Leveraging Sarbanes-Oxley (SOX) to Build Better Practices



Similar documents
Investment Owner: Any idea of our exposure if we start this project?

Seven Reasons to Use PlanView for Timesheets

Comply, Improve, Transform: Regulatory Compliance Management for Software Development. Jim Duggan

engage. empower. evolve. SARBANES-OXLEY COMPLIANCE

project portfolio management Effectively plan, manage, and control projects and resources Planview Enterprise Planview Project Portfolio Management

How do you manage the growing complexity of software development? Is your software development organization as responsive to your business needs as

Transforming IT Project Portfolio Management Through Cloud Integration

agility made possible

Service Portfolio Management PinkVERIFY

Integration Time, expense, cost, billing and work process data collected and approved in Tenrox software can be exchanged with:

Compliance Management, made easy

ITIL V3 AND THE SERVICE LIFECYCLE PART I THE MISSING COMPONENT

How Technology Supports Project, Program and Portfolio Management

Key Benefits of Microsoft Visual Studio Team System

SOLUTION BRIEF CA SERVICE MANAGEMENT - SERVICE CATALOG. Can We Manage and Deliver the Services Needed Where, When and How Our Users Need Them?

PM Services. Portfolio Strategy, Design and Build

Outperform Financial Objectives and Enable Regulatory Compliance

10 Best-Selling Modules For Home Information Technology Professionals

AV-20 Best Practices for Effective Document and Knowledge Management

Measuring Sarbanes-Oxley Compliance Requirements

A discussion of information integration solutions November Deploying a Center of Excellence for data integration.

Cloud PPM for Project-centric Service Organizations

ENTERPRISE MANAGEMENT AND SUPPORT IN THE TELECOMMUNICATIONS INDUSTRY

Accolade. Decision Support for the Business of Product Development. Knowledge-Powered Solutions to Maximize Returns on Product Development Investments

Buried Beneath the AP Paper Crush?

Contracts Management Software as a Tool for SOX Compliance

COMPUWARE CHANGEPOINT

Software Asset Management on System z

LANDesk Service Desk. Outstanding IT Service Management Made Easy

Big Data Industry Approaches to Operational Excellence

CA HalvesThe Cost Of Testing IT Controls For Sarbanes-Oxley Compliance With Unified Processes.

ENTERPRISE MANAGEMENT AND SUPPORT IN THE INDUSTRIAL MACHINERY AND COMPONENTS INDUSTRY

How to Ensure IT Compliance Without Compromising Innovation. Nik Teshima, IBM Phil Odence, Black Duck

SOLUTION BRIEF: CA IT ASSET MANAGER. How can I reduce IT asset costs to address my organization s budget pressures?

What Should IS Majors Know About Regulatory Compliance?

Stakeholder management and. communication PROJECT ADVISORY. Leadership Series 3

InforCloudSuite. Business. Overview INFOR CLOUDSUITE BUSINESS 1

Project Management Office: Seeing the Whole Picture

Cisco Unified Communications and Collaboration technology is changing the way we go about the business of the University.

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into

IT Governance. Key Initiative Overview

8 Tips for Winning the IT Asset Management Challenge START

Implementing a Project Portfolio Management (PPM) Solution. Sean Hansen, PMP

Tagetik 4 Enabled By Microsoft SharePoint

Crossing the DevOps Chasm

Compliance with Sarbanes-Oxley and Enterprise Risk Management Creates Best Practices in Remittance Processing for Treasury and Cash Management

October 7, Presented to. The PMI Washington DC Chapter. Pedro Agosto. Director of Client Services, XA Systems, LLC.

The expression better, faster, cheaper THE BUSINESS CASE FOR PROJECT PORTFOLIO MANAGEMENT

Making Automated Accounts Payable a Reality

Making Compliance Work for You

The Recipe for Sarbanes-Oxley Compliance using Microsoft s SharePoint 2010 platform

Aligning IT to the Strategic Plan

HP Project and Portfolio Management: not just for IT. White paper

Cordys Business Operations Platform

ORACLE HYPERION PUBLIC SECTOR PLANNING AND BUDGETING

Data Governance: A Business Value-Driven Approach

Business Data Authority: A data organization for strategic advantage

BPM IN F&A THE DIGITAL CFO PARTNERING THE BUSINESS IN GROWTH. xchanging.com BUSINESS PROCESS MANAGEMENT 1

serena.com seven ways ppm will change your application development organization

Information Governance Workshop. David Zanotta, Ph.D. Vice President, Global Data Management & Governance - PMO

Sarbanes-Oxley Compliance for Cloud Applications

Ellipse The Enterprise Asset Management (EAM) solution for asset intensive industries

CA Service Accounting

How Perforce Can Help with Sarbanes-Oxley Compliance

5 Steps to Choosing the Right BPM Suite

Lowering business costs: Mitigating risk in the software delivery lifecycle

Product Lifecycle Management in the Medical Device Industry. An Oracle White Paper Updated January 2008

building a business case for governance, risk and compliance

Process Assessment and Improvement Approach

Making Automated Accounts Payable a Reality

REVOLUTIONIZE YOUR BACK OFFICE DEPARTMENTS NEXT»

Customer success story: Clal Group Ltd

ElegantJ BI. White Paper. Operational Business Intelligence (BI)

Best practices in project and portfolio management

Mastering Complex Change and Risk through Smarter Engineering Collaboration

Telecommunications Is Strategic: Executive Sponsors Secure Competitive Advantage for Enterprises

Project, Program & Portfolio Management Help Leading Firms Deliver Value

A TECHNICAL WHITE PAPER ATTUNITY VISIBILITY

SAP ERP FINANCIALS ENABLING FINANCIAL EXCELLENCE. SAP Solution Overview SAP Business Suite

ORACLE PROJECT MANAGEMENT

Practical Approaches to Achieving Sustainable IT Governance

Current Challenges in Managing Contract Lifecycle Management

Solve Your IT Project Funding Challenges

Prioritizing Regulatory Compliance in the Financial Services Industry

Resource Management. Resource Management

How To Improve Your Business

Webinar A Strategic Approach to Resource Management

Sarbanes-Oxley: Beyond. Using compliance requirements to boost business performance. An RIS White Paper Sponsored by:

INTRODUCING TALEO 10. Solutions Built for the Talent Age. Powering the New Age of Talent

10 Things IT Should be Doing (But Isn t)

Visual Enterprise Architecture

5 Things You re Missing

Realizing business flexibility through integrated SOA policy management.

INNOTAS EBOOK The Transformational CIO

Soaring Workforce Management Costs

NASCIO Recognition Award Nomination IT Project and Portfolio Management

IMPROVING RISK VISIBILITY AND SECURITY POSTURE WITH IDENTITY INTELLIGENCE

Based on 2008 Survey of 255 Non-IT CEOs/Executives

Global Delivery Excellence Best Practices for Improving Software Process and Tools Adoption. Sunil Shah Technical Lead IBM Rational

Bringing agility to Business Intelligence Metadata as key to Agile Data Warehousing. 1 P a g e.

Transcription:

Leveraging Sarbanes-Oxley (SOX) to Build Better Practices Powering Strategies and Managing Risks Using SOX compliance to build disciplined, repeatable, and auditable practices. Running a successful business just got a lot more complicated for many publicly traded and GAAP-compliant organizations. Fraud and mismanagement by executives of highly visible public companies such as Enron, Tyco, WorldCom, Global Crossing and others have created an atmosphere of executive mistrust. At the same time, many Internet Companies had spectacular failures that drove the technology stock market into a tail spin. As a response, the Sarbanes-Oxley (SOX) Reform Act, passed into federal law in 2002, has created new federal requirements for the way publicly-held companies report their finances. It has also made non-compliance into a personal risk for the CXOs and the executives of the organization, who face fines and jail time. (See page 2) PlanView Portfolio Management which includes governance processes, workflow, financial tracking, and auditable decision trails is becoming a key tool to manage risks and regulatory compliance for SOX and other requirements. The only way for executives to mitigate Some SOX Imperatives An audit trail of decisions Faster financial reporting Attesting to internal control structures Improved project success rate A portal to track the SOX compliance project itself What PlanView Portfolio Management Offers PlanView uses a stage/gate technique to track and manage new opportunities from the investment analysis stage, to the project/program stage, and on to the stage where the deliverables are deployed as assets. At each decision gate, PlanView records an audit trail showing: date, decision, ID of decision-maker, notes, as well as the previous and the following decisions. PlanView speeds and supports investment and portfolio decisions with PlanView PRISMS for IT Governance. PRISMS are real-time processes deployed within PlanView software. PlanView tracks labor and costs on projects and other work down to the task level, if required. Tracking at the phase level supports capitalization reports as required by GAAP SOP 98-1. Create simple reports in PlanView or export to almost any ERP, financial software, HR, etc. PlanView s integrated time and expense tracking have been shown to reduce time for chargeback reports and billing by an average of 4.0 weeks (Aberdeen PSA User Survey, 2001) PlanView delivers software and processes for enterprise portfolio management, including control structures such as lifecycle roles, workflow automation, collaborative portals, content templates and more. Process architects at customer sites tailor new processes and templates as needed. Using PlanView s investment analysis helps organizations align new work with business strategies. Formal work initiation processes ensure that only the right work gets started. PlanView manages changes and issues with formal risk escalation and management; also auditable and also integrated with portfolio management. Less risk = more project success. PlanView not only supports SOX compliance, it s becoming a key solution for managing the SOX compliance project. All managers, team members, and associates access real-time status via a PlanView portal. PlanView helps you optimize the performance of your organization and maximize productivity from your resources. www.planview.com PlanView Web Software is the world leader in web-based, integrated portfolio, project and resource management tools and processes. Headquarters are in Austin, Texas USA (tel 512 346-8600), with offices across the USA, in the UK and Ireland (Tel +44 118 903 6166), Italy (Tel +39 06 4227-2292), France (Tel +33 141 22 1380), Benelux (Tel +31 20 65 41 700), and the rest of Europe (Tel +49 721 9597-0).

SOX in a Nutshell: Personal Liability, the Audit Trail & Fast, Fast, Fast The Sarbanes-Oxley (SOX) package of reforms signed into law 2002 through 2003 defines personal liabilities for the CEO and CFO and requires a digital audit trail of financial decisions. The act which affects all publicly traded companies with a market capitalization of over $75-million (under $75M get an extra year) includes the following: Quarterly reporting must be done in 35 days compared to the previous 45 days. Annual reporting must be done in 60 days compared to the previous 90 days. Significant events must be reported in plain English and within 2 days compared to the previous 5 to 15 days. The CEO and CFO are required to verify the effectiveness of the financial controls they use to keep auditors up to date. The impact of not complying: personal fines of up to $1 million and up to 10 years in prison, or both. If a CEO or CFO is found to be willfully misleading, the fine goes to $5 million and up to 20 years in prison or both. Other parts of the act address the liabilities of accounting firms. Achieving the agile or real-time enterprise has been a key business strategy for the past several years because it can lead to higher revenues and market share. Now it s seen as a way to fight risk. Executives have developed a keen focus on business risks because they are being held personally responsible by the government, stockholders and employees for the results of their business decisions. The only way for executive to mitigate their risks is to use IT to power business processes that operate in near real-time, that are repeatable and auditable. Sarbanes-Oxley is providing the impetus for a series of compliance issues related to IT. CEOs and CFOs are now required to attest that annual and quarterly financial reports contain no material errors or omissions. With their own necks suddenly on the line, these executives are scrambling to make sure their systems are more timely and accurate. Short of giving a blank cheque to IT, CEOs should be more willing to sign off costly overhauls of their existing financial reporting, budgeting, and supporting business intelligence systems. Computer Business Review, May 2003 their risks is to empower business processes that operate in near real-time, that are repeatable and auditable. IT is the engine that drives business processes, so the IT group has now been made even more critical to the well-being of the CXO. While at the same time, the CIO is getting more visibility at the board level and must justify and support his or her technology decisions in business terms. PlanView would like to offer some thoughts on how to go beyond mere SOX compliance. The idea behind the SOX reforms is to establish a broad, digital paper trail to prove the corporate financial reports are open and honest. Yet SOX is the tip of a much broader effort to use IT to improve business processes. In one 2003 study by the Meta Group, 65% of the respondents are seeking to use SOX to achieve process enhancements to improve efficiency and competitive advantage. Only 20% were focused merely on compliance. As PlanView customers are doing, implementing governance processes, work initiation processes, investment analysis, and just-in-time mentoring can help your organization elevate your business processes to a competitive advantage. The CIO Impact: Technology + Business Issues IT expenditures can no longer be justified on their technical merit alone; they have to be justified in clear business terms. IT expenditures are now as intensely scrutinized as any other expense, and a backlash is partly to blame. Many senior executives who authorized large IT capital expenditures in the boom years now have the impression that IT organizations are wasteful, willful and need to be controlled. This has driven the CIO to look for greater understanding of business strategies and strategic alignment. In some cases the CIO is evolving into the owner of the organization s strategic processes. Titles like CIO and VP of Strategy are growing common in companies where IT acts as the engine of corporate growth. The result? IT governance processes are becoming essential not only to the advancement of the CIO, but to the survival of the corporation. www.planview.com Sarbanes-Oxley Paper p. 2

PlanView uses a stage/gate structure for workflow and internal control of projects Distribute Decisions Through Governance IT Governance is defined as repeatable, disciplined and auditable methods of decision-making, communicating, performing and delivering real benefits to the organization. It integrates strategic decision-making with the work and resource management in a consistent, auditable workflow to give a comprehensive picture to everyone with a vested interest in the process. Some of the key components of IT Governance are: Apply a work initiation process to focus resources on the right work. Clarify investment decisions by analyzing risks and dependencies before funding and then clearly communicate the results. Measure portfolios of work and resources to make early decisions about their performance to eliminate non-productive work and realign resources. Plan to the capacity of the organizational resources to align the workforce with the pipeline of projects, service requests and on-going work. Execute all work to a high standard of quality and eliminate surprises by collaborating across the enterprise during execution and managing changes and risks. Assure the work really delivers the promised benefits to the organization and capture knowledge about best practices and resource performance. Converging Trends Improving corporate processes will reduce risk, and meet the real business needs of saving costs and improving productivity, while also supporting the internal control structures required by SOX regulations. Some organizations look at regulatory requirements and believe they can be satisfied just by giving executives more information. They are missing the point, or are at least far behind the power curve. Compliance comes from management decisions being made based on disciplined, repeatable and auditable processes. IT governance is how technology becomes the pedal that accelerates business strategies. Managing business strategies & risks and IT governance are on converging paths. IT is the only way to meet the speed, accuracy, repeatability and auditability that are required in business processes. IT is the engine of corporate processes. PlanView Portfolio Management Our solution provides a set of IT governance processes that nest within internal control processes of the whole organization. PlanView s IT Governance includes initializing, scoping, ranking, prioritizing, resource planning and monitoring of projects, service work, and standard activities through portfolios. Our portfolio management software uses a web-based application infrastructure which Continued on page 6 p.3 www.planview.com

PlanView portfolio management includes time-phased cost & benefit forecasting & tracking, lifecycle workflow with role assignments, full-featured document management, investment analysis and more. www.planview.com Sarbanes-Oxley Paper p. 4

PlanView s Audit Trails Incorporate Organizational Roles Role Description Governance Board (GB) Project Management Office (PMO) Investment Owner (IO) Customer (Customer) Executive Sponsor (ES) Project Manager (PM) Resource Manager (RM) Project Team (PT) Financial Manager (FM) Business Analyst (BA) Executive management sets the governance process, which varies by the investment type, size of investment and other key factors. PlanView s default set-up includes three governance boards depending on the investment classification Local, Group and Strategic since strategies are different for each one. The Project Management Office (PMO) is responsible for setting and encouraging standards and acting as an agent for the governance board for lifecycle steps before the project manager is assigned. The investment owner decides which investments to fund and is responsible for tracking performance and adjusting the portfolio of investments based on changes in strategy, performance, market conditions, etc. The customer initializes the investment request and is responsible for defining basic request information. Customers can be internal LOBs or external. The executive sponsor reviews the goals of the project and is the authority for scope changes, risk planning and changes to the deliverables. The project manager is responsible for the planning and execution of the project. The resource manager is responsible for supplying skilled resources to meet work requirements. The project team includes all lifecycle roles associated with the project. The financial manager is responsible for confirming the funding for projects is within organizational guidelines and is properly identified in the organization s accounts. The business analyst is responsible for reviewing the project definition and completing the appropriate documents to guide the governance board on the project scope. p.5 www.planview.com

has core functionality for work initiation, workflow, content management, collaboration, configurable portals and business intelligence to deliver a broad range of functionality including: project management, service management, resource management, time & expense tracking, strategic management, investment analysis, performance tracking and financial forecasting. PlanView s PRISMS for IT are governance processes that include workflows, best practices, collaboration, content documents, manager tools and more. You can implement the processes, modify them to your unique needs or automate your own methods with the PlanView process architecture tools. The processes are a part of software and services that automates the delivery of mature, proven solutions. Giga Group reports in 2003 estimated that a 20% process improvement can reap productivity improvements of up to 80%. PlanView offers tools and pre-built processes to improve your own business processes by making them consistent, repeatable, disciplined and auditable. You reduce executive liability to stockholder or regulatory reviews and improve organizational performance. Create Real Value With PlanView A large cross-section of the organization will typically be involved in SOX compliance. PlanView helps you speed your decision cycle with access to repeatable methods, real-time metrics and information at the level of detail each user wants and needs. The results: Costs are controlled Redundant work is identified and eliminated Dependencies are clarified and managed Risks are recognized and mitigated Staff is focused on the right work PlanView Portfolio Management Software integrates a set of governance processes into a single application infrastructure to provide strategic management, project & service management and resource management. Through the PlanView solution, individual Manage SOX compliance in its own project portal in PlanView. projects, service requests and on-going work are managed in context of the overall organizational strategies. Resource demands can be forecasted and capacities evaluated for staff, capital and other resources. Projects and service are linked into portfolios to evaluate their larger impact on strategies for programs, products, initiatives and more. Investment decisions are based on concise, repeatable models to focus resources on the right work. Resource overloads and under-utilization are addressed with real-time information to optimize resource usage. Your governance processes are encouraged and monitored by PlanView software. Time and expenses are managed and tracked down to the task level for reporting and chargeback. Documents, tools, notifications and information are delivered to the appropriate person at the appropriate time through workflow. Real-time performance information is shared across the organization. For more information, additional PlanView Position Papers, or to see a demo, please contact us at www.planview.com. www.planview.com In the U.S. Tel: 512.346.8600 p.6 Copyright 2003 PlanView, Inc. All rights reserved. Level I document. Version 2003-September-18. PlanView is a registered trademark of PlanView, Inc. PRISMS, Scoreboard and HomeView are trademarks of PlanView Inc. All other trademarks are acknowledged. PlanView may vary the specifications and availability of these products and services without notice.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information