Clause 49 Compliance

Most organizations have implemented paper and Excel-based processes to document and test internal controls over financial reporting to comply with SEBI Clause 49 and Section 404 of the US Sarbanes- Oxley Act (SOx-404). Hence a large amount of time and effort is consumed in scheduling tests, manually testing the internal controls, identifying and tracking remediation, compiling and cataloging evidence, implementing change control, and managing the entire process. In addition, most organizations lack a systematic and comprehensive approach to assessing IT controls that impact financial transactions. Testing of IT controls is often not integrated into the overall risk and compliance management program.

Companies are realizing that such an approach is excessively resource intensive and significantly increases the cost of compliance. In addition, it increases the risk of noncompliance, where penalties can be severe. In order to sustain compliance at lower costs, many companies have tried generic electronic document management systems and desktop tools. However such technologies lack the specialized capability needed to manage the risk and compliance process. By integrating the design and testing of internal controls over financial and IT processes, automating the testing of certain financial and IT controls, and providing a mechanism to increase visibility and control over the entire compliance process, companies can lower their compliance costs, reduce their noncompliance risk and free-up their personnel to focus on activities that deliver real benefit to the bottom line.