Presentation is loading. Please wait.

Presentation is loading. Please wait.

Keeping Your SOX on: Quality Improvement for Sustaining SOX compliance Proprietary and Confidential by Unitech Systems Inc. All rights reserved.

Published bySamuel Robbins Modified over 8 years ago

Similar presentations

Presentation on theme: "Keeping Your SOX on: Quality Improvement for Sustaining SOX compliance Proprietary and Confidential by Unitech Systems Inc. All rights reserved."— Presentation transcript:

1 Keeping Your SOX on: Quality Improvement for Sustaining SOX compliance Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved

2 2 Purpose of today’s discussion To discuss the challenges and opportunities presented by the SOX compliance To outline an information centric approach towards improving organizational performance for sustaining SOX compliance

3 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 3 Agenda State of Financial reporting and SOX mandate Modeling Enterprise Information SOX compliance and continuous improvements Key Benefits

4 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 4 Agenda State of Financial reporting and SOX mandate Modeling Enterprise Information SOX compliance and continuous improvements Key Benefits

5 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 5 State of Financial reporting [Ref: Huron Consulting Group; Information Integrity Coalition; http://www.forbes.com ]http://www.forbes.com Inaccurate, Inconsistent and Unreliable financial report is a Quality Issue

6 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 6 SOX Primer Sarbanes-Oxley was enacted in a major effort to prevent accounting scandals and other reporting problems from recurring, and to rebuild public trust in corporate business practices and reporting. Establishes new or enhanced standards for corporate accountability and penalties for corporate wrongdoing. Contains 11 titles, ranging from additional responsibilities for audit committees to tougher criminal penalties for white-collar crimes such as securities fraud. Defines a higher level of responsibility, accountability, and financial reporting transparency – changes that ultimately are intended to return to investors the confidence.

7 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 7 SOX key requirements CEO and CFO certification Real time disclosure of material events Disclosure Control and Procedures Internal Controls Over Financial Reporting Internal Control Reports and Assertions External Auditor Attestation

8 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 8 Challenges Multiple isolated compliance efforts Focus is on compliance ( read documentation) Distraction from “Business as Usual” activities Compliance does not guarantee business sustainability – Quality does For better value,Compliance management should be part of “business as usual activities. [Ref: Booz, Allen Hamilton, 2004]

9 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 9 I Manufacturing Transportation Energy Explosion in products II Software Internet E-Commerce Explosion in Information Industrial Revolutions Ref: Martin Bariff, 2004 at ISACA

10 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 10 Improving Quality of Financial Reporting Process Focus Assure the quality of the financial reporting processes Assure the integrity and accuracy of the controls relevant to financial reporting processes Assure the integrity of the information outputs Reduce fraud through regulations

11 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 11 Agenda State of Financial reporting and SOX mandate Modeling Enterprise Information SOX compliance and continuous improvements Key Benefits

12 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 12 What is Information Integrity? Information Integrity (I*I) is the trustworthiness or dependability of information as defined by the accuracy, consistency & reliability of information content, processes and systems. Accuracy: The degree of agreement between a particular value and an identified source that provides the correct value at a specific point in time. Consistency: The degree of agreement among repeated instances of the same information (occur in space, over time, and in relation to one another at the same point in time). Reliability: The degree to which information is complete, current, and verifiable.

13 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 13 I*I Risks are linked to “Static” business models in changing markets Process re-engineering initiatives Growth in business, information, and data Information systems initiatives “Off System” analytical work

14 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 14 IndustryImpact of I*I failures TelecomAbout 5-11% of revenue is lost [1]. That is about $15-30 billion a year[1]. Banking30 banks had reported total operational losses of around 2.6 billion euros. [5,6] During year 2000, UK lost £113 million through non- compliant documents being presented under letters of credit.[3] InsuranceUS Medicare program lost between 7-10% of its budget due to I*I related errors[4]. RetailUS retail companies lost about $5.6 billion in year 2001 [2] due to clerical and administrative errors. [1] D&T, Revenue assurance survey, PWC, KPMG publications[4] GAO report,1999, IIC report,2001 [2] 2001, National security survey, university of Florida[5] BIS, “Quantitative Impact Study”, 2002 [3] SITPRO, 2003 [6] Rick Harris, “Domestic regulatory approaches to operational risk”, 2002 Reported magnitude of I*I issues

15 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 15 Unitech’s Framework is comprehensive The Unitech’s Enterprise Information Model (EIM) is a comprehensive framework for identifying focal business processes for integrity evaluation The four quadrants can be populated with issues and processes representing every aspect of enterprise operations

16 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 16 Information Exchange Integrity

17 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 17 I*I Assessments Ref: Martin Bariff, 2004 at ISACA

18 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 18 I*I Rating Systems Process-Based Ratings – Management Requirements Ref: "Building an Information Integrity Rating System,“ by Craig M. Watson, April 12, 2004 Examples from Quality world Usually for business process

19 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 19 AAA Investment Grade BBB Non-Investment Grade Bbb Junk Source: "Building an Information Integrity Rating System,“ by Craig M. Watson, April 12, 2004 Outcome-Based Ratings – Performance Requirements I*I Rating Systems Usually for information exchanges. Examples include financial statement released to public, individual bank statements etc. Similar examples Trustworthy information Acceptable non critical information Non Acceptable

20 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 20 Agenda State of Financial reporting and SOX mandate Modeling Enterprise Information SOX compliance and continuous improvements Key Benefits

21 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 21 Baldrige Framework

22 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 22 Several Concepts – Several Tools Quality Management Risk Management Control Management Information Integrity Management Six Sigma, Quality Circle Business Process Reengineering Integrity Risk Assessment Enterprise Risk Management COSO, COBIT (Baldrige Criteria for Performance Excellence ) Corporate Governance Model

23 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 23 Integrated Management Systems Approach Baldrige based Management System Information Integrity Requirements Quality Requirements Integrity ToolsQuality Tools SOX ComplianceRegulatory CompliancePerformance Excellence Corporate Governance

24 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 24 Agenda State of Financial reporting and SOX mandate Modeling Enterprise Information SOX compliance and continuous improvements Key Benefits

25 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 25 Benefits of the Unitech Approach Enterprise-based The Enterprise Information Model embraces all major processes in the enterprise. One tool provides the total perspective Process-Focused Our approach is driven by a relentless focus on practical process understanding. As a result, we connect with management thinking and deliver practical integrity improvements. Effective/Efficient We look at processes from both effectiveness and efficiency perspectives, thus broadening performance impact Compliance-rich Unitech is particularly suitable for supporting Sarbanes-Oxley and Basel II compliance initiatives. We provide documentation of controls, as well as a high-level of confidence in the results Generally adaptable Unitech’s approach can be applied to ANY business process, yielding powerful insights into information integrity, as well as performance improvement potential

26 Proprietary and Confidential Copyright@2005 by Unitech Systems Inc. All rights reserved 26 More Resources www.asq.org/ii www.informationintegrity.org www.unitechsys.com

Download ppt "Keeping Your SOX on: Quality Improvement for Sustaining SOX compliance Proprietary and Confidential by Unitech Systems Inc. All rights reserved."

Similar presentations

Auditors Have a Great Responsibility

Auditors Have a Great Responsibility
Sarbanes-Oxley Act of 2002 UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.

Sarbanes-Oxley Act of 2002 UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Control and Accounting Information Systems

Control and Accounting Information Systems
Control and Accounting Information Systems

Control and Accounting Information Systems
Data Rich Information Poor ( D.R.I.P) Business Environment – the Next Quality Frontier Proprietary and Confidential by Infogix Systems Inc.

Data Rich Information Poor ( D.R.I.P) Business Environment – the Next Quality Frontier Proprietary and Confidential by Infogix Systems Inc.
MODERN AUDITING 7th Edition

MODERN AUDITING 7th Edition
“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”

“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”
Comparative Analysis of IT Control Frameworks in the Context of SOX By: Malik Datardina, CA, CISA University of Waterloo.

Comparative Analysis of IT Control Frameworks in the Context of SOX By: Malik Datardina, CA, CISA University of Waterloo.
IS3350 Security Issues in Legal Context

IS3350 Security Issues in Legal Context
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
1 Introduction of Panel Members Sarbanes-Oxley Section 404 Overview Insert Worlds Image / Client Specific Image Here Scott Henderson

1 Introduction of Panel Members Sarbanes-Oxley Section 404 Overview Insert Worlds Image / Client Specific Image Here Scott Henderson
Assurance, Attestation, and Internal Auditing Services

Assurance, Attestation, and Internal Auditing Services
©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder 1 - 1 The Demand for Audit and Other Assurance Services Chapter 1.

©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder The Demand for Audit and Other Assurance Services Chapter 1.
1 Sarbanes-Oxley Section 404 June 29, 2005. 2  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.

1 Sarbanes-Oxley Section 404 June 29,  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.
AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.

AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.
Seminar in Accounting & Society SOX – Section 404 April 23, 2008.

Seminar in Accounting & Society SOX – Section 404 April 23, 2008.
Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.

Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.
Adam Bearhalter Kristy Kelly Julie Bland Alex Tiset.

Adam Bearhalter Kristy Kelly Julie Bland Alex Tiset.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Similar presentations

Ads by Google