Recent scandals in the corporate world have created a refreshed awareness of the audit function. A direct by-product of these scandals is the Sarbanes-Oxley Act of 2002 (SOX), which gives legal and financial muscle to the assurance of the integrity, reliability, and accuracy of financial reporting and corporate disclosures. In fact, based on a recent survey of CFO's and IT executives, 71 percent of the respondents believe that Section 404 of the Act, which requires business process audits and documentation to support internal controls certification, is the most critical part of SOX. While some may argue that the Act does not go far enough, it is surely a positive, aggressive start.
While this reemphasis may be good news for current and ongoing systems, the process of developing an audit awareness and the need for substantial controls can and should be established as software is being implemented. If you are the project manager or the project sponsor, possibly the company's CEO or CFO, it is in your best interest to create a financially healthy environment from the start of the implementation project. The expectation is that this good inbreeding will continue with the software into production and throughout its entire lifecycle. Considering the extensive scope of enterprise software such as enterprise resource planning (ERP), supply chain management (SCM), and warehouse management systems (WMS) software, the need for adequate and substantial controls is even more apparent.
This two-part article looks at four key segments of an enterprise software implementation, with timely emphasis on SOX, and suggests audit procedures, controls, and processes that should be typified, observed, tested, and reported upon. These segments include:
* Project Planning and Management
* Documentation and Reporting
* Software Piloting
* Data Conversion
Clearly, there may be others and, hopefully, this discussion can encourage or scare you into identifying these other areas that may be pertinent and cost-effective to your organization.
While this reemphasis may be good news for current and ongoing systems, the process of developing an audit awareness and the need for substantial controls can and should be established as software is being implemented. If you are the project manager or the project sponsor, possibly the company's CEO or CFO, it is in your best interest to create a financially healthy environment from the start of the implementation project. The expectation is that this good inbreeding will continue with the software into production and throughout its entire lifecycle. Considering the extensive scope of enterprise software such as enterprise resource planning (ERP), supply chain management (SCM), and warehouse management systems (WMS) software, the need for adequate and substantial controls is even more apparent.
This two-part article looks at four key segments of an enterprise software implementation, with timely emphasis on SOX, and suggests audit procedures, controls, and processes that should be typified, observed, tested, and reported upon. These segments include:
* Project Planning and Management
* Documentation and Reporting
* Software Piloting
* Data Conversion
Clearly, there may be others and, hopefully, this discussion can encourage or scare you into identifying these other areas that may be pertinent and cost-effective to your organization.
No comments:
Post a Comment