Sarbannes-Oxley Ideas and Suggestions

September 08, 2005

Sarbannes-Oxley Ideas and Suggestions

Two recent postings on Search CIO around work AMR did on Sarbannes-Oxley caught my eye today - SOX: Seven steps to CYA and SOX: New rules for year two. In these John Hagerty of AMR…

FICO by FICO
Customer Development

Two recent postings on Search CIO around work AMR did on Sarbannes-Oxley caught my eye today - SOX: Seven steps to CYA and SOX: New rules for year two. In these John Hagerty of AMR makes a couple of great points:

In addition to reducing employee time, automated testing of controls enables companies to stop bad things from happening as they occur, not after the fact. To do this, companies can embed testing of internal controls right into the business processes themselves...

Now this is a clear call to use business rules, at least to me. The advantage of automation is clear from the articles but what is the additional advantage of automating with a business rules management system?

  1. Business rules can be numerous, especially for larger more complex companies. Business rules management systems have the repository, reporting etc you need to MANAGE these rules, not just implement them. As John points out "SOX is a process, not a project" - you will have to evolve over time.
  2. This kind of compliance tends to be better understood by those executing the process not by those writing the software. Good business rules technology will let you expose the rules being enforced to those who understand them so that they can do ongoing maintenance and tuning, in response to the feedback they get from dashboards etc, rather than having to ask IT to do it.
  3. Using a business rules management system to implement some kind of compliance decisioning backbone puts companies in a position to implement other kinds of company-wide decisions consistently, something that will help them get more value over time from this investment.

John says that "By automating the testing of some of these internal controls, you will reduce the cost of compliance by upward of 25%, and we think that is actually pretty conservative." I would have to agree with him - these are the kinds of cost savings we have seen from using business rules in other circumstances.

So, treat SOX as a process and an opportunity and use business rules to automate it for lower costs, better results and more long term opportunities.

related posts

popular posts
What Is Authorised Push Payment Fraud?
popular posts
5 Keys to Using AI and Machine Learning in Fraud Detection
popular posts
What Is a Cybersecurity Posture?
popular posts
Average U.S. FICO Score Hits New High
popular posts
How to Build Credit Risk Models Using AI and Machine Learning

Good information and tips from @FICO's @LizFightsFraud in this @CNBCselect article by @awhite_credit on how to prot… https://t.co/4ZmlUvkh7N

38 minutes ago

@FICO's @Crossers_FICO discusses the 4-phase development methodology supports the entire lifecycle and helps promot… https://t.co/YDAlOZEkOW

8 hours ago

Don't miss FICO's virtual event: Building #Resiliency – Adapting to the Challenges of Today. Webinar series offers… https://t.co/U2415IrG5Z

12 hours ago