SYSPRO and Sarbanes-Oxley Compliance

Posted in: Blog- Jul 25, 2012 No Comments

The Sarbanes-Oxley Act was a necessary piece of legislation to protect investors and increase investor confidence in American companies. It was established in the wake of corporate scandals such as Enron and WorldCom. The Act tries to instill in companies the concept of good corporate governance. Sarbanes-Oxley affects all American listed companies, their divisions, and wholly owned subsidiaries as well as non-US public multi-national companies doing business in the US.

And what, you may wonder, does Sarbanes-Oxley have to do with ERP?

While ERP software cannot be classed as Sarbanes-Oxley compliant per se, it can assist a company in its endeavors to become and remain compliant. The main areas where ERP software packages can be of use to companies in becoming Sarbanes-Oxley compliant are by assisting with Segregation of Duties, ensuring Integrity of Operations and Auditability.

In short, there are five common IT control weaknesses, re: Sarbanes-Oxley. They are:

  • Improper account provisioning with segregation of duties
  • Insufficient controls for change management
  • A general lack of understanding around key system configurations
  • Audit logs not being reviewed (or that review itself not being logged)
  • Abnormal transactions not identified in a timely manner

SYSPRO has an excellent white paper detailing how it can help alleviate these five weaknesses. If you are having challenges remaining Sarbanes-Oxley compliant, email me for a copy of this document. Or, feel free to call me at 212.595.1044, ext. 106 and we can discuss your Sarbanes-Oxley challenges.

No Responses to “SYSPRO and Sarbanes-Oxley Compliance”

Leave a Reply