Research: Sarbanes-Oxley: Are You Ready to Comply?

Big companies are more confident about meeting Sarbanes-Oxley deadlines-and about the adequacy of their compliance budgets-than smaller firms. Is their optimism justified? CIOs may be underestimating the effort needed to gain business value from

  • 88% of CIOs say their IT departments are very involved in compliance
  • 67% say their companies are investing in financial systems to aid in compliance
  • 59% have no IT executive specifically responsible for compliance
  • 44% say their companies will require their CIOs to certify financial resultsTo download results, click here.Complying with the Sarbanes-Oxley Act presents any number of problems, depending on whom you talk to. In qualifying IT executives for this survey, we whittled down more than 600 original respondents to about 200 whose companies are required to comply with Sarbanes-Oxley, and who said they were knowledgable about their compliance efforts. Of those, the large-company CIOs present perhaps the most predictable picture. They tend to be the most confident about their compliance efforts, with both the budgets needed to make their compliance efforts succeed, and the IT systems, financial and otherwise, already in place to make the task go more smoothly.The small companies also share some qualities: Theyre the most likely to say they wont be in compliance with Sarbanes by their deadline, the most likely to cite budget problems as an obstacle to compliance, and thus the most likely to be doing the minimum to comply. The midsize firms, however, are all over the map. Of the three groups, theyre spending the smallest percentage of their overall budgets on compliance, yet theyre the most likely to be investing in financial reporting software and to say they expect business benefits from their compliance efforts.Companies of all sizes are optimistic about their compliance efforts; its less clear whether that optimism is justified.