“SOX compliance” and “section 404” are buzz words recently, not only at USA, but also at China, for those companies listed at Nasdaq. They set up special team to build compliance controls for the enterprise, commonly named “Team 404”. For an instance, China Mobile, the largest mobile carrier at China, has assigned a 404 team to be responsible and boost the whole compliance affairs. At the same time, CMCC group assigned 4 trial province sites at Fujian, Tianjin, Shanxi, Hubei respectively.
China Telecom, the largest fix line operator at China, has been working on their COTS (Commercially Off-The Shelf) ERP and CRM for around two years to advance the compliance journey. Kunming (by IBM) and Suzhou (by BearingPoint and BEA) are two trial sites for the BPR (Business Process Re-Engineering) approaches.
China Netcom (CNC) has invested a lot of resources to get their ERP online at the earliest time to comply the compliance.
SOX compliance, while generating a gold mine for the “big four”, will disclose financial information of public list companies more trustworthy and stablish the financial and security market.
During recent study and investigation of SOX compliance methodology and architecture, a lot of good documents are found via the Internet. At this moment, here is a good paper by Redmonk.com, click to donwload it to your harddisk.
At the risk of reading like a cliché, compliance is a journey not a destination. Rarely is anything completed. Rather, compliance calls for constant attention, tweaking and vigilance combined with a balancing of cost, risk and transparency. Sarbanes Oxley, for example, is very much a living regulation. Upfront costs can be conceived of as similar to corporate year 2000 (Y2K) projects for some organizations, but unlike Y2K, Sarbanes requires ongoing improvements in process controls and reporting.
What is Compliance?
Simply put, compliance is the process of adhering to a set of established guidelines or rules established by external bodies such as government agencies or by internal corporate policies.