Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, Matt Kelly and I go into the weeds on issues raised around SOX compliance by internal audit functions in corporations and the use of tech solutions to improve things by a recent report of the SOX Professional Group.
Some of the highlights include:
- Why is SOX compliance still ‘a big hassle’?
- A recent report by the SOX Professional Group found that internal audit is taking over more SOX reporting.
- Why has internal audit been asked to take over more of this role?
- Why would the SEC want to reduce award levels at the high end? What is the constituency for this position?
- The SOX Professional Group report noted that SOX compliance costs are increasing; why did an earlier Protiviti report show costs were ‘drifting downward’?
- Where are companies on the use of new tech solutions to facilitate SOX Compliance?
- Why are 73% of all companies still using Excel spreadsheet to report on SOX compliance?
- What role, if any, does internal audit have in cyber security?
- Why is cybersecurity not seen as a high risk from SOX reporting perspective?
For additional reading see the following:
Matt’s blog post, Report: SOX Compliance Still a Pain, on Radical Compliance.