Title: Executive Briefs: May 2004

By CIOinsight  |  Posted 05-01-2004

Due Diligence: SOX in a Box
By Eric Nee

Surprise! Software companies are trying to market Sarbanes-Oxley to their own benefit. Of course, it's not the first time vendors have tried to profit from the trials and tribulations of corporate IT departments, notes columnist Eric Nee. As in the past, CIOs should look before they leap into these supposed ready-made answers to all their problems. The primary challenge at most companies is to make sure financial processes can be documented and audited, and that's not something that can easily be put in a box.

Organizational Behavior: Nasty People
By Robert I. Sutton

Managers who belittle and oppress one victim after another shouldn't be hired. And if people turn mean on the job, and won't change, they ought to be fired. When management expert and CIO Insight columnist Robert I. Sutton recently published these sentiments in the Harvard Business Review, he received hundreds of e-mails asking what exactly could be done. His advice: Avoid hiring jerks in the first place, and stop abusive employees in their tracks as soon as they reveal their true colors.

Perspectives: Early Adopters
With Debra D'Agostino

In this series of four interviews, executives who've led compliance efforts at their companies share hard-won advice on what they've learned from their strategies so far. Highlights include the use of self-assessment spreadsheets, creating a centralized IT organization that better supports your business, avoiding panic (and the hijacking of budgets for other agendas), and the need for constant and clear communication throughout the company.

Analysis: High-Speed Compliance
By Jeffrey Rothfeder

Every company's experience with Sarbanes-Oxley compliance—and the technology used to meet the legislation's demands—will differ. Yet a picture is emerging of what the Sarbanes-compliant company will look like and how its technology, operations, networks and databases will be affected by the legislation. Contributing Editor Jeffrey Rothfeder analyzes the current state of systems devoted to analysis and documentation of financial controls, business performance management and e-mail management, and looks forward to a day when the compliance process—for a whole range of regulations—can be systematized and automated.

Expert Voices: The Letter and the Spirit
With Elizabeth Wasserman

How will the Securities and Exchange Commission police the Sarbanes-Oxley Act? Who will be the enforcers? We posed these questions to two experts: Laura Unger, a former SEC commissioner; and Scott Green, head of audit and compliance at law firm Weil, Gotshal & Manges LLP. The consensus: While the actual rules and standards remain vague, the SEC's goal is to create in companies a "culture of compliance" that will extend to the outside auditors and ultimately to the filings.

Whiteboard: The Sarbox Effect: Driving Shareholder Value
By Lee Dittmar and Kyle Cheney

Compliance with the Sarbanes-Oxley Act of 2002 isn't just a legal requirement; it's an opportunity to increase shareholder value. In this whiteboard, two members of Deloitte Consulting LLP's Sarbanes-Oxley practice, Lee Dittmar, its lead consulting partner, and Kyle Cheney, a senior manager, make the connection between Sarbox compliance and the four ways companies can create value: growing revenues, increasing margins, maximizing return on assets and good governance.

Strategic Technology: Document Management
By Debra D'Agostino

With analysts calling document management one of the cornerstones of Sarbanes-Oxley compliance (the other is business process management), hardware and software vendors are rushing to cash in on the big tech issue of the moment. Before you implement a document management system of your own, plan for how it can benefit your business above and beyond regulatory compliance—as it has several of the firms CIO Insight reporter Debra D'Agostino spoke to for her column.

Research: Sarbanes-Oxley
By the editors of CIO Insight and the analysts at Gartner EXP

Large companies are more optimistic about meeting compliance deadlines and the adequacy of their Sarbox budget than their smaller brethren, according to this month's joint survey by CIO Insight and Gartner EXP. Of 198 IT executives at companies that must comply with the Sarbanes-Oxley Act, those at midsize and large companies are most likely to expect to see business benefits through their compliance work. But this optimism may be unrealistic, say Gartner EXP vice presidents Richard Hunter and Marcus Blosch: CIOs may have underestimated the effort required to gain business value from compliance.