Document Management or Enterprise Information Management is possibly probably the most important from the enterprise solutions which will solve the different needs of SOX. Several parts of SOX possess a direct effect on the way digital documents/records from the enterprise are produced, reviewed, approved, stored, retrieved, transferred, and destroyed.
Understanding Management: Document & Records Management
Estimates happen to be made calculating that the considerably large proportion (some say, greater than 70%) from the documents of a company have been in gifs and can not be observed in hardcopy.
Based on Gartner’s Editor in Chief James Lundy: Records management will end up a high 10 problem for many CIOs in next season.
Within the following, we’ll discuss the different parts of SOX that the document management solution may help in submission with.
Section 302: Based on Section 302, the Chief executive officer and CFO need to personally approve the fiscal reports and disclosures produced by the organization on authenticity and precision. This involves a method in position that can make the Chief executive officer and also the CFO certain that all of the disclosures that the organization makes are accurate and authentic. You can do this in 2 ways:
The first is to trickle-lower down to the Chief executive officer and also the CFO towards the lower management levels as well as in response bubble-in the sign-offs in the lower management levels on all documents which are inputs to the organization filings.
Second would be to design comprehensive business processes that leave the organization filings. The company processes is going to be designed in an exceedingly rigorous manner to conform with the provisions and proper implementation and training of all of the personnel associated with the company processes is going to be transported out and tested on the periodic basis. Further, the company processes themselves is going to be available to stringent internal audits that’ll be transported out every so often.
One, or a mix of these two practices goes a lengthy way towards making certain proper compliance.
For these options it’s obvious that the strong enterprise-wide document management system will give you the building blocks which the compliance will really be transported out. Within the first situation, the sign-offs could be configured utilizing a workflow module from the document management system. Within the second situation, the company process itself is going to be configured within the document management system and all sorts of relevant supporting or input documents too will participate the DMS and appropriate subordination and linking will be performed between your official company filings and all sorts of input documents into it.
As evidence of the records supporting the ultimate company financials–as filed or reported–you should archive all of the emails, stand out sheets, messages or any other communications and documents which were exchanged which brought to some final certified filing through the Chief executive officer and CFO. This can safeguard the CxO’s declare that all of the financial statements are in keeping with their understanding and research was transported out before certifying the reports.
Section 404: The Chief executive officer and CFO need to supply a report assessing and certifying the “internal controls” happen to be assessed and therefore are working fine or there are weaknesses and appropriate action has been taken. Submission with this particular requirement is among the hardest areas of SOX and needs an entire slew of individuals, processes and technologies. However, DMS has a huge role to experience within this.
All of the emails and attached documents within the chronological sequence will have to be archived with regards to showing the internal controls work. Ideally, a workflow module will give you added assurance the internal controls are implemented.
Section 103: requires storing the documents for many years for audit companies. The organization being audited would naturally wish to replicate the documentation to protect against any discrepancy or miscommunication or mismanagement. Also another area of the act requires
Section 409: requires near-real-time reporting of material occasions–whether internal or exterior towards the investors and also the regulatory physiques. This can be done using a single enterprise-wide document management system with appropriate “alerts” and notifications and workflow configured based on the style of the compliance-based business processes. This technique would make certain that relevant details are immediately relayed to the peak management (Chief executive officer and CFO) and also the compliance committee and advisors with minimum delays and latency. DMS provides appropriate abilities towards the compliance advisors to supply a recommendation (inside the stipulated time period) associated with each alert and escalate the reports towards the CxOs using the appropriate recommendations. The CxOs may then decide whether or not this merits disclosure underneath the compliance act according to recommendations of the Compliance Committee or Advisors.
Section 802: offers criminal penlties for knowingly altering, destroying, concealing along with other activities, for example presenting false records, associated with impeding or influencing a continuing or potentially approaching analysis with a federal agency. This could demand holding all documents inside a secure system where simply no one out of the organization can transform them after they are finalized. Also this implies a proper document retention and destruction policy that is strictly stuck to (actually, could be shown to be stuck to) and that involves ensuring no document which any investigating agency will need has been destroyed or deleted. Furhter, the act mandates that when the organization comes to understand about a possible analysis all documents relating or in some way germane to that particular analysis are immediately purchased indestructible to or unalterable by anybody–such as the CxOs of the organization. This will make it important to possess a feature associated with creat!
ing and accepting “alerts” in the legal department of the organization about any ongoing or approaching potential investigations and as a result immediate information “vaulting” of related documents. This selection will make sure compliance using this section and save a possible prison term along with a large financial fine not to mention lack of credibility.
This includes a strong effect on a records or document management policy of the company. The organization should create a proper document management policy and follow it inside a timely and rigorous manner. If this isn’t done, the organization is uncovered to severe costs and damage when it comes to supplying documents to hostile parties in “pre-trial discovery”–the legal procedure for supplying all relevant documents towards the opposing party inside a legal suit. Additionally, it exposes the organization to accusations of hiding or destroying relevant documents–if done in a later stage–before any court proceedings are begun against the organization–a la Arthur Andersen’s Enron-related documents.
An efficient document management system will revolutionize the customer experience and provide better ROI on the communications that you have to send out globally to your customers. It will also promote a secure environment for you and your business.