ANN M. MARCHETTI

Quick and easy implementation and maintenance guide for ongoing Sarbanes-Oxley compliance
For most companies, achieving compliance to the Sarbanes-Oxley Act (SOX) has proven to be more challenging, and more costly, than initially anticipated. In many cases, initial and second-year compliance efforts were found to have strained company resources, causing a shift of focus away from such areas as internal audit in order to meet SOX requirements.
Sarbanes-Oxley Ongoing Compliance Guide: Key Processes and Summary Checklists provides controllers, CFOs, and auditors with step-by-step guidance to setting up an ongoing compliance program for SOX in a quick, easy-to-follow manner. This essential book discusses crucial issues such as who should spearhead Sarbanes-Oxley compliance, how it should be set up, and which SOX issues need to be monitored by function.
Highlighting the key issues that need to be addressed, this book provides your organization with practical tools including customizable checklists sorted by function for the SOX implications that correspond to various business functions, such as finance, accounting, IT, and management fields.
Today, more than ever, a properly structured internal audit function can be a tremendous benefit to an organization, impacting not only regulatory compliance, but also operational excellence. Concise and clear in presentation, Sarbanes-Oxley Ongoing Compliance Guide: Key Processes and Summary Checklists shows you how to help your organization put in place a successful enterprise risk management program. This important book arms you with the vital components of a detailed compliance plan that makes the most of technology to assist in reducing ongoing compliance costs.

ANNE M. MARCHETTI is the former Global Service Director of Governance and Risk Management Practice at Parson Consulting. She has worked with numerous clients on initial and ongoing compliance initiatives and is frequently quoted in the media and speaks at conferences on related subject matter.

CHAPTER 1: THE PATH TO ONGOING COMPLIANCE.
The Origins of the Sarbanes-Oxley Act.
Generating Value from Compliance.
Finance Checklist: Compliance Activities That Deliver Value.
Moving Beyond Initial Compliance.
Reevaluating the Compliance Program.
Ongoing Compliance Considerations.
Ongoing Compliance Strategy Checklist.
Remediation Prioritization.
Checklist: Control improvements.
Checklist: Sarbanes-Oxley compliance and financial reporting improvements.
Checklist: Productivity improvements.
Process Improvement.
Operational Structure and Efficiency.
Benefits of Centralization/Standardization.
Benefits of Decentralization/Customization.
CHAPTER 2: OPTIMIZING COMPLIANCE EFFORTS.
Current Compliance Challenges.
Future State Opportunity: Compliance Optimization.
Governance.
Enterprise Risk Management.
Compliance.
Issues to Consider When Optimizing Compliance.
Checklist: Issues to Consider when Developing Monitoring/Maintenance Plan.
Checklist: Steps to Address On-going Compliance Planning.
Ongoing Compliance Plan.
Ongoing Reporting.
Customize Your Compliance Plan.
Checklist: Factors that Influence a Compliance Strategy/Plan.
Right-Sizing Best Practices.
Outsourcing.
Control Testing.
Control Automation.
Accelerate the Close Process.
Integrated ERM and BPM Solution.
The Role of Internal Audit: Balancing the Compliance and Audit Functions.
Checklist: Internal Audit.
The Evolving Role of the Audit Committee.
Checklist: Audit Committee Best Practices.
Checklist: Five Critical Questions Audit Committees Should Ask.
CHAPTER 3: THE TIME HAS COME FOR ERM.
The Benefits of ERM: Value Preservation and Creation.
Implementing ERM.
Checklist: Goals of the Risk Management Framework.
Enterprise Risk Management Cycle.
Risk Identification.
Checklist: Risk Identification Questions to Consider.
Checklist: Risks to Identify.
Risk Analysis/Quantification.
Checklist: Risk Analysis Questions to Consider.
Checklist: Key Actions.
Organizational Assessment.
Checklist: Quantification of Risk Exposure.
Reporting and Monitoring.
Communicate Results.
Monitor.
Checklist: Ongoing Risk Monitoring Process.
Risk Management Requires a Well-Informed Audit Committee.
Maximize Future Performance through BPM and ERM Integration.
Nine Steps to Effectively Integrate BPM and ERM.
Integration Captures Past, Present, and Future Performance.
The Benefits of a Joint Approach.
CHAPTER 4: ADDRESSING COMPLIANCE CHALLENGES THROUGH AUTOMATION.
Software Can Add Value Beyond Compliance.
Monitoring Software.
Utilization of Continuous Monitoring: Control Testing and Control Automation.
Benefits of Continuous Monitoring.
Continuous Monitoring Tool Considerations.
Functions to Consider When Evaluating Continuous Monitoring Tools.
The Continuous Monitoring Process.
Data Acquisition.
Data Warehousing.
Data Analysis.
Exception Remediation.
Risk Management Software.
Unifying Financial Statements, Close Tasks, and SOX Controls.
Determining the Right Solution.
Define Business Requirements.
Checklist: Tasks to Define Business Requirements.
Identify Vendor Candidates.
Select Tool and Plan Implementation.
APPENDIX A: ONGOING COMPLIANCE CHECKLIST.
Plan, Design, and Build.
Implement.