Controls and more controls are necessary.
When developing IT services the first rule should be: follow the guidelines ISO 9001 for software design.
When you are deploying new applications, be sure to verify all information and reports generated by it, for at least one year. Remember that within an application There are millions of lines with decisions and formulas. When detecting any type of irregularity or failure, immediately report it to the developers so that they can correct it.
The Sarbanes-Oxley Act suggests executives pay more attention to financial information and, asks the directors of auditing firms to take their work more seriously. Many people They do not agree with these demands, because they think they are expensive and beyond the legal powers. But the truth is that corporate management teams need these rules to keep the business process in charge of them safe.
The Sarbanes-Oxley act represents the adjustments necessary to exercise control and stability between investment and corporate performance. Looking at the situation from another point of view, the Sarbanes-Oxley act is sending a message to corporate officials to be more careful in how they manage the economic resources of investors..
Complying with the regulations imposed by the Sarbanes-Oxley Act is a safer way to manage public and private corporations. Do not forget that the CEO and the CFO share responsibility for the implementation and control of Internal Controls.
Transparency in accounting books represents the truthfulness and responsibility of each corporate transaction generated by the business flow. Remember that the business process is guided by the CEO and supported by each executive in the chain of command.
SEC (Security Exchange Commission) regulations are requiring auditors and accountants to reconcile bank accounts and verify compliance with established Internal Controls, to avoid or minimize the impact of fraud. These procedures should be executed monthly by the accounting department and verified by auditors.
The accounting scandals of the past happened because executives have the idea that the computer applications (software) in use are infallible. The truth is that they are dangerously fallible in situations in which auditors or accounting departments do not properly carry out audit tasks. Which means controls and more controls are necessary.
Finally, it would be a good idea to clarify that the accounting department, internal auditors and external auditors are guarantors of compliance with internal controls.
Most of the time we associate internal controls with high execution costs. This fact makes me think: Because not each division or location establishes the work rules, follows them, controls their compliance and verifies them. In this way, the external auditor will bill fewer hours if they detect that the internal controls are solid and strong in that location. Think about it.