[Author Prev][Author Next][Thread Prev][Thread Next]
[Author Index (this month)][Thread Index (this month)][Top of Archive]

Re: Sarbanes-Oxley

Subject: Re: Sarbanes-Oxley
From: Dick Margulis <margulis -at- fiam -dot- net>
To: "TECHWR-L" <techwr-l -at- lists -dot- raycomm -dot- com>
Date: Mon, 29 Dec 2003 08:19:44 -0500


Someone wrote:


SOX is a
series of
reccomended practices that must be suited to each organization.


To which Peter responded:
SOX is not recommended, it is legislatively mandated and failure to comply carries criminal penalties.

And I respond that the original assertion is not incorrect and that Peter, while not incorrect either, may have misunderstood.

With Big Government Regulations (BGRs) (the FDA's QSR is one I'm most familiar with, but I'll bet SOX follows the same model, as does the tax code), there are many levels of interpretation interposed between the letter of the act and the practice on the ground.

First, the agency responsible for enforcing the BGR has to draft a set of rules that will be used to evaluate the performance of the regulated companies. Then that draft is subjected to public comment and private arm-twisting for a period of many months, a new draft is circulated, more comments ensue, and some years later a "final" recommendation and guidance is published, after which there are lawsuits and revisions before one more "final" regulation is published (but always subject to change).

Second, nothing in the "final guidance" is a hold-harmless clause. You can follow it to the letter in everything you do, but this does not guarantee that you have complied with the underlying Act and that you cannot be fined administratively for violating it or thrown in jail, either. So you have to know the back story, bring in insider consultants, and pay your own lawyers a fat retainer to review your practices and keep your backside out of the hot bacon grease.

Third, none of the BGR documents actually spell out what you are supposed to do. They provide standards against which inspectors are expected to judge your behavior, but they don't tell you what the content of form of your documentation is actually supposed to consist of. The object is not to micromanage every company in every industry but to hold up a yardstick against which your behavior is measured.

So while it is true that SOX is legislatively mandated and failure to comply can land someone's can in the can, it is still fair to say that it is a series of "recommended practices that must be suited to each organization."

Dick




^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

ROBOHELP FOR FRAMEMAKER TRIAL NOW AVAILABLE!

RoboHelp for FrameMaker is a NEW online publishing tool for FrameMaker that
lets you easily single-source content to online Help, intranet, and Web. The interface is designed for FrameMaker users, so there is little or no
learning curve and no macro language required! Call 800-718-4407 for competitive pricing or download a trial at: http://www.ehelp.com/techwr-l4

---
You are currently subscribed to techwr-l as:
archive -at- raycomm -dot- com
To unsubscribe send a blank email to leave-techwr-l-obscured -at- lists -dot- raycomm -dot- com
Send administrative questions to ejray -at- raycomm -dot- com -dot- Visit
http://www.raycomm.com/techwhirl/ for more resources and info.


Follow-Ups:

References:
Re: Sarbanes-Oxley: From: Andrew Plato
Re: Sarbanes-Oxley: From: Peter

Previous by Author: Re: re Document Versions
Next by Author: Preparing a bid
Previous by Thread: Re: Sarbanes-Oxley
Next by Thread: Re: Sarbanes-Oxley

[Top of Archive] | [Author Index (this month)] | [Thread Index (this month)]

What this post helpful? Share it with friends and colleagues:

Sponsored Ads