In recent 2 years in China, the main rhythm in telecom industry is the compliance journey of Sarbanes Oxley Act (SOX). The four major telecom operators – China Mobile, China Telecom, China Netcom, China Unicom, all have public-list at USA stock market. In a similar time schedule, each of them has spent a lot of man power and money on SOX compliance, to organize, to plan, to build up internal control oriented processes, to buy consulting services and tools, to collect operation records.
Typically, inside an operator, a 404 team, headed by a vice general manager level executives, was assigned to lead the compliance activities. Specialists in each of the main IT departments, e.g. Management Information System Department, Billing Department, Network Department, were assigned to be responsible for the implementation and follow-ups. A series of education has been conducted to improve the awareness of compliance.
All provincial operators are required by their HQ to complete the self-assessment and corresponding remediation in the first half year of 2006, so that they can collect enough records for external auditors to testify the effectiveness of internal control measures. Three of the BIG FOUR accounting firms are external auditors of the four operators – KPMG for China Mobile and China Telecom, Deloitte for China Netcom, and PWC for China Unicom.
In order to improve the effectiveness and efficiency of compliance controls, a series of nationwide security and governance projects are being undertaken, covering IAM (Identity and Access Management), auditing, ITSM (Information Technology Service Management) optimization and etc. Large amount of KPI (Key Performance Indicator) are setup and monitored to reflect the compliance status. Complete auditing systems are under continuous construction and improvement, while periodic and formal auditing processes for the compliance controls are designed and implemented.
We are glad to say that the enterprise governance structure and effectiveness has got unprecedented upgrade inside the four major telecom operators. There is no denying that SOX compliance journey is too expensive for mainland enterprises. The high cost of SOX has had many of enterprises to re-think their IPO plan to Nasdaq.
This page was also published at sbin.cn.
del.etio.us digg it