A Common GOAL
Since the passage of SOX some five years ago, too many publicly traded companies have focused their Sarbanes-Oxley compliance efforts solely on financial reporting, considering SOX compliance to be a matter for the legal department to handle in coordination with accounting. But effective teamwork between two other corporate departments, i.e., risk management and human resources, can also be critical to your company's SOX compliance efforts.
The stated purpose of Sarbanes-Oxley to "protect investors by improving the accuracy and liability of corporate disclosures made pursuant to the securities laws" cannot be accomplished simply by "getting the numbers right." In the real world, corporations can act only through their human assets, i.e., employees who must be trained, disciplined and encouraged to conform their actions to the requirements of Sarbanes-Oxley, thereby minimizing the risk of loss to the shareholders. In protecting these essential assets, the complementary roles of risk management and human resources are indeed critical.
This article appeared in the November 2007 issue of Risk Management magazine.