MENLO PARK, Calif.
May 28, 2014
/PRNewswire/ -- Driven by the fallout from the Public Company Accounting Oversight Board (PCAOB) inspection reports of audits over financial controls and requirements to implement the updated COSO internal control framework, companies are facing significant new challenges around their Sarbanes-Oxley (SOX) compliance efforts, according to findings in a new survey by global consulting firm Protiviti (
2014 Sarbanes-Oxley Compliance Survey
), more than 600 audit executives and professionals responded to questions about changes in their organizations' approaches to SOX compliance, plans to address new regulatory requirements and industry guidelines for the 2014 fiscal year, and the cost of compliance.
Nearly half of respondents (48 percent) reported that their organization has yet to begin applying the new
framework to their key controls. More than half (52 percent) of those who indicated they have begun to implement the COSO framework reported that this effort will increase the amount of resources their organization devotes to SOX compliance.
"A surprising number of companies underestimate how much time and effort goes into the implementation process to apply the new COSO framework to internal controls," said
, executive vice president at Protiviti and leader of the firm's Internal Audit and Financial Advisory practice. "Our survey findings suggest a large number of companies are not being attentive enough to these changes and may be behind where they should be in the process."
Among the companies in the survey that faced significant changes to their SOX compliance programs, the majority attributed the changes to the impact of the PCAOB's inspection reports of external auditors that found deficiencies in recent audits of internal control over financial reporting. Forty-seven percent of these survey respondents said that they "very much" believed that these reports were a cause for significant changes. The SOX compliance areas most affected by the PCAOB inspection reports were:
- Testing review of controls (26 percent indicated extensive/substantial impact; 32 percent indicated moderate impact)
- IT considerations (25 percent extensive/substantial; 30 percent moderate)
These two areas also ranked highest in terms of additional time and effort required based on the impact, which drives up the cost of compliance. Nearly half of respondents report these costs are rising, with 41 percent reporting increases of 20 percent or more – a significant year-over-year jump based on past survey results. This is the fifth SOX Compliance Survey Protiviti has conducted.