Thank Enron, WorldCom, and all the other corporate reprobates for the heavily regulated world of business in which we all now reside. It was rightly thought that continued falsifications of financial data (particularly earnings, charge backs, etc.) by corporate management could erode the trust of the investment community to such a degree as to imperil the viability of the stock market itself. Sarbanes-Oxley (SOX) was a direct response to this threat.
Now that we're all stuck with this weighty legislation, how can companies leverage their compliance status so that their investments in compliance with SOX and other regulations can be translated to value and even profit? It is understood that investments in compliance projects, especially in IT, can involve capital expenditures in the tens of millions and more. Pundits on the right ocassionally decry this loss of operating capital to corporate infrastructure, increased pay, development, etc. This may be so, but the reality of SOX is this: it is not going away, and we should find a way to leverage compliance efforts so that investments in compliance are not considered only as necessary "write offs". This goal is attainable, and leveragable!
Your company may already be Sarbanes-Oxley compliant. If so, you want to stay compliant. In addition to the technical and business processes that ensure ongoing compliance, you must have written policies in place that require compliant processes and procedures. These policies must be available to all employees, clearly written, and involve measurable actions for employees to follow so that they know, and observers (e.g., external auditors) can verify, that the policy itself is compliant and that it is being followed.
Policy documentation is governed by rules of access, validation, review, etc. These are essentially documentation management best practices. Airship! Communications can assist you in writing policies, reviewing the documentation that you have, and in making recommendations for improvement.
Your corporate policies should be auditable, readily available, clearly written, and foster compliance as directed by SOX and whatever other regulatory obligations your company is required to follow. Airship! Communications can be onsite, reviewing your materials, helping you improve and build the policy set to help bring your company into compliance and keep you there. A sustainable approach to policy development and management is one of the keys to compliance.
Your IT department will implement technical controls wherever possible and practical. These controls are mainly built around access security and protection of financial data. Financial data is at the heart of SOX. Access to systems that hold and process financial data is of particular importance. If your company has a "significant deficiency" in this area, Airship! Communications can assist you in analyzing your systems, documenting them, and identifying ways to become compliant. Knowledge and documentation is crucial to audit reporting, compliance, and continued success.
Superior analysis, and comprehensive well-written documentation is critically important to your efforts. Airship! Communications will help your company create comprehensive IT systems analyses that are effective for both IT and business professionals. These analyses should be the basis upon which IT and corporate leadership build their remediation efforts. In such projects, accuracy and clarity are paramount. The need for a seasoned professional with both communications and IT experience is very real - Airship! Communications will deliver these documents based upon an understanding of requirements/guidelines and direct research at your facilities with your staff who best know how your systems function. This combination of communications and IT experience is unusual and difficult to find. But, no longer. Airship! has extensive experience and skills in both IT and communications. Leverage this combination to the benefit of your company! Only with the clarity of purpose, mission, and understanding of how IT systems function that comes from many years of experience in varied IT and corporate environments can such documents be created. This clarity that comes from a depth of knowledge and experience in the two key areas-communications and IT systems and processes is what Airship! offers. That's where Airship! Communications comes in!
Financial information (created, stored, accessed, manipulated in IT systems and applications) is used to create financial reports that are then disseminated to the public (e.g., investor community). These corporate financial reports are auditable. The purpose of SOX is to assure as much as possible that these reports are accurate and verifiably so. When your company has the pleasure of hosting an external auditor for a compliance audit, call Airship! Communications first! Airship! can help you prepare for your audit so that your documentation is solid and audit compliant. When your company is compliant the easiest way to demonstrate this to an auditor is with comprehensive documentation. Airship! Communications can help you and your staff prepare documentation that will make your auditors happy!