As we approach the fifth anniversary of the passage of the Sarbanes-Oxley (SOx) act, businesses continue to struggle with the implications of vouching for both the integrity of reported financial data and the information systems that generate that data. After paying enormous fees to accountants and consultants to perform complex SOx-related audits, the truth is that most businesses – perhaps 90% – are still incapable of applying and enforcing critical record management policies relating to data storage, such as identifying information assets and liabilities, structuring individual data items into meaningful business records for both archiving and deletion purposes, and assuring business continuance. The challenge stems from the fact that record management practices require a join on multiple business functions, including IT (storage administration and application management), business administration (clerical work related to operations), and legal (translating legal vulnerabilities into flow-of-data practices). Without direct CEO participation, an effective organizational response to these issues will not be possible.
Action Item: CEOs must catalyze and shepherd the organizational interplay required to forge an effective records management capability in businesses. Only then can the appropriate records management mission and system of authorities emerge to fully satisfy the business objectives and goals born from SOx.
To comment on this Professional Alert, please follow these simple instructions.
- Login before editing or commenting on this page.
- Comment on this article. You also can click the "+" tab above.
- Please sign your comments by typing "~~~" at the end of your comment.
Community Comments