[ISN] UK could learn from Sarbox mistakes

From: InfoSec News (isn@private)
Date: Tue May 09 2006 - 23:09:32 PDT


Paul Grant
Accountancy Age
04 May 2006

The worst seems to be over for US companies forced to comply with the 
burdensome Sarbanes-Oxley Act, with further evidence emerging that 
auditing costs related to section 404 of the rules are dropping.

The general opinion now is that, as well as identifying efficiencies 
during the second year under the new laws, the higher costs first time 
around were also attributable to many mistakes made by companies 
trying to implement the new rules. UK companies could do well to learn 
from this, according to Dawn Cresswell, part of UHY Hacker Young's 
Sarbox advisory team.

 From 15 July, UK companies with a listing in the US will also have to 
face the same tough rules on internal controls. But as Cresswell said: 
'UK companies have the advantage of being able to see what mistakes 
have been made in the US and making sure they don't make the same 

'US companies found they had misallocated a lot of their time and 
money in trying to achieve the first year of Sarbox compliance. They 
have now learnt from these mistakes and the dramatic reduction in 
costs in the second year reflects a more considered approach.'

This view is backed by a recent report from consultants CRA 
International. Using data from Big Four clients, it found that audit 
costs for section 404 compliance among a sample of Fortune 1000 
companies had dropped 44% on the previous year to an average of $4.8m 

Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.

This archive was generated by hypermail 2.1.3 : Tue May 09 2006 - 23:52:30 PDT