CHAPTER 10

IT'S A FLAT WORLD AFTER ALL

PART ONE: THE LONG REACH OF SOX

SOX requirements are paving the way for an expansion of the role of the internal auditor, both within individual companies and around the world. Some multinationals have already been complying with SOX requirements, even before being legally bound to do so. Banking organizations have been using the COSO framework and Section 404 too, as have healthcare and other not-for-profit organizations. According to feedback posted by the PCAOB/SEC, following a roundtable held on May 10, 2006, many financial executives believe that incorporating the spirit—and in many cases, the letter—of SOX leads to better-managed businesses and, consequently, more profitable and sustainable ones.¹

At the same time, the costs of SOX compliance have been the subject of lengthy debates ever since the legislation was passed. Why then might so many companies choose to comply with this legislation? “Even in countries where audit reporting is not governed by SOX, many executives are voluntarily complying with its requirements,” said a General Manager with SAP. “They feel that with better controls in place, their reporting will be more credible, customers and investors will have more confidence, and they will achieve a premium place in the market.”²

How the SOX legislation will be specifically implemented and to what degree it will apply to smaller companies are yet to be fully determined. However, the process of collaborative communication ...