New guidelines for auditors of Sarbanes-Oxley compliance could take effect later this week, lowering the cost of SOX initiatives and reducing companies' dependence on auditors to interpret SOX requirements.
The Public Company Accounting Oversight Board (PCAOB) -- a private, nonprofit entity that gives guidance to the many auditors who evaluate SOX compliance -- on Thursday is scheduled to vote on a range of new recommendations, many of which will make it easier and less expensive for companies to meet the legal regulations.
"These changes could have a very profound effect on the whole compliance effort," says Chris Davis, manager of compliance knowledge management at Cybertrust, which offers security and compliance tools and services. "It's going to take some of the pain away. It's not morphine, but it could at least be Tylenol with codeine."
"If it passes, it will allow companies and auditors to worry more about the things that matter when it comes to financial fraud," says Patrick Taylor, CEO of Oversight, which makes software for analyzing the accuracy and security of financial transactions. "Companies will be able to focus their attention on the more common paths to fraud, such as changes to the general ledger and revenue recognition, and not worry about unlikely paths, like backup."
Since its passage in 2002, SOX has been an incredible drain on corporate IT and security resources. The chief problem is that the law, which is designed to keep public companies from cooking their own books, is extremely vague in its requirements, particularly with regard to IT.
With the move to the cloud, CISOs must shift priorities from operating security programs to overseeing (monitoring and auditing) outsourced cybersecurity programs.
2022 was a boon year for IT salaries. 2023 came in like a beast with layoffs, raise freezes, and ChatGPT, but that beast has few teeth.
Age is only a number. Don't let a high number cancel your career.
