Talk:Sarbanes-Oxley Act

From Wikipedia, the free encyclopedia

You have new messages (last change).

Should there be material on technical implementation - audits trails etc? Particularly implementation of IV--ENHANCED FINANCIAL DISCLOSURES Sec. 404. Management assessment of internal controls.

( Please sign so we know who you are -- N3X15 ( Scream · Contribs) 20:12, 29 April 2006 (UTC) )

Contents

[edit] Another Business Trend Bandwagon?

SOX often reminds me of the ridiculous amount of money which companies threw at the Y2K bug. It seems like just another excuse for IT and accounting vendors to sell extra services of questionable worth. Every couple of years business latches onto another silly craze such as ISO-9001 compliance, Six Sigma, Y2K compliance, and now SOX compliance. Can someone find some sources for this type of criticism? —The preceding unsigned comment was added by 212.25.75.66 (talk) 11:17, 6 December 2006 (UTC).

Um, no - it's a requirement of American Federal law for publicly traded companies. It would be a trend if it was optional - people face severe legal penalties if they don't comply! 65.95.109.97 06:04, 8 December 2006 (UTC)


[edit] Wikify please

The article is quite incomprehensible as it lacks vital inter-linkage. What are: trades, insiders, blackout periods, COSO? Also other things could be wikified, such as: actuarial services, audit, personal loan, risk assesment. I'm unable to do it as I have no economics background. Also please considers non-American reader that is confused terms common for Americans. -- Forseti 16:01, 3 Dec 2004 (UTC)

Many of these terms have to do with investing on the stock market, but for the IT person who needs to know our responsibilities under the landscape of shifting legislation, to the point that sometimes we feel like we are walking on quicksand, here is a quick overview of the alphabet soup of relevant legislation in the USA. No list can be complete with the speed at which new cyberlaws being passed by the federal government, all 50 states, and local governments. User:AlMac|(talk) 06:10, 5 January 2006 (UTC)

Also SOX Implementation, which is a big issue for IT people seems to fall outside the scope of this article making it much weaker and less useful. --Daedelus 22:22, 16 Dec 2004 (UTC)

SOX is a huge topic for accountants and corporate executives, irrespective of the SOX implementation challenge, which turns a lot of IT traditions on their head. User:AlMac|(talk) 06:06, 5 January 2006 (UTC)

[edit] Smaller Companies

Hi, this is my first time doing an edit, so please bear with me. I may not be doing this in the right location. But under the http://en.wikipedia.org/wiki/Sarbanes-Oxley_Act entry, if you scroll down to debate, there something that looks suspicious. It says " Smaller companies may be affected by Sarbanes-Oxley if trading with a large company subject to it. In addition to this a large number of them are requiring their smaller suppliers to register with the ISN. "

The problem is, I have never heard of the "ISN" and I did a search on it, and could find only one other entry, also there are no entries located in google anywhere else, plus the webpage goes to some other website, plus it looks like a two year old made the "ISN" webpage on his daddys computer. What I am wondering, is, is it possible that whatever the heck the ISN is, is just a way to get people to "register" and pay a $100+ fee, for nothing. I don't want to get sued so, I won't call it a scam---I have no idea, but shouldn't someone look into this? I'm not even sure how to go about handling it, because they will just come back and add it again. Also, it could be dangerous to give private company information to an unknown website. Could someone please tell me what to do or look into it themselves? Thanks!!!!!!!!!!!!!!!!!!

I am an IT person working at a smaller company that is privately owned, and thus not directly subject to SOX. However, many of our customers are directly covered, our largest vendors are, we have loans from banks under SOX, and tighter regulations. We have international trade. Thus we do business with many enterprises under SOX. They are much more interested in our ISO status, and whether we are ROHS compliant. I never heard of ISN either. There are a ton of companies out there trying to sell services and products to make a company SOX-compliant. This is buyer beware. If you buy one of these solutions, and it not work, it is your corporate executives who go to jail, not the outfit that said their solution would do the job. User:AlMac|(talk) 06:05, 5 January 2006 (UTC)

[edit] Related Articles Needed

I Wikified a bit, and while doing so, could not find any articles on

  • accounting internal controls
  • accounting oversight board which was an important part of large corporations, long before SOX
  • business practices
  • exchange act ... see internal controls
  • governance institute ...see IT + SOX 404
  • financial disclosure which was critical to stock market investment, long before SOX
  • financial report, a concept which has existed in capitalism for at least 100 years, probably much longer.
  • Harris Interactive ... see legislative history
  • material information, an accounting concept that I first encountered many decades ago.
  • operating costs which have applicability in business, far beyond SOX, and also over the life of personal property such as automobiles and personal computers.

There may be other articles with similar meaning that can be linked, in place of the more correct SOX language, such as

Perhaps there should be a separate main article on SOX implementation, that focuses on what IT people need to know about this. User:AlMac|(talk) 05:08, 1 February 2006 (UTC) OOps, while I was Wikifying, I found someone had already added Information technology controls. User:AlMac|(talk) 06:26, 1 February 2006 (UTC)

Thanks to some folks for resolving some of the above linkage needs, which will help us continue to improve this article. User:AlMac|(talk) 19:02, 2 February 2006 (UTC)

[edit] This article is a bit of a mess

I'm British, so feel free to tell me I don't know what I'm talking about, but this article seems to be a bit muddled in places. The following bits give me the most concern:

  • The introduction paragraph highlights different features to the 'key provisions' section. And I think we're clever enough to determine our own highlights, without KPMG's help.
  • The article is sloppy in how it refers to the Act's provisions. Almost all of the provisions were orders for different federal agencies to take action. So, for example, S302 did not require CEO/CFO to certify internal controls - it required the SEC to introduce rules within 30 days. This may seem like splitting hairs, but it's very important. The implementation of various sections wasn't without controversy - for example nothing in S404(b) gave any indication of the level of work that was going to be required.
  • I'd suggest that, in light of the difficulty of the topic, we hive out the more difficult sections to their own articles. For example separate articles on S404, maybe S302/906, etc.
  • The overview of PCAOB Auditing Standard 2 does not really belong here - but would be relevant in a S404 page.
  • The IT stuff, while interesting in itself, is not really relevant. SOX is first and foremost an accountants' problem, not an IT problem

I'm happy to help with a redraft, if others agree. Nairobiny 11:45, 10 March 2006 (UTC)

If you'd like to see an excellent White Paper on all aspects of Sarbanes, visit this: http://www.sarbanesoxleywhitepaper.com

I am an accounting major in college and am doing a research project about SOX. After reading up on it and viewing the actual act, it seems that SOX is not first and formost an accountants' problem. There are more sections in SOX about corporate accountability than any other topic.

And also, why is there a whole part of the SOX article devoted to SOX 404. There are several sections of equal importance. Will this article eventually become full of explanations of individual sections, or would it be better dedicate a whole other article to a section (or topic that has to do with a section).

[edit] IT absolutely relevant

The IT stuff, while interesting in itself, is not really relevant. SOX is first and foremost an accountants' problem, not an IT problem

AS2 specifically refers to IT controls, it's relevant.

I have to disagree with this statement.

  1. . SOX is Accounting
  2. . Accounting implementation is IT

I work in IT. I have been to seminars where IT people from other companies, have described what they had to do to achieve SOX compliance. It is a MAJOR BIG DEAL. User:AlMac|(talk) 06:46, 9 May 2006 (UTC)


I second that.. SOX is massive in corperate programming and IT. The sick/sad part is that in many companies, experience or a background in SOX is now required to as a preresiqute to getting an IT job. --ZacBowling 00:39, 27 May 2006 (UTC)

[edit] Both are relevant (Acctg & IT)

Accounting and IT must work together to achieve optimal accuracy in the implementation of SOX. I have worked in accounting for 20-years and have also had the opportunity to bring together IT and accounting personnel for optimal efficiency. Everyone has to be willing to contribute and work towards the good of the your company. By the way an AA,BA,MBA and CPA etc.. are also required to study the SOX laws and compliance, prior to acquiring their degree or certification. —The preceding unsigned comment was added by 66.176.195.141 (talk) 15:08, 26 February 2007 (UTC).

[edit] The Future of SOX 404 Compliance

Does the article cited really have all those misspellings? For example:

  • "Understandable" where "understandably" was clearly meant?
  • "Shoed" where "showed" would be proper.

If not, these should be corrected; otherwise, a [sic] or three might be in order. Robert A West 15:42, 15 Jun 2005 (UTC)

PCAOB is now considering changing Auditing Standard 2 and quite a few other important elements. Please refer to http://www.pcaob.com/News_and_Events/News/2006/12-19.aspx to update the current status of SOX. I tried but my comments were deleted.171.18.2.84 14:18, 23 January 2007 (UTC)

[edit] Poetry

You can find Poetry on Sarbanes Oxley at

http://manofissaquah.blogspot.com/2006/03/sarbanes-oxley.html

24.17.210.88 06:06, 13 April 2006 (UTC)manofissaquah.blogspot.com

[edit] Some formatting stuff

Not exactly an expert on this stuff, but does "Ban on personal loans to any Executive Officer and Director" have to be emboldened? Seems to me that it should be left unbolded...
-- N3X15 ( Scream · Contribs) 20:12, 29 April 2006 (UTC)

[edit] GAO Report on SOX Challenges for Smaller Companies

The GAO, for anyone unfamiliar with it, is the US Government Accountability Office, typically investigating areas of US government and US industries, on behalf of the US Congress.

They just came out with a Report to the Connuttee on Small Business and Entrepeneurship of the US Senate on challenges for SOX implementation at samll public companies, defined as smaller than $ 700 million.

http://www.gao.gov/cgi-bin/getrpt?GAO-06-361

I just printed it out and am beginning to digest it.

There have been allegations that implementing SOX is such a huge imposition on small companies that many of them have been going private instead. The report agrees that it is a huge imposition, but the SEC is doing something about it. GAO thinks they should do more. Also, while there has been a rise in public companies going private, the report shows that many of them are for other reasons than SOX.

I work in computing. I know from my prior readings that SOX has a huge impact on a company's accounting, internal auditing (which is practically non-existant in small companies), management, and computing. For example, I do all the computer modifications, texting, analysis, whatever needed. If my employer wanted to be compliant with SOX, they would have to have a bunch of different people doing pieces of my job.

Although we are not public traded company, it is my understanding that if we were to take on an investor from another company, to be added to the company owners, SOX would apply to us, retroactively. Also some lending institutions are asking that companies they loan money to show they are in compliance with SOX, whether or not it applies to them for any other reason.

Some companies that my employer does business with, both customers and vendors, are public and under SOX, which imposes some burdens on us. I think the fact that we have ISO 9000 certification, and have not yet been implicated in any security breach, provides a security blanket against some of those burdens.

User:AlMac|(talk) 06:30, 9 May 2006 (UTC)

[edit] Wall Street Scandal Reminder

For anyone who may have forgotten why this legislation exists, check out this big picture on the Wall Street scandals that precipitated SOX. http://www.wallstreetfollies.com/diagrams.htm (Scroll down to get the full picture.)User:AlMac|(talk) 06:40, 9 May 2006 (UTC)

[edit] A complete mess

This article is still a complete mess. I'll do as much cleanup as I can (there are still many instances of redundant links, poor wikiformatting, etc.) but such a notable topic needs a better article. Paul 20:50, 16 May 2006 (UTC)

[edit] Fantastic job, my friends!

Nice overview. Clear. Concise. Helpful. Good insights. Thanks. --Rednblu 18:00, 18 May 2006 (UTC)

[edit] Updates to article June 2006

This is in reference to modifications on 22 June 2006 by 24.34.22.119:

  1. is the PCAOB really the most important result of the act?
  2. reference to lobbying, "The auditing industry had lobbied for this requirement [presumably ss302 and 404] for decades; ironically, the collapse of one of its members in the scandals (Arthur Andersen) finally earned the industry this lucrative new line of work" has been removed. I realise that the removed material was very POV, but maybe the background should cover previous attempts to get reporting on controls. m.e. 05:26, 22 June 2006 (UTC)

[edit] Discrepancy in cost of implementation data provided (table)

Hi,

I am hoping someone can provide answers to the following 3 questions:

First, there seems to be a conflict in the trends in the 2nd and 3rd rows of the table showing "Average Additional Audit Hours" and "Average Total Compliance Cost (millions)" versus "Company Revenue"? For example, for increasing company revenues, the hours reported go up from 6,285 to 20,756, then they fall to 11,540 before going up to 19,000 again. If there is an explanation for this would it be possible to include that in the description?

Secondly, the highest cost number provided ($1230.3M) looks like an error (try computing $/unit hour). Also compare it to the data for companies in the $5B-$10B range, which has a similar #hours.

Thirdly, is this data meant to support computation of average $ cost per hour of labor? If so, unit labor costs are in the range of $295/h. Is this a realistic number?

Thanks, AD


[edit] "Jerrybuilt" link

I added the link to Jury rig to the word "jerrybuilt" so that readers could discovery that the word has an origin that pre-dates the racially offensive use of the word "Jerry" to refer to Germans during World War II. The link occurs in the sentence, "Improvisational approach: Another symptom of deadline pressure showed up in the jerrybuilt practices that carried many companies through the first year." r3 17:59, 7 September 2006 (UTC)

[edit] Link to Sarbanes-Oxlay interactive forum

There is a link at the bottom of the article to "An interactive forum dedicated to the Sarbanes-Oxley Act". This page seems to have almost no data pertaining to SOX compliance. The page appears to have been quickly thrown together, with its main purpose being to display ads. I do not believe this link is valuable at all, and should be removed.

Are you serious? Have you looked at their actual forum: http://www.sarbanes-oxley-forum.com/modules.php?name=Forums ?

This is probably the biggest collection of SOX related information on the internet (that I could find anyway). 6,000 articles/posts, covering almost every aspect you can imagine. It was a goldmine to me when I had a project to do, which I didn't enjoy by the way. The chaps who post there were also most helpful.

I can only imagine that somehow you missed this.

[edit] Big 4 profits as a result of SOX

I think it is important to mention that accounting firms have made huge profits as a result of this legislation. Most CPAs attribute the big bonuses in 04-05, and the continued increased hiring in the field, to the passing of the legislation.Mathacke 21:16, 11 January 2007 (UTC)


[edit] A Request for Elaboration in the History Section

When the article talks about how SOX was created mostly from Sen. Sarbanes' bill, it mentions that Sen. Sarbanes' bill was mostly just strengthened. Could someone add why Rep. Oxley's bill wasn't much of a contribution? Forst 22:57, 13 January 2007 (UTC)

[edit] Open letter to repeal Sarbanes-Oxley Act of 2002

Added a link to an open letter to the United States Congress regarding efforts to start an investigation into, and to possibly to repeal the Sarbanes-Oxley Act of 2002.

Open letter to repeal Sarbanes-Oxley Act of 2002


On April 14, 2005, Mr. Ron Paul, who was from Texas and a member of the United States of America's House of Representatives, introduced bill H.R.1657. It is a total of eight (8) lines. Here is the bill.

Section 1. Short Title.

  This Act may be cited as the "Due Process and Economic Competitiveness Restoration Act".

Sec. 2. Repeal.

  Section 404 of the Sarbanes-Oxley Act of 2002 (15 U.S.C. 7262) is repealed.

In his remarks to his colleagues introducing the legislation -- as presented in the Congressional Record -- Mr. Paul raised the issue of Constitutionality. He suggested that the US Constitution does not grant authority to the federal government to regulate accounting standards of private corporations. Mr. Paul may not have been aware that one of the USA's "Founding Fathers," Thomas Jefferson, died broke because, as brilliant as he was, he did not follow double-entry accounting. Jefferson said that a transaction was either a debit or a credit, but not both. For those unfamiliar with accounting, if I sell a widget for $100.00 cash, I debit cash for $100.00 for the amount of cash I receive, and I credit sales revenue for $100.00. This allows me to know why I received $100.00, and that a debt has been paid.

This bill appears to be alive, albeit not going anywhere at this writing. (February 13, 2007)

141.199.248.2 19:19, 13 February 2007 (UTC)Frank G.

[edit] Formatting

This article is poorly formatted, but I am not particularly good at formatting it myself. Perhaps somebody who is more of an expert can help? Why are there no references? Why are all of the citations in the form of external links instead of footnotes to that site? That is pretty lazy and not how Wikipedia articles are supposed to be. Perhaps someone who is good at adding references could clean this up a bit? Thanks. Wikipediarules2221 01:15, 18 March 2007 (UTC)

[edit] POV tag

  • There is an extensive academic criticism of the Sarbanes-Oxley Act that is utterly absent from this article; when it is hinted at, it is improperly belittled with unsourced statements that violate WP:NOR. One estimate is that the legislation has cost the US $1.4 trillion.[1][2]
  • There is no mention of the current lawsuit challenging the constitutionality of the PCAOB.
  • There are many examples of improper phrasing: proponents "observe" while opponents "assert." Plain violation of NPOV. -- TedFrank 09:20, 20 March 2007 (UTC)
Retrieved from "http://en.wikipedia.org../../../s/a/r/Talk%7ESarbanes-Oxley_Act_0407.html"