Understanding, experience and technology for success
In the past, internal control was perceived as an arena reserved for accountants and controllers. Today chief executives and audit committees are required to confirm that an appropriate control environment exists and are charged with remaining in control of that environment. Much of the internal control focus today is on one aspect - internal controls over financial reporting for Sarbanes-Oxley 404.
Most companies have hired external consultants and allocated internal resources to document, test and upgrade internal controls to get a passing grade on their SOx compliance. However, without a cultural change and appropriate investments in technology that automates the documentation, assessment, remediation and change control process, an organization would need to allocate the same amount of resources year after year to be compliant with SOx 404. Organizations need to make the focus on internal controls, a part of their organizational DNA, if they want to reduce their cost of compliance.
Here is a checklist to ensure that internal controls are a key part of an organization's DNA: