The Impact of SOX

The Sarbanes Oxley Act of 2002, commonly called SOX, was passed to provide protection to stockholders who had lost confidence in accounting and auditing information provided by public corporations. SOX has had an impact on management policy regarding Information technology procedures, as penalties for non-compliance are quite severe. Many organizations were forced to take a long hard look at their PC Software Inventory to insure SOX compliance. Systems Management software is needed to insure that all data being received and processed from remote stations on LAN and used on financial statements subject to audit were processed and recorded in a manner to facilitate audit. It was essential that the system being “audit ready” at all times.

There are a number of systems within the overall active directory of an organization that are not related to financial reporting. Most Group Policy Software, for example, does not directly feed data to financial reports. However, it is important that the entire system is structured so that License compliance is assured. Even software related to Remote restart / shutdown and active directory security need to be in harmony with the overall goal of accuracy and ease of access for the purposes of audit and control.

Asset tracking and Software asset management software, as well as Software Deployment are much more directly involved. Yet regardless of the specific software, the overall problem faced by the organization remains the same. Software must have integrated functionality to insure that costly auditing and reporting errors do not occur.

Since the passage of SOX, many companies with smaller net worth had themselves de-listed from the Stock Exchange rather than risk non-compliance or to avoid the high cost involved in implementation of changes in their Active directory maintenance. Other companies have gone to the other extreme and have incurred unnecessary expense in their efforts to bring their audit procedures into compliance. The Sarbanes Oxley act has changed the landscape of financial reporting.

Companies with active directory Windows based systems need to address these changes with a comprehensive approach to all aspects of their data processing systems. This is an information age. It has brought tremendous changes to the Accounting world along with almost every other element of our society. The advantages have brought with them a new sense of responsibility. In the past, questionable accounting practices and even illegal activities were the fault of individuals and those individuals could be isolated and given the responsibility. Today, it is the entire organization, tied together with local area networks, that would be to blame, and the recent fall of some large entities have shown the horrible consequences that can befall when fraud is discovered.