View Online DemoDownload TrialPurchase Products
Home Company Products Services Demo Partners Customers



 Case Studies

  Overview

  Partner Connectivity

  HIPAA

  Sarbanes-Oxley

  


Case Study — Sarbanes-Oxley

Background

This document is a business case study that addresses the complexities associated with satisfying federal requirements of the law officially known as the Public Company Accounting Reform and Investor Protection Act and enacted in July 2002. The Sarbanes-Oxley Act, as the law is better-known as, holds executives responsible for the accurate financial reporting of a company.

The law requires companies to make new disclosures on internal controls, ethics codes and the makeup of their audit committees on annual reports. The initial phase of the act focuses on Section 404, which requires companies to perform a self-assessment of risks for business processes that affect financial reporting. Sarbanes-Oxley is a multi-phased effort, including: planning; scoping, which is determining what information in the company needs to be documented; looking for information gaps; and implementation, evaluation and monitoring.

The Situation

The Sarbanes-Oxley Act added complex compliance requirements and consequences to an already heavy regulatory burden for organizations. Although compliance can be extremely difficult and costly, over time it's a significant benefit for the management of the company.

The Sarbanes-Oxley Act fundamentally boils down to managing business or operational risks. These risks often result from company presonnel not identifying and acting upon a risk, or lack of identified business processes. Operational risk requires processes and controls capable of identiying a risk, notifying approrpriate personnel to act upon a risk, and risk resolution and escalation. Appropriate information is required for personnel to respond to these risks, but certainly the most important criteria is to identify that the risk exists and requires consideration.

The Sarbanes-Oxley Act demands policy and business process reform within companies to address operational risk. As part of compliance, executive management has been forced to scrutinize their existing business processes and systems to bring them into compliance, and reduce company and personal exposure. Compliance with Sarbanes-Oxley standards is not just a goal, but also a way to operate your business in a new and efficient manner. It requires policies and procedures, business contingency, risk management, security measures, personnel security, access control, and awareness and training.

The Solution

Conuity can help you address your Sarbanes-Oxley issues and improve the business processes, and risk management associated with compliance (e.g. stock option grants, sale of stock). The best approach to Sarbanes-Oxley compliance is one that provides individuals to be proactive in management of business risk, provides an early warning system, and is agile to meet continuous changes, as Sarbanes-Oxley compliance is better understood.

Conuity's solutions enable you to improve and maximize the performance within your organization. Not just in meeting the letter of compliance, but employing a standard best-practice business process system to meet the requirements of the business. This includes assessing the extent to which the organization complies, but also with management of issues that may have detrimental impacts on the business.

Using Conuity software establishes business risk management as an ongoing process. One that establishes controls, notifications, assigns accountability, and measures effectiveness. Organizations should strive to automate these processes throughout the organization. Business Risk Management requires proactive monitoring of situations, notification of aberrant situations to appropriate personnel, and escalation management to insure satisfactory resolution. The solution requires role-specific interfaces insuring proper access levels to different personnel, providing a workflow, tracking progress, and finally insuring a proper audit trail.

Conuity's products are designed to reduce the manual processes associated with Sarbanes-Oxley compliance. Our comprehensive solution brings information to users insuring that tasks are delegated to appropriate personnel with the proper access level, making it easy for them to get the information they need, when they need it, and to make the most informed decision.

Ultimately, the goal of the solution is not only Sarbanes-Oxley compliance, but also the reduction of business risk and increase in operational efficiency.

The Results

Conuity enables your organization to:

  • Produce higher-quality business processes throughout the organization with higher-level awareness and controls
  • Visibility of potential risk
  • Insure that individuals have access to the most appropriate information, when they need it; in order to make more informed decisions
  • Define who may access and use select information, and provide a platform for collaboration
  • Set alerts and notifications for situations
  • Manage cost, quality and risk
  • Eliminate manual processes
  • Improve business process while bringing the organization into Sarbanes-Oxley compliance
  • Reduce paperwork freeing the organization to focus on operational and revenue-generating activities
  • Support auditing of information access and dissemination
  • Empower management to measure performance and quickly implement change to improve business processes
  • Identify areas where process and policy can be used to improve the performance of the organization
  • Standardize processes across organizations

Copyright © 2004, Conuity Corporation - All rights reserved. | Privacy statement ! Terms of use | Tel 1.603.672-5941