Internal controls – a management briefing

In association with KPMG

Editorial by Paul Grant

Those of you breathing a sigh of relief following the first year of
Sarbanes-Oxley compliance mustn’t rest too long. Year two of the legislation
isn’t far away, and if you want to avoid seeing projects that could bring
benefit to the business lose out on valuable resources, then the process to
improve on last year needs to start now. It happened in year one and will happen
again unless you are prepared.

Fortunately, a lot of lessons have been learned, not just within the
companies themselves, but also by the auditors, advisers and regulators, which
should make the process a lot smoother come round two.

And while this can help to reduce the burden somewhat, tightening up your
internal controls and risk management procedures can bring about additional
benefits that you may not have considered previously.

Most of those involved have little good to say about Sarbox in a regulatory
sense, but some of the processes that have been forcibly embedded into
companies’ daily operations due to the regulations can be exploited to improve
company performance, and eventually improve the bottom line.

This management briefing looks at some of the ways that businesses can
transform themselves into much leaner, more efficient and effective machines,
and the role that risk management and controls can play in this -­ from the
changing role of the corporate finance function to outsourcing your compliance
procedures, improving IT systems, effective project management and the
application of enterprise risk management and procurement strategies. All these
areas can be exploited to raise a company’s game.

Now, I’m not saying it is going to make the whole, painful process that
everyone has had to endure so far worth it. It had to be done and it has been
done, so why not make the most of what comes out the other end? Perhaps that
bitter pill does come with a spoonful of sugar after all.

Click on the headlines below to read the Internal Controls management
briefing chapter by chapter…

Overview: The balancing act
Corporate legislation and the advent of globalisation have made it difficult for
company bosses to juggle performance and risk management.

Sarbanes-Oxley: The chains gang
The heavy burden of financial regulation imposed by Sarbanes-Oxley in the US
have given rise to plenty of corporate groans, but its shackles look

Disclosure: Data day grind
With investors demanding more transparency from finance heads, today’s FDs are
more akin to chief executives than number crunchers.

Sarbanes-Oxley: Opportunity knocks

Sarbanes-Oxley has revolutionised the way content is compiled, creating new
opportunities in business areas such as IT and communications.

Facts and figures: The regulatory

Some facts and figures surrounding the level of regulation in business and
management’s approach to it.

Risk management: The danger zone

Enterprise risk management: failure to manage your company’s environmental and
social impacts undermines business value and encourages regulation.

Project management: Fly or

The bigger the project, the harder it can be to steer to a successful
conclusion. Our reporter asks the experts how to make a project work.

Procurement: By the buy
A sound procurement process can offer vital business benefits, but for some
companies it remains a missed opportunity. Our reporter explains why some firms
fail to recognise their buying power.

Technology: Ready-made remedy
The list of poorly executed IT projects in the public sector is long, and their
cost to government high. Despite steps to remedy this, will there ever be a
winning solution?

10 Tips: Look back, get

Sarbanes-Oxley is now well established. While some companies have adopted IT
with little fuss, others have done so begrudginly. Perhaps now is the time to
consider compliance plans, determine whether they are efficient and overhaul
those that aren’t. Our ten tips can help.

Related reading

aidan-brennan kpmg
The Practitioner