Sarbanes-Oxley: Issues for 2004

For the large percentage of firms with fiscal years ending in December, a significant amount of work and technology investment likely lie ahead in 2004 to meet compliance requirements of the Sarbanes-Oxley Act. Congress passed the Sarbanes-Oxley Act to force more stringent financial reporting and auditing guidelines on public companies to protect scandals similar to those that rocked Enron and Worldcom. The deadline for compliance is based on when a company's fiscal 2004 year ends. For those with a calendar reporting period, the deadline will be December 31, 2004. Among the items required for compliance is the hiring of a new auditor that the company hasn't used previously to analyze business tools as well as process checks and balances and to look at code control in software. Almost all compliance requirements fall into one of two themes - data confidentiality and document or information retention. These new requirments add to a controller's already full plate. Besides managing payroll and holding down costs, they are now being asked to spearhead the subcertification process that now precedes all financial filings. And the tedious task of documenting internal controls rests squarely on their shoulders.