reports within 60 days of their
financial period closings, rather than 75 days under current
regulations.
The 60-day reporting requirement was due to come into force next
year.
Although originating from the US, Sarbanes-Oxley affects UK
companies that are listed on the main US stock exchanges.
Gartner has warned that the Sarbanes-Oxley regulations still pose
significant challenges for corporate IT departments leaving no room
for complacency.
IT challenges include verifying that information held within
disparate systems worldwide is correct; and that controls are in
place to prevent staff accessing unauthorised information. Firms
will also need to show an audit trail of changes made to IT
systems.
"For the 2005 budgets IT people should consider the technology
necessary to comply with Sarbanes-Oxley," said French Caldwell,
vice-president and director at the compliance service of Gartner.
He added that the technology needed to comply - to manage records
and monitor business activity, business processes and corporate
performance - could give firms a return on investment.
"[The technology] can decrease the storage you need and litigation
costs may go down as you have an audit trail for everything you
do."
The European Commission published a proposed directive on auditing
earlier this year that has serious implications for IT.