Tools for Sarbanes Oxley Compliance


The Sarbanes Oxley Act of 2002 (SOX) has put in place some of the toughest corporate governance standards in the world. In connection with the ongoing implementation of such legislation into account, the need for software solutions to help organizations manage the challenges associated with Sarbanes Oxley compliance is tremendous. There are a number of points to consider when seeking out Sarbanes Oxley software.

good Sarbanes Oxley software solution should provide an integrated platform with specific modules designed to meet all of your SOX 302 and 404 needs. Integration points for document management, oversight, business intelligence and internal auditing are key. Adopting an integrated architecture reduces the time and effort involved in gathering and reporting on Sarbanes Oxley compliance, risk management, and other data on corporate governance.

Such a tool should also help organizations meet additional governance responsibilities as set out in the Coso ERM framework and to Basel II requirements. It should identify problems, monitor process performance, assign responsibilities and prioritize action items. It goes without saying that an ideal Sarbanes Oxley software solution should be able to adapt to meet the unique needs of the enterprise

Case Study :. Corporation McDonald

New requirements for internal control and risk management activities require the development of powerful solutions to address the specific needs of Sarbanes Oxley as well as broader governance requirements. This is true as much for mid-market organizations as it is for multinational companies.

For example, McDonald’s Corporation, the fast-food giant, has been in business for 50 years and is worth a reported $ 19 billion. With more than 32,000 locations in 120 countries around the world, McDonald’s is perhaps the most visible corporate brand. The company owns nearly 30 percent of its locations directly, and employs over 435,000 people.

As early as 2003, long before the final regulations enforcing the Sarbanes Oxley Act were written, McDonald’s executives knew they faced a tremendous challenge in accordance with sections 302 and 404 of the Act. Auditors and managing executives would be busy enough just working with local business units to ensure that deadlines were met and correct data gathered. The company needed a proven platform to serve as a framework and repository for that crucial compliance.

McDonalds knew it would use industry leading, risk-based framework based on standards from the Committee of sponsoring Organizations (Coso), where coso framework was already well known and had the support of important regulatory boards such as public company accounting oversight Board (PCAOB ). The solution must be able to be easily bolted on McDonald systems and allow SOX project managers to work immediately.

Paisley Consulting, a recognized global leader in corporate governance, enterprise risk management and audit management, offered a proven solution that McDonald was looking for. Risk Navigator® would let Global Sarbanes Oxley team McDonald load standard controls in the tool, and then coordinate a global compliance effort where the core team could direct specific business units to focus on monitoring during limited hours.

The Risk Navigator solution was initially established at the beginning of autumn 2003 will start with a pilot project in the UK. Excel spreadsheets were used to load the global standard coso framework into Risk Navigator for each market. Managers then used the framework to do their documentation and testing. When the pilot proved successful, McDonald’s brought Risk Navigator in North American and European operations. Asia who were brought into the system in 2005 and is expected McDonald’s to include Latin American locations in late 2006.

With the global SOX team collaborating with local teams in an ongoing, sustainable efforts is planned managers McDonalds hundreds use Risk Navigator Today in some capacity. Risk Navigator cleared the way for one of the most prominent and geographically diverse business world to meet complex rules recommend the stipulated time and their power to build a global storage best practices for financial institutions.


monitor complex rules, such as the Sarbanes Oxley Act and maintain compliance activities with constrained time and resources is a daunting task for even the most prominent companies. If you are looking for a more efficient alternative to first-generation Sarbanes Oxley compliance software, spreadsheets and other manual approaches to Sarbanes Oxley, Paisley Consulting can help.


Leave a Reply

Your email address will not be published. Required fields are marked *