Lord & Benoit, a leading Sarbanes-Oxley research and consulting firm, is applauding the efficiencies and affordability of this week’s PCAOB and SEC actions requiring smaller public companies to comply with Sarbanes-Oxley this year. To help CFOs to navigate wisely through the process, Lord & Benoit just published a study, 10 Threats to SOX Compliance for Smaller Public Companies.
In summarizing the results, Lord & Benoit suggests this list should be used by CFOs as a starting point for a macro-level risk assessment at smaller public companies. Identifying potential concerns, developing action plans to remediate these risks, and taking quick action can minimize the likelihood of an adverse Section 404 report at the end of the first year of compliance.
{ 2 comments… read them below or add one }
I feel that big and small companies should try to spend some resources on adhering to standards like SOX to avoid any security breach and should need to conduct annual risk assessment. A crosswalk poster between different regulations is a very useful tool for IT & compliance team member, specially when it is available at no cost. This poster is crosswalk between: Sarbanes Oxley (SOX), ISO 17799, COBIT 4.0, HIPAA, Payment Card Industry (PCI), GLBA, NERC standards CIP and PIPEDA (Canada) http://www.compliancehome.com/symantec/
Contingency plan templates created by http://www.training-hipaa.net can jump start HIPAA, Sarbanes Oxley (SOX), FISMA, ISO 17799 and many other regulations/standards contingency plan project which includes risk assessment, business impact analysis (BIA), business continuity plan (BCP), disaster recovery program (DRP), emergency mode operation plan (EMOP), data backup plan, testing and revision procedures and many other projects. These templates can also be used by IT departments of different companies, security consulting companies, manufacturing company, servicing companies, financial institutions, educational organizations, law firms, pharmaceuticals & biotechnology companies, telecommunication companies and others. Any organization large or small can be use these templates
http://www.training-hipaa.net/template_suite/enterprise_contingency_plan_template_suite.htm