Ongoing Training for SOX 1575



  • Is this a requisite for the Act? for all staff??



  • This is not mandated by the law.
    It would be in your best interest to have some sort of ongoing training plan to cover new-hires and staff reorganizations. This will help to ensure the quality of your SOX documentation and testing work.



  • I agree with Kymike … Training isn’t absolutely required. Still, I think most members here feel that it’s essential for meeting SOX regulatory requirements efficiently and effectively in your organization 🙂
    Search forums for ‘training’
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=search
    One good discussion thread on this
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=1414



  • Another good training resource and presentation for SOX from Protiviti Consulting:
    Assessing Risks and Internal Controls: A Training Presentation
    knowledgeleader.com/iafreewebsite.nsf/content/COSOAssessingRisksandInternalControls.OpenDocument
    be sure to insert www. in front of the link above.
    milan



  • As others have stated there is no requirement on this.
    Additionally, i would suggest that most people in an organisation do not need training ‘on Sarbanes-Oxley’ - rather they need training on what is required within your organisation to support the system of internal control and embed good control practices within day to day operations.
    Very few people will require the detailed level of knowledge to ensure that the company’s system of internal control complies with SOX.



  • I agree that the training need not be on SOX, but rather on what constitutes good internal controls and how best to document the processes and controls as well as proper testing.



  • The link earlier provided is for a good document and training presentation to process owners. It does not include any references to SOX or Sarbanes-Oxley–rather, the focus is to serve as a basic training document and tool that can be used to provide process owners with a basic overview of internal controls, control types, the COSO Framework, and effective control techniques.
    Milan



  • Denis,
    I made it back across the pond again, but this time I am in Borehamwood working on another subsidiary. I still plan on connecting with you for a beer on one of my trips over to the London area.
    Mike



  • Good stuff. Borehamwood is a bit out of the way for me but if you’re in Surrey or Central London we could catch up. My email is in my profile for the next 24 hours - drop me a line and I’ll give you my work email.



  • Additionally, i would suggest that most people in an organisation do not need training ‘on Sarbanes-Oxley’ - rather they need training on what is required within your organisation to support the system of internal control and embed good control practices within day to day operations.
    I also agree with our ‘Sox Gurus’, that everyone doesn’t need extensive training on SOX within their organization. Certainly, the SOX compliancy core team needs the most training. 🙂
    However, I feel it’s advantageous for everyone involved in the SOX process to be provided an overview of SOX. This might include what the overall goals are, and techniques for compliance. This can accomplished in a brief kick-off meeting so that folks get a sense of the importance, ‘what to do’, ‘what not to do’, and who to contact for questions.
    Below is an example where training was needed beyond just the core SOX team in that a USD.50 financial exposure was trying to be controlled, due to misinterpretations regarding what SOX is intended to do. Through a kick-off meeting, a very simple email, or Intranet web site devoted to what Sox means within the organization – it might reduce confusion and result in better efficiencies
    Improperly implemented Sox controls - USD.50 financial exposure
    http://www.sarbanes-oxley-forum.com/modules.php?name=Forums-and-file=viewtopic-and-t=1506

    Very few people will require the detailed level of knowledge to ensure that the company’s system of internal control complies with SOX.
    Agreed – As noted above, I think it’s helpful for everyone involved in controls to have a 30,000 foot view of what SOX is all about, it’s importance, and who to contact for questions. This type of overview has helped us at least in my own company 🙂



  • I actually think that all of the people in a company that deals with financial controls should know what SOX is, why it’s here and what to do and not do is. A 15 min presentation should be more than enough to cover the more important aspects.
    Even if we try to make this a priority in our organisation, we still find that people are answering ‘Because SOX want’s you to.’ or ‘It says so in the SOX Act.’ when they don’t know why things are the way they are.
    Don’t teach people to accept things just because it’s ‘SOX’.



  • I actually think that all of the people in a company that deals with financial controls should know what SOX is, why it’s here and what to do and not do is. A 15 min presentation should be more than enough to cover the more important aspects.
    Even if we try to make this a priority in our organisation, we still find that people are answering ‘Because SOX want’s you to.’ or ‘It says so in the SOX Act.’ when they don’t know why things are the way they are.
    Don’t teach people to accept things just because it’s ‘SOX’.
    Totally agree with that.
    Our standard presentation intros with what is SOx, why did it come about and what is it trying to achieve - and this is presented as important background information. I don’t think one needs to go much beyond this though. I to tend to focus on what process and control owners need to prioritise i.e. ensuring that controls, and processes, operate effectively over time according to our corporate standards.


Log in to reply