How to Reduce Costs when Complying with SOX 404

Section 404 contains the most onerous and most costly requirements you’ll ever encounter in the Sarbanes-Oxley Act (SOX). In this article, we?ll take a closer look at the salient points of this contentious piece of legislation as it relates to IT. We?ll also explain why companies are encountering difficulties in complying with it.

Then as soon as we’ve tackled the main issues of this section and identify the pitfalls of compliance, we can then proceed with a discussion of what successful CIOs have done to eliminate those difficulties and consequently bring down their organisation’s IT compliance costs. From this post, you can glean insights that can help you plan a cost-effective way of achieving IT compliance with SOX.

SOX 404 in a nutshell

Section 404 of the Sarbanes-Oxley Act, entitled Management Assessment of Internal Controls, requires public companies covered by the Act to submit an annual report featuring an assessment of their company?s internal controls.

This ?internal control report? should state management’s responsibility in establishing/maintaining an adequate structure and a set of procedures for internal control over your company?s financial reporting processes. It should also contain an assessment of the effectiveness of those controls as of the end of your most recent fiscal year.

Because SOX also requires the public accounting firm that conducts your audit reports to attest to and report on your assessments, you can’t just make baseless claims regarding the effectiveness of your internal controls. As a matter of fact, you are mandated by both SEC and PCAOB to follow widely accepted control frameworks like COSO and COBIT. This framework will serve as a uniform guide for the internal controls you set up, the assessments you arrive at, and the attestation your external auditor reports on.

Why compliance of Section 404 is costly

Regardless which of the widely acceptable control frameworks you end up using, you will always be asked to document and test your controls. These activities can consume a considerable amount of man-hours and bring about additional expenses. Even the mere act of studying the control framework and figuring out how to align your current practices with it can be very tricky and can consume precious time; time that can be used for more productive endeavours.

Of course, there are exceptions. An organisation with highly centralised operations can experience relative ease and low costs while implementing SOX 404. But if your organisation follows a largely decentralised operation model, e.g. if you still make extensive use of spreadsheets in all your offices, then you’ll surely encounter many obstacles.

According to one survey conducted by FEI (Financial Executives International), an organisation that carried out a series of SOX-compliance-related surveys since the first year of SOX adoption, respondents with centralised operations enjoyed lower costs of compliance compared to those with decentralised operations. For example, in 2007, those with decentralised operations spent 30.1 % more for compliance than those with centralised operations.

The main reason for this disparity lies in the disorganised and complicated nature of spreadsheet systems.

Read why spreadsheets post a burden when complying with SOX and other regulations.

Unfortunately, a large number of companies still rely heavily on spreadsheets. Even those with expensive BI (Business Intelligence) systems still use spreadsheets as an ad-hoc tool for data processing and reporting.

Because compliance with Section 404 involves a significant amount of fixed costs, smaller companies tend to feel the impact more. This has been highlighted in the ?Final Report of the Advisory Committee on Smaller Public Companies? published on April 23, 2006. In that report, which can be downloaded from the official website of the US Securities and Exchange Commission, it was shown that:

Companies with over $5 Billion revenues spent only about 0.06% of revenues on Section 404 implementation
Companies with revenues between $1B – $4.9B spent about 0.16%
Companies with revenues between $500M – $999M spent about 0.27%
Companies with revenues between $100M – $499M spent about 0.53%
Companies with revenues less than $100M spent a whopping 2.55% on Section 404

Therefore, not only can you discern a relationship between the size of a company and the amount that the company ends up spending for SOX 404 relative to its revenues, but you can also clearly see that the unfavourable impact of Section 404 spending is considerably more pronounced in the smallest companies. Hence, the smaller the company is, the more crucial it is for that company to find ways that can bring down the costs of Section 404 implementation.

How to alleviate costs of section 404

If you recall the FEI survey mentioned earlier, it was shown that organisations with decentralised operations usually ended up spending more for SOX 404 implementation than those that had a more centralized model. Then in the ?Final Report of the Advisory Committee on Smaller Public Companies?, it was also shown that public companies with the smallest revenues suffered a similar fate.

Can we draw a line connecting those two? Does it simply mean that large spending on SOX affects two sets of companies, i.e., those that have decentralised operations and those that are small? Or can there be an even deeper implication? Might it not be possible that these two sets are actually one and the same?

From our experience, small companies are less inclined to spend on server based solutions compared to the big ones. As a result, it is within this group of small companies where you can find a proliferation of spreadsheet systems. In other words, small companies are more likely to follow a decentralised model. Spreadsheets were not designed to implement strict control features, so if you want to apply a control framework on a spreadsheet-based system, it won’t be easy.

For example, how are you going to conduct testing on every single spreadsheet cell that plays a role in financial reporting when the spreadsheets involved in the financial reporting process are distributed across different workstations in different offices in an organisation with a countrywide operation?

It’s really not a trivial problem.

Based on the FEI survey however, the big companies have already found a solution – employing a server-based system.

Typical server based systems, which of course espouse a centralised model, already come with built-in controls. If you need to modify or add more controls, then you can do so with relative ease because practically everything you need to do can be carried out in just one place.

For instance, if you need to implement high availability or perform backups, you can easily apply redundancy in a cost-effective way – e.g. through virtualisation – if you already have a server-based system. Aside from cost-savings in SOX 404 implementation, server-based systems also offer a host of other benefits. Click that link to learn more.

Not sure how to get started on a cost-effective IT compliance initiative for SOX? You might want to read our post How To Get Started With Your IT Compliance Efforts for SOX.?

Check our similar posts

Convert visits to sales to repeat purchases

The moment you start seeing more than a thousand unique visitors in just one day, we won’t be surprised if you’d be grinning ear to ear the entire week. But when weeks turn into months, you’ll then remember why you started off on this venture in the first place … and it wasn’t about just owning an immensely popular website.

People, like you, who’ve chosen to invest in eCommerce were most likely thinking along the lines of great ROI, revenues, and profits. Now that you have thousands of visitors, how would you like to have, say for a start, 1% of them buying the products on your site?

You know more about your own product prices; you do the math. But what might really interest you is that a slight change in that 1% conversion rate can already spell a big difference in your profits. Now imagine bringing that 1% up to at least 10%. That’s possible, but not if you simply rely on guesswork.

We rely on tests applicable to complex multi-variable systems, just like today’s typical eCommerce websites, in determining which combination of copy text, landing page images, form layouts, and background colours generate higher conversion rates.

Here’s how we’ll convert your visitors into buyers:

We’ll conduct A/B or even multivariate tests on your eCommerce website, thus eliminating guesswork in determining how to increase those conversion rates.
We’ll perform on-site and off-site web analytics to gain a deeper understanding of web usage to aid in our optimisation operations.
Through our expertise in copywriting, graphics and web designing, UI designing, and website QA, we can enhance and fine tune your site to give each visitor a uniquely engaging browsing experience.
We can also integrate CRM (Customer Relationship Management) systems so that you’ll have the technical advantage to turn one-time buyers into repeat customers.

How to Improve Corporate Efficiency through IT

When revenues are low, what do you do to improve your profit? Obviously, those same revenues should at least remain the same. So, the objective would be to deliver the same products and services for less cost. More for less. Such is the essence of corporate efficiency.

There are many things that can make a company inefficient. There are outdated procedures, poor coordination between departments, managers? lack of business visibility, and prolonged down times, to mention a few. As a company grows, these issues get more severe.

You can overcome all these by deploying the right IT solutions. But don’t IT solutions increase spending instead? Au contraire. The last couple of decades have seen the rise of IT solutions that help companies’realise obvious cost savings in no time.

Streamline processes and keep departments in-sync

Company inefficiencies are largely due to outdated systems and procedures. These systems and procedures were not built for the dynamic and complex business environments of today that are being shaped by increasingly onerous regulations, fierce and growing competition, significant economic upswings and downturns, new battlefronts (like the Web) and logistical strategies (like outsourcing), and IT-savvy crooks.

So when your employees force outdated systems to meet today?s business demands, they’re just not able to deliver. At least not efficiently.

Another major cause of inefficiency is the discordance among departments, business units, and even individual staff members themselves. There are those who still use highly personalised spreadsheets and other disparate applications, which make data consolidation take forever and the financial close a perennial headache.

Costly devices like mobile phones, netbooks, and tablet PCs, which are supposedly designed to provide better communication, are not fully maximised. If these are subsidised by the company, then they also contribute to company inefficiency.

One way to deal with these issues is to deploy server based solutions. By centralising your IT system, you can easily implement various improvements that can pave the way for better communication and collaboration, stronger security, faster processes and transactions, and shorter down times for troubleshooting and maintenance. All these clearly translate to cost savings.

Gain better visibility

Corporate efficiency can be improved if your decision makers can make wise and well-informed decisions, faster. But they can only do this if reports they receive from people down the line are timely, accurate, and reliable. Basically, data should be presented in a way for managers to gain quick insights from.

If your people take too much time scrutinising, interpreting, and reconciling data, you can’t hope to gain a significant competitive advantage. Equally important to managing an ongoing project is the speed at which you make a go/no go decision to start or stop a project. A wise, quick decision will help you avoid wastage.

The same holds true when making purchases and investment decisions. It’s all about quickly eliminating waste and investing only on those that will give you fast, positive returns.

Clear business visibility will allow managers to allocate resources where they are most effective, to pinpoint what products and services being offered are more profitable, and to identify which customers are giving better business from an overall perspective.

These are all possible with business intelligence. We know, we know. You’ll say BI solutions will force you to break the bank. Not anymore. At least, not all. There are already two main types of BI solutions: on-premise and SaaS. The latter will generally cost you less.

Of course, each type has its own advantages, and you’ll really have to look into the size of your organisation, the number of source systems your decision-making platform is connected to, integration requirements, budget, etc. to make sure you get the most out of your investment.

But IT solutions cost an arm and a leg

Again, not anymore. These days, you can find IT products that are faster, more functional, and more powerful than their predecessors at a fraction of the cost. When it comes to getting more affordable IT products and services, you now have many options.

For example, you can turn to open source solutions to save on license costs. These solutions are typically backed by vibrant and helpful communities where you can find an extensive source of technical support – many of which are for free. With popular open source products, you can easily tap from a large pool of developers with affordable rates any time you want to make system enhancements or customisation.

On another front, virtualization solutions allow you to save on CAPEX and OPEX by eliminating certain expenses normally used for setting up infrastructure or buying hardware and maintaining them. Server virtualisation, for instance, will allow you to consolidate servers and put them together into just one machine, while desktop virtualisation will enable you to eliminate unproductive hours associated with desktop down times by allowing you to redeploy a malfunctioning desktop very quickly.

Closely related to those are cloud-based solutions like SaaS (Software as a Service), IaaS (Infrastructure as a Service), and DCoD (Data Center on Demand). SaaS and IaaS will help you realize savings in acquisition and maintenance costs for software and hardware, while DCoD?s scalable services allow you to request for additional capacity, power and storage only as you need them, thus making you spend only according to your current infrastructure requirements.

Like we said, there are many, many options out there just waiting to be tapped.

Importance of Field Service Management Software for Mobile Working

Technology has been evolving at a fast pace. Changes are also happening simultaneously within different industries. Making a great difference in the business world right now is the trend of mobile working.

Thanks to platforms and tools, working while on the go is now easier and more streamlined. The field service industry also benefits from these technological advances.

Mobile technicians can now give excellent performance and do their job efficiently with no hands-on management needed.

Keep in mind that field service management is no joke. So, to achieve a smooth business and mobile worker management, you’ll need to invest in good mobile service management software.

But First, what is Mobile Working?

Mobile working is a method of working that is not tied to a single physical location.

It isn’t just about checking your emails on your phone or ringing your colleagues via Bluetooth while driving your car to the next appointment. It’s so much more intricate than that.

Effective mobile working means you’re mobilising your workers. Field technicians should have everything they need to complete their day to day work. You’re giving them their entire office in the form of a mobile device.

Mobile working, via a handheld device, allows field technicians to do the following:
● Access and input information about a work order
● Collaborate on projects
● Stay in touch with colleagues, clients and management
● Utilize effectively the different software features

Your field workers should have the support of a dynamic management tool that ensures they are sent to the job that utilises their skills effectively and efficiently.

That’s where a good field service management software shows its importance.

The Role of a Field Service Management Software

Your mobile workforce is scattered across various physical locations. You’ll need to connect with them and simultaneously manage your field service business.

Thanks to the increasing connectivity and improvement of technologies for this purpose, mobile workers can easily input and access any work order details via your chosen field service management software.

What Makes a Good Field Service Management Software?

There are 3 main points to consider when investing in a good mobile workforce management software:

1. It’s simple and familiar to use. Like we mentioned before, be sure to mobilise your field technicians – not the back-office system. Make sure your chosen app or software has a simple user interface so your workers can be on-the-go easily.

2. It works offline. Rural areas and highways can have poor connectivity. Sometimes agents will need to work in areas that have little to no network coverage or are deep down working in tunnels or around heavy machines and turbines. You don’t want your field technicians unable to complete work due to connectivity issues. Make sure to choose software that can function on their device while offline.

3. It’s flexible (and maintainable). Your field service management of choice should have real-time visibility. Flexible and improved visibility for a field worker means that they can do their best in any task. They can share or get critical information about orders and customers. This drastically improves job completion rates and customer satisfaction.

Importance of Field Service Management Software to Mobile Working

Utilize the technology that is available to you. Your mobile workforce should have the right tools so they can make sure to do their fieldwork efficiently without worrying about tedious administrative work. Any back-office task can be done quickly through a field service management software.

And that’s the most important role of a great mobile service management app — effective mobile worker efficiency.

Benefits of a Field Service Management Software to Mobile Working

● Additional revenue: By simplifying the administrative work, your field technician can even double the work order in their daily shift, meaning more profit for the business.

● Cost-cutting: The cloud-based nature of a field service management software means that your business can reduce the cost of on-site IT.
Your mobile workforce can operate from wherever they have an online connection, meaning less reliance on offices and building costs.

● Boosts overall efficiency: A mobile workforce management software allows you as a manager to monitor in real-time where they are and what they are doing. It means that problems can be identified and dealt with immediately.
Your field technician, in turn, becomes more efficient because the technology allows them a quicker response, instead of taking too long finishing administrative tasks.

Invest in a great field service management software. Check out FieldElite and see how they can help you with the following mobile working features:
• Accepts jobs in the field
• Automate appointment scheduling
• Manage scheduled jobs
• Get real-time visibility into all operations
• Have a clear and easy viewing of job locations
• Resolve field service calls faster
• Enable mobile workers to get the job done right
• Keep customers updated at every step
• Create quotations and accept payments
• Analyse efficient reports from field technicians