« Expanding Quality Management System to support SOX implementation | Main | Quality Drives Economic Value »

SOX Section 404 Compliance: From Project to Sustainability

On 30-Nov-05, FEI published "Sarbanes-Oxley Section 404 Compliance: from Project to Sustainability"  by William M. Sinnett and Robert A. Howell ©November 2005. This Executive Report is based on a discussion by 38 Sarbanes-Oxley Section 404 implementation leaders from 33 of the nation’s largest companies on their experiences with compliance with Section 404 during fiscal year 2004 and up to Sept-2005. The Financial Executives International (FEI) is a leading international organization of 15,000 members, including Chief Financial Officers, Controllers, Treasurers, Tax Executives, and other senior financial executives.

The report recommends 33 good current practices for SOX Section 404 Sustainability.

One key recommendation, which impacts QMS/EMS managers, is to "Require self-assessment from the process owners" and use that as input to Management Reviews along with the traditional Internal Quality and Financial audit findings.

QMS/EMS and their auditors can help on most of these recommendations as we possess several useful methods and approaches:

  • Action Register
  • Audit Plan
  • Balanced Score Card
  • Business Process Management
  • Certified Quality Auditor
  • Information Technology
  • Internal Environmental Auditor
  • Internal Quality Auditor
  • Organizational Independence
  • Quality Management System
  • Risk Management

As a public service, this report is available to nonmembers and non-subscribers by request by emailing Lorna Raagas, [mailto:lraagas@fei.org].

Posted by John Walz on December 6, 2005 03:23 PM |

Email this entry to:


Your email address:


Message (optional):




Comments

Typically, the self-assessment that the FEI is referring to is either a)evaluating computer systems (section IV) as they impact financial data or b)Management Representation (section VII) which addresses financial internal control issues, financial representation and financial risk analysis.

The FEI and SOX are concerned with financial misstatements and the risk of financial misstatements when there are insufficient internal financial controls.

That being said, the assessment we make of our Quality systems will have some impact on the SOX financial self assessment, but not a major impact.

Posted by: David Cassard | December 8, 2005 05:29 PM

Very interesting and informative. Wondering if the author ever worked for Lucent?

Posted by: Mike Server | December 20, 2005 01:01 PM

Mike,
Yes at Lucent I learned first hand about financial systems implementation. One failed project was a German ERP system that was wholly managed by the IT department and had to be rolled out after rejection from Operations. The next try was a California ERP system that whose implementation was managed by a cross-functional team of finance, operations, and quality, and a parallel executive level steering committee. This implementation was successful. :)

Posted by: John Walz | December 29, 2005 03:52 PM

Post a comment