TechTarget

IT looks the weak link in compliance

IT systems could be the weak link in an organisation's compliance projects, according to Ernst & Young.

IT systems could be the weak link in an organisation's compliance projects, according to Ernst & Young.

The professional services firm found that more than 40% of large US companies surveyed had discovered "significant weaknesses" in the IT systems underpinning projects to comply with the Sarbanes-Oxley regulations on corporate governance.

Sarbanes-Oxley, which comes into force next April for UK firms listed on US stock exchanges, will require companies to link financial reporting systems in different offices and subsidiaries.

Section 404 of the Sarbanes-Oxley Act 2002 requires listed companies to report on the effectiveness of their internal controls, such as rules embedded in IT systems or financial safeguards.

IT problems highlighted by the Ernst & Young survey included controlling employee access to sensitive financial information and IT security.

"Management should not underestimate the IT implications of Sarbanes-Oxley and the volume of work this requires from the typical IT department," said Erol Mustafa, partner at Ernst & Young. "Businesses often fail to understand fully how their IT systems actually control business processes. Documentation and testing of these controls is critical, and documentation that already exists often does not reflect the reality."

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close